For the last couple of years, Cisco Security Intelligence Operations has released a series of blog posts for National Cybersecurity Awareness Month. The theme for this month from the National Cyber Security Alliance is “Our Shared Responsibility.” The Department of Homeland Security is running a series on this theme, as are many other private organizations.
Our action and inaction have consequences for systems and services used by us, our friends, and our places of employment. Attackers use accounts compromised due to poor passwords and lack of two-factor authentication to launch other attacks on users connected to those accounts. End-user systems infected with malicious software are leveraged to conduct distributed denial of service attacks against financial and government websites. Users who fall victim to spear phishing attacks open the door for attackers to leap frog their way through sensitive networks and collect proprietary information from our places of employment.
Read More »
Tags: Cisco Security, cisco sio, cyber risk report, cyber security, cyber-security-month-2011, cyber-security-month-2012, ncsam-2013
Who are you? Removing the obvious existential questions for a minute, your identity is often represented as a bundle of personally identifiable information (PII). In the United States PII begins at birth with a name, date of birth, and social security number (SSN). This morning’s KrebsOnSecurity post details the unauthorized access of computer systems (via malicious code) at Lexis Nexis and Dun & Bradstreeet. Both of these organizations aggregate and sell consumer and business PII.
When PII is misrepresented, the experience for the true PII owner can range from unsettling to pure exasperation due to the fact that the victim’s virtual identity must be reclaimed and a consistently proven remediation roadmap still does not fully exist. A recent survey estimated that in 2012 over 12 million Americans were the victims of identity theft.
Fortunately, in addition to the standard PII definition a majority of states –such as California’s Penal Code §530.55 – now include credit card numbers and even computer media access control (MAC) addresses. The comprehensive definition and accompanying legislation is giving law enforcement the ability to charge suspects with identity theft and aggravated identity theft, but individuals still need to be aware of the risks and respond accordingly.
Below are five realistic almost universal U.S.-centric identity theft risk factors followed by guidance on proactively saving you those precious resources – time and money.
1. You don’t control your PII. Read More »
Tags: ATM, credit cards, Dun & Bradstreet, fraud, ID theft, identity theft, LexisNexis, personally identifiable information, PII, risk, TRAC
Today, we released the final Cisco IOS Software Security Advisory Bundled Publication of 2013. We committed to these predictable disclosures back in 2008 because your feedback was clear—they allow you to plan ahead and ensure resources are available to analyze, test, and remediate vulnerabilities in your environments. (For more information on the history of this evolution, take a look at my colleague John Stuppi’s post this past March.) If you haven’t had the opportunity to review my earlier posts on preparing for bundled disclosures or leveraging the Cisco IOS Software Checker tool, I’d encourage you to do so now. Hopefully, the guidance will help lessen the impact of evaluating the recently published Cisco Security Advisories. Read More »
Tags: Cisco IOS software, psirt, security, security advisories, vulnerabilities
Cisco’s Advanced Services has been performing penetration tests for our customers since the acquisition of the Wheel Group in 1998. We call them Security Posture Assessments, or SPA for short, and I’ve been pen testing for just about as long. I’ll let you in on a little secret about penetration testing: it gets messy!
During our typical assessments we may analyze anywhere between 2,000 and 10,000 hosts for vulnerabilities, perform various exploitation methods such as account enumeration and password attempts, buffer/stack overflows, administrative bypasses, and others. We then have to collect and document our results within the one or two weeks we are on site and prepare a report.
How can anyone keep track of all this data, let alone work together as a team? Are you sure you really found the holy grail of customer data and adequately documented it? What if you’re writing the report but you weren’t the one who did the exploit? Read More »
Tags: Cisco Security, exploits, pen testing, penetration testing, security
Miscreants are always trying to put new twists on age-old schemes. However, I must admit that this latest twist has me slightly puzzled. Today, Cisco TRAC encountered a piece of stock related spam touting Apple’s stock, AAPL.
Read More »
Tags: botnet, spam, TRAC