As Cisco’s products and services evolve to new models, we find ourselves coming in contact with our customer’s data more regularly. We approach this role as stewards of this data with our customers interest foremost in our mind. One area of widespread interest as it relates to this data is how we interact with Global Law Enforcement regarding this data. To that end, today Cisco is launching its first global Transparency Report on Law Enforcement Requests for Customer Data. In this report, Cisco details our principles regarding how we will treat law enforcement requests for customer data if, and when we receive such requests. We also provide specifics regarding how many requests we have received from global law enforcement agencies for our customer’s data.
Talos has observed an explosion of malicious downloaders in 2015 which we’ve documented on several occasions on our blog. These downloaders provide a method for attackers to push different types of malware to endpoint systems easily and effectively. Upatre is an example of a malicious downloader Talos has been monitoring since late 2013. However, in the last 24-48 hours, things have shifted dramatically. We’ve monitored at least fifteen different spam campaigns that are active between one and two days. While the topic associated with the spam message has varied over time, the common attachment provided is a compressed file (.zip or .rar) that contains an executable made to look like a PDF document by changing the icon.
When Upatre is executed, a PDF document is quickly downloaded and displayed while Upatre is delivered in the background. The document displayed has been either one of two PDFs. The first PDF, which was used until March 17, contained some information about Viagra:
Though 2014 has come and gone, one trend that dominated its headlines has unfortunately continued to do the same this year. So, what happens to an organization’s cybersecurity readiness plan when there aren’t enough security professionals to protect the network? What are the tested security strategies that can help organizations prepare, manage, respond to and recover from incidents in a quick and effective manner?
During our next #CiscoChat, we’ll seek to answer these questions and invite you to share your thoughts and solutions with us. #CiscoChat is a program where industry experts answer your questions and participate in an open discussion on a particular topic. Everyone is welcome to join simply by searching the hashtag #CiscoChat on Twitter and including it in your tweets to be seen by others participating. Read More »
It was a wonderful honor to be named to Silicon Valley Business Journal 100 Women of Influence just over a week ago; one that will help greatly with accelerating my initiatives for cloud safety—not just for business, but also for us all.
And for the honor, I owe much thanks to many incredible mentors who have believed in me and for the immense opportunities they have provided me.
In my role leading the development of Cisco’s IoT Systems and Software, I spend a fair amount of time speaking at industry events and talking with customers and partners. There is a lot of excitement about the Internet of Everything (IoE) – the intelligent connection of people, processes, data and things to the Internet – as it continues to take hold, bringing unprecedented economic opportunities to both the private and public sectors.