The Microsoft Sidekick data loss was a pretty big story over the last week or two; for a while, Microsoft was predicting a total loss of all data, although by October 15, things seemed to start looking better in that department. Some have already discussed whether this failure should be used to represent cloud computing entirely. (To get it out of the way now — no, it shouldn’t.) But there remains a gap in expectations and some level of assumptions about what cloud computing has to offer.
I suspect that when we use the term “branch” when talking about businesses, many minds think of a bank. But actually, the notion of a branch is much more widespread for organizations as they pursue flexible options for expanding their workforce, as well as globalization. From an IT perspective, the branch has changed from a few remote offices each with multiple people to sometimes thousands of remote workers connecting to the network from their home offices. In fact, according to a recent survey, the number of employees working away from headquarters is approaching 90%.
In a previous post I provided an overview of the Cisco Global Correlation (GC) capability that was recently added to Cisco Intrusion Prevention Systems (IPS). The information sent to SensorBase includes signatures that generated alerts and other relevant data.
I thought it would be interesting to highlight what we can learn from this growing data set. I intend to focus my analysis around FTP-related signatures. Because FTP security issues are relatively well understood, I will be able to highlight the correlation capability we have at our disposal and focus less on the specific threat that is driving my analysis.
About a month ago, there was a coordinated disclosure on a flaw in TCP which affected a number of vendors, including Cisco. As is often the case when a vulnerability is disclosed in a widely-deployed technology such as TCP, it’s in the best interests of customers and the industry alike that everyone agrees on a common solution to the issue, as well as a date and time of disclosure. In this most recent event, the issue was first reported over a year ago — so what took vendors so long to formally address the flaw?
With the recent deluge of phishing attacks (see 1, 2, 3, 4 and 5) it’s time once again to review some of the more common phishing methods and what you can do to spot and defeat them. Below I go over three you’re likely to see: Phishers getting to know you, complimenting, and befriending you. You’ll notice the tactics used by phishers build on each other. Unfortunately, as users have become more sophisticated, so have phishers.
[Before we go further you might be wondering… What the heck is phishing? Is it fun? Does it go well with lemon and dill? Answer: Phishing is the term used for the attempt at getting usernames/passwords/other credentials out of someone through subterfuge. It is only fun if you do it to your siblings or friends in jest. I wouldn’t recommend lemon near your computer.]