In many parts of the world there was a holiday period and celebration of the New Year, and it reminds me that the world has holiday periods all year round. What happens to your remote access demands during holidays? One would think that being on holiday means no one needs access to corporate resources, correct? Sometimes I really wish that were true. Sadly, that has not always been the case even for me. As an example or two, maybe you can relate to the people below or know someone like this:
Flash has long been a favorite target among Exploit Kits (EK). In October 2014 the Angler EK was believed to be targeting a new Flash vulnerability. The bug that the Angler exploit kit was attempting to exploit had been “accidentally” patched by Adobe’s APSB14-22 update. According to F-Secure, the vulnerability that Angler was actually attempting to exploit was an entirely new bug, CVE-2014-8439. The bug was severe enough that Adobe fixed it out-of-band.
Fast forward to January 2015. With the emergence of this new Flash 0-day bug, we have more evidence that the Angler Exploit Kit developers are actively working on discovering fresh bugs in Flash for themselves. The group is incorporating these exploits into the Angler EK *before* the bugs are publicized. Considering these 0-day exploits are being used alongside one of Angler’s preferred methods of distribution, malvertising, thus intensifying the potential for large-scale compromise. Read More »
Previous blogs in this series, both by Splunk and Cisco, detail how Cisco Identity Services Engine (ISE) can be used to drive enhanced event visibility in Splunk.
Splunk is a machine data platform that allows you to search, report, alert, and visualize any data that it ingests. Cisco ISE brings an added dimension to analyzing all this data; it attaches key contextual data (for example, username, location, network policy status) to events and data analyzed by Splunk. The Splunk for ISE app, a free download from Splunk, comes with a number of built-in dashboards to correlate this machine data with user information and create customizable dashboards and reports.
However, this integration doesn’t just create pretty dashboards – it turns event analysis into action. Read More »
Enterprises use Cisco ISE for securely granting access to visitors and on-boarding employee-owned devices over Wi-Fi. Portals for users to gain access are becoming more advanced, and the next step is for most customers to create a richer customized experience to:
Promote your brand to guests
This week, we released the Cisco 2015 Annual Security Report and used it as a platform to introduce the inaugural Cisco Security Manifesto. Our motivation for creating this set of security principles was to underscore to organizations that they must be more dynamic in their approach to security so they can become more adaptive and innovative than adversaries—and better protect users.