Cisco Blogs


Cisco Blog > Mobility

Apple iOS 8 and MAC Randomization: What It means for Cisco’s Connected Mobile Experiences (CMX) Solution

As you may have read, Apple’s iOS 8 will come with some changes to the way MAC addresses are exposed in Wi-Fi probe requests. Apple’s intent was to provide an additional layer of privacy for consumers and target those companies that offer analytics without providing any value to the end consumer. We’ve been getting some questions about what this means and how it impacts our Connected Mobile Experiences (CMX)  solution, so we wanted to clear this up for our customers.

What does this mean for you? 

First and foremost, Cisco has always been dedicated to privacy for our customers and their end-users. There are four aspects of privacy that are built into our CMX solution:

1. Anonymous Aggregate Information: All analytics are based on aggregate, anonymized location data.

2. Permission-based: Users have to opt-in to join a Wi-Fi network or download an app

3. MAC Address Hash: Users’ MAC addresses can be hashed before exposing to 3rd party apps

4. Opt Out: End-users are always presented with the option to opt out of location-based services

The true value of CMX analytics for organizations is in aggregate location data to be used for business analysis to improve the customer experience for end-users. Providing customers with high performing Wi-Fi not only keeps always-on mobile users happy and opens the doors to delighting customers with more personalized experiences, but also helps provide more granularity to those aggregate trends to feed back into the experience creation machine. Win-win.

What does this mean for our CMX value proposition? Read More »

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Attack Analysis with a Fast Graph

TRAC-tank-vertical_logo-300x243This post is co-authored by Martin Lee, Armin Pelkmann, and Preetham Raghunanda.

Cyber security analysts tend to redundantly perform the same attack queries with different input data. Unfortunately, the search for useful meta-data correlation across proprietary and open source data sets may be laborious and time consuming with relational databases as multiple tables are joined, queried, and the results inevitably take too long to return. Enter the graph database, a fundamentally improved database technology for specific threat analysis functions. Representing information as a graph allows the discovery of associations and connection that are otherwise not immediately apparent.

Within basic security analysis, we represent domains, IP addresses, and DNS information as nodes, and represent the relationships between them as edges connecting the nodes. In the following example, domains A and B are connected through a shared name server and MX record despite being hosted on different servers. Domain C is linked to domain B through a shared host, but has no direct association with domain A.

graph_image_1 This ability to quickly identify domain-host associations brings attention to further network assets that may have been compromised, or assets that will be used in future attacks.

Read More »

Tags: , , , , , , , , , , , , , , , , , , , , , ,

Angling for Silverlight Exploits

VRT / TRACThis post is co-authored by Andrew Tsonchev, Jaeson Schultz, Alex Chiu, Seth Hanford, Craig Williams, Steven Poulson, and Joel Esler. Special thanks to co-author Brandon Stultz for the exploit reverse engineering. 

Silverlight exploits are the drive-by flavor of the month. Exploit Kit (EK) owners are adding Silverlight to their update releases, and since April 23rd we have observed substantial traffic (often from Malvertising) being driven to Angler instances partially using Silverlight exploits. In fact in this particular Angler campaign, the attack is more specifically targeted at Flash and Silverlight vulnerabilities and though Java is available and an included reference in the original attack landing pages, it’s never triggered.

Rise in Angler Attacks

HTTP requests for a specific Angler Exploit Kit campaign

Exploit Content Type

Angler exploit content types delivered to victims, application/x-gzip (Java) is notably absent

 

Read More »

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Big Data in Retailing: Follow the Money!

March 4, 2013 at 9:18 am PST

Retailers looking at the Big Data opportunity may well find themselves with an array of choices: the opportunities seem so vast, where does one begin?

Well, a pragmatic way forward is to focus on some pragmatic possibilities and then “follow the money”!

In examining the Big Data opportunity for retailers, Cisco IBSG has identified three key areas where we believe value can be generated through Big Data analytics – and we have put together a framework for assessing and comparing the financial impact of options within these areas.

As outlined in our previous report, “Surfing the Data Deluge: How Retailers Can Turn Big Data into Big Profits,” three areas – video, social and mobile data –promise unprecedented insights into what consumers want or need, at the earliest stages of interest, and will drive the Big Data thrust in retail over the next few years. These three essentials not only represent a major stream of incoming data, but also provide an outbound mechanism to communicate with customers on a more personalized basis. In other words, they are both a source of Big Data analytics and a way of implementing Big Data insights!
Read More »

Tags: , , , , , , , , ,

Counterfeiters Innovate Too

As Cisco’s Global Threat Analyst, my job is to look for what is changing around the world, and to explain why my colleagues in the Information Communications Technology (ICT) industry should care. Recently, I sat down with brand protection and anti-counterfeiting specialists to hear about what is changing in their line of work. They gave me a lot to think about.

Read More »

Tags: , , ,