Ed Paradise, Vice President of Engineering for Cisco’s Threat Response, Intelligence and Development Group
Much has been made of the industry-wide Heartbleed vulnerability and its potential exploitation. Cisco was among the first companies to release a customer Security Advisory when the vulnerability became public, and is now one of many offering mitigation advice.
Those dealing with this issue on a day-to-day basis know it’s not enough to just patch the OpenSSL software library. Organizations also need to revoke and reissue digital certificates for their Heartbleed-vulnerable sites. If your certificates were stored in a Trust Anchor Module (TAM), they are still safe. Otherwise, a few additional steps should be taken to ensure you and your customers are secure:
Read More »
Tags: Cisco PSIRT, Cisco Security, Heartbleed, OpenSSL, psirt, security
This post explains how to inspect the contents of windows DNS cache. Inspection can be used to check DNS entries, revealing if any malicious websites are being visited.
A Domain Name Server’s (DNS) cache of DNS records can be inspected to determine if your network is interacting with suspicious or malicious internet sites. To perform this task, perform the following:
For Windows 2003 and prior versions, you must install Windows Support Tools. Once installed, inspect and export the DNS cache using the command prompt (cmd.exe) window.
For Windows 2008 and later, The Windows PowerShell is a more advanced version of Windows Support Tools and is installed by default. Use the PowerShell window or run the PowerShell Script from the command prompt window to inspect and export the DNS cache.
How to Inspect the Cache from the CMD Prompt
Windows 2003 and Prior Using dnscmd
- From the support tools directory (\Program Files (x86)\Support Tools), run the following command to display the DNS cache output in the CMD window.
- To redirect the DNS cache output to a file, use the following command:
C:\Program Files (x86)\Support Tools>dnscmd /zoneprint ..cache > c:\cache_output.txt
Read More »
Tags: Cisco Security, dns, security
Mobile security is a top concern for IT and business leaders. This blog series with Dimension Data explores how organizational leaders can work together to mitigate concern and implement clearly defined policies and mobility goals. This blog will address closing the gap between secure mobility vision and real-world implementation. The first blog in this series discussing how concerns outweigh actions when it comes to mobility security is here. The second blog in this series highlighting how IT and business leaders can work together to develop secure mobility policies is here.
There is a gap between the vision for secure mobility and the real-world implementation.
How do we know a gap exists? A recent Dimension Data Secure Mobility Survey report indicates 79% of IT leaders believe mobility is a top priority and 69% of those surveyed already have a mobility roadmap in place. The vision looks good, right? However, only 29% of those implementing their roadmap have tested their core applications, and only 32% have conducted a security audit of the applications.
Today, IT is faced with the challenge of providing any user from any location on any device access to any of the corporate applications, all while keeping assets and users secure. These perimeters add up to a complex equation and it’s contributing to this gap in IT leaders’ approach to vision and action for mobility deployments. How can IT and business leaders work to address this disparity?
Listed below are a few steps that should be considered to help turn the secure mobility vision into a reality. Taking a careful assessment of what mobility can offer and applying these steps can make the difference between a successful implementation and being derailed by unforeseen problems.
Read More »
Tags: Cisco, Cisco Partners, Cisco Security, dimension data, mobile security, security
From FDA (Food and Drug Administration) to FBI (Federal bureau of Investigations), they see a core issue bubbling up: The vulnerability of Healthcare systems to cyber-attacks. Both agencies have issued an advisory in this regard in the last 1 year.
Source: DataLossDB.org -- Healthcare amounts to 17% of incidents in 2013
FDA Advisory was focused on medical devices and hospital networks, while the FBI’s communication is focused on hackers attempting to hack personal medical records and health insurance data and even goes to calling out the gaps in resiliency to cyber-attacks as compared with other sectors such as financial and retail sectors.
In addition, looking at statistics from datalossdb.org, Health Care sector has consistently been in the top 3 sectors that have had the most incidents.
But the question is, why now?
This is where the correlation with the Health Care IT transition time lines adds up. It’s the other side of Health Care IT transitions that we looked at in the previous part (At the security cross roads of Healthcare reforms and IoE – 6 Health Care IT Transitions) of this blog series – the threat that have emerged from open anywhere, anytime, any device access which has enabled convenience and transformational experience to patients and care teams.
Let’s see an example of the changing dynamics of some of these transitions from a Hackers perspective by analyzing one of these transitions: Transition from Paper charts to EMR and enabling anywhere anytime, any device access to my care teams and my patients.
Health Care IT Transitions and their Security Implications (1-3 of 6)
Read More »
Tags: Cisco Healthcare, Cisco Security, CiscoCloud, e-health, healthcare reform, Internet of Everything, mobile healthcare
#CiscoChampion Radio is a podcast series by Cisco Champions as technologists, hosted by Cisco’s Amy Lewis (@CommsNinja). This week Chris Young, SVP Security Business Group Cisco, and Bill Carter, Senior Network Engineer and Cisco Champion, talk about Intelligent Cyber Security for the real world.
Listen to the Podcast
Cisco Subject Matter Expert: Chris Young, SVP Security Business Group Cisco (@YoungDChris)
Cisco Champion: Bill Carter, Senior Network Engineer (@billyc5022)
How Cisco deals with fragmentation in Security market
Attack-driven model for Security, before, during and after
How Sourcefire acquisition fits in with Cisco Security
Open Source Security around Snort Community Read More »
Tags: #CiscoChampionRadio, Chris Young, Cisco Security, Snort, Sourcefire