Cisco Blogs


Cisco Blog > Security

Fiesta Exploit Pack is No Party for Drive-By Victims

This post was also authored by Andrew Tsonchev and Steven Poulson.

TRAC-tank-vertical_logo

Cisco’s Cloud Web Security (CWS) service provides TRAC researchers with a constant fire hose of malicious insight and now that we are collaborating with Sourcefire’s Vulnerability Research Team (VRT) we have additional capabilities to quickly isolate and prioritize specific web exploit activity for further analysis. Thus when we were recently alerted to an aggressive Fiesta exploit pack (EP) campaign targeting our customers, we quickly compared notes and found that in addition to the typical Java exploits, this EP was also using a Microsoft Silverlight exploit. In the Cisco 2014 Annual Security Report (ASR) we discuss how 2013 was a banner year for Java exploits, and while updating Java should remain a top priority, Silverlight is certainly worth patching as threat actors continue to search for new application exploits to leverage in drive-by attacks.

Fiesta Exploit Pack

Over the past 30 days this specific Fiesta campaign was blocked across more than 300 different companies. The attacker(s) used numerous dynamic DNS (DDNS) domains -- that resolved to six different IP addresses -- as exploit landing pages. The chart below depicts the distribution of hosts used in this attack across the most blocked DDNS base domains.

CWS Fiesta Blocks by Distinct Requests

Read More »

Tags: , , , , , , , , , , , , , , , , , , , , , , ,

#EngineersUnplugged S2.Ep4: #EUC Buzz!

March 13, 2013 at 12:34 pm PST

In this week’s episode of Engineers Unplugged, WWT’s Dave Kinsman (@virtualizethis) and Chris Gebhardt (@chrisgeb) take on the current buzz in the end-user computing space. Listen in on all things VDI, from storage to flash:

Welcome to Engineers Unplugged, where technologists talk to each other the way they know best, with a whiteboard. The rules are simple:

  1. Episodes will publish weekly (or as close to it as we can manage)
  2. Subscribe to the podcast here: engineersunplugged.com
  3. Follow the #engineersunplugged conversation on Twitter
  4. Submit ideas for episodes or volunteer to appear by Tweeting to @CommsNinja
  5. Practice drawing unicorns

This week features our very first duck-i-corn. Wow. Groundbreaking collaboration.

Dave Kinsman (WWT) and Chris Gebhardt (NetApp) with the world's first duck-i-corn.

Dave Kinsman (WWT) and Chris Gebhardt (NetApp) with the world’s first duck-i-corn.

For more on the EUC conversation, follow @ciscoDC. Check out the Engineers Unplugged Facebook page for behind the scenes pictures, updates, and more.

Stay tuned next week for an incredible double header: Nick Weaver and Jay Cuthrell talk Automation and Andy Banta and Andy Sholomon practice the KISS method.

Tags: , , , , , , , , , ,