Cisco Blogs

Cisco Blog > Security

Security and Network-Based Healthcare

Just read an article in Network World that seems to tie perfectly to my previous post about the intersection between telemedicine and cybersecurity. Read More »

Coming Soon

For those of us whose interests cross sci-fi and the internet (sometimes it seems there’s no difference), we recently celebrated a silver anniversary: 25 years since the publication of William Gibson’s Neuromancer. The book draws me in on so many levels, but what fascinates me most is the security aspect—people are able to ‘jack’ into cyberspace, with corporate and military databases visible as physical constructs, surrounded by an intrusion detection system called ‘ICE’—neuromancer speak for Intrusion Countermeasure Electronics, according to Wikipedia’s glossary for this iconic book. Hackers, known as ‘cowboys,’ play cat-and-mouse with ever more powerful defenses, with the stakes much higher than they are now. You see where I’m going with this? Read More »

Black Hat USA 2009 Summary

July 30 marked the close of the annual Black Hat USA security conference in Las Vegas, Nevada. Though Black Hat events are held at many venues throughout the year, the Vegas Black Hat Briefings are generally seen as the premier opportunities for disclosing security vulnerabilities or unveiling new research. This year’s conference hosted a number of presentations that made quite a few waves in the security industry and in the press. Cisco Security Intelligence Operations has already alerted you to many of these. Read More »

The Active Template Library Vulnerability: What You Need to Know

July 30, 2009 at 12:00 pm PST

On July 28, 2009, Microsoft published two out-of-band security bulletins, MS09-034 and MS09-035, for Internet Explorer and Visual Studio’s Active Template Library. These bulletins are related to MS09-032, which disabled a vulnerable version of Microsoft’s MPEG2TuneRequest ActiveX Control Object, among other things. Cisco has released a Security Advisory that details which products are impacted by this issue as well as those that are not. The team that discovered this vulnerability, Ryan Smith, Mark Dowd and David Dewey, shared their research at Black Hat USA this week. In this post, we share some insight into these vulnerabilities as well as offer advice that can help you minimize the risk of criminals exploiting these vulnerabilities to compromise your network. Read More »

Securing BGP

July 29, 2009 at 12:00 pm PST

Border Gateway Protocol (BGP) is an Internet Engineering Task Force (IETF) standard, and the most scalable of all routing protocols. BGP is the routing protocol of the global Internet, as well as for service provider private networks. BGP has expanded upon its original purpose of carrying Internet reachability information, and can now carry routes for Multicast, IPv6, VPNs, and a variety of other data. For more information on BGP please reference RFC 1163 and RFC 1267.The use of BGP as a routing protocol is ubiquitous on the Internet (used by both Internet Service Providers (ISPs) and non-ISPs). Because of its prevalence, there is a great deal concern on behalf of the Internet community whenever there is public knowledge of a BGP or TCP-based vulnerability that is being or could be exploited. It is this concern that prompted me to provide you with some helpful techniques to secure BGP. Read More »