Cisco Blogs


Cisco Blog > Security

AMP Threat Grid Empowers Law Enforcement to Fight Cybercrime

Recognizing the critical need for state and local law enforcement agencies to have state-of-the art technologies to effectively fight digital crime, Cisco is creating the AMP Threat Grid for Law Enforcement Program. The program is designed to empower those working to protect our communities from cybercriminals with its dynamic malware analysis and threat intelligence platform.

Computers are central to modern criminal investigations, whether as instruments to commit the crime, as is the case for phishing, hacking, fraud or child exploitation; or as a storage repository for evidence of the crime, which is the case for virtually any crime. In addition, those using computers for criminal activity continue to become more sophisticated, and state and local law enforcement agencies struggle to keep up with their internal computer forensics / digital investigation capabilities. Malware analysis is also a critical part of digital investigations: to prove or disprove a “Trojan Defense” for suspects, wherein the accused rightly or falsely claims a malicious software program conducted the criminal activity and not the user; and to investigate unknown software and suspicious files on the computers of the victims of cybercriminal activity for evidence of the crime.

Read More »

Tags: , , , , , , , ,

John Chambers: “What does the Internet of Everything Mean for Security?”

Last week, Cisco CEO John Chambers attended the World Economic Forum in Davos, Switzerland. A major theme of the week was security and the implications of the Internet of Everything…the topic which John focused on in his contributed article to the WEF blog, Agenda. You can read the full article here.

In the article he stated:

WEF graphic - John Chambers on Security 2014

WEF graphic – John Chambers on Security 2015

Additionally, last week, Cisco issued our Annual Security Report which includes data about the number of breaches, attacks and how to mitigate these increasing threats. Cisco SVP and Chief Security Officer John Stewart blogged on this report here. A key call to action of the report is for corporate boards to take a more active role and focus on security as they help run their companies. He also talked to BloombergWest’s Cory Johnson. You can view that interview here.

In Davos, John Chambers talked to a few reporters about the implications of more things being connected…overall, of course, the impact will be very positive. As we move from 14B connected devices to 50B by 2020, John argues that each of those end points cannot be trusted to be secure, therefore you need to focus on security from an architectural approach…something, of course, where the network has a distinct advantage.

See John’s interview with USAToday Editor-in-Chief Dave Callaway.

See John’s interview with New York Times reporter David Gelles.

And, see here, for how many devices are connected to the Internet. Right. Now.

Tags: , , , , , , ,

Threat Spotlight: “Kyle and Stan” Malvertising Network 9 Times Larger Than Expected

This post was authored by Armin Pelkmann.

On September 8th, Cisco’s Talos Security Intelligence & Research Group unveiled the existence of the “Kyle and Stan” Malvertisement Network. The network was responsible for placing malicious advertisements on big websites like amazon.com, ads.yahoo.com, www.winrar.com, youtube.com and 70 other domains. As it turns out, this was just the tip of the iceberg. Ongoing research now reveals the real size of the attackers’ network is 9 times larger than reported in our first blog. For more details, read the Kyle and Stan Blog.

The infographic below illustrates how much more of the malvertisement network was uncovered in comparison to our first assessment. We have now isolated 6491 domains sharing the same infrastructure. This is over 9 times the previously mentioned 703 domains.  We have observed and analyzed 31151 connections made to these domains. This equals over 3 times the amount of connections previously observed. The increase in connections is most likely not proportional to the domains due to the fact that a long time that has passed since the initial attacks.

img_new_numbers

The discovery difference from the previous blog to this one in raw numbers. With more than 3-times the now observed connections and over 9-times the revealed malicious domains, this malvertising network is of unusually massive proportions.

Read More »

Tags: , , , , , , , , , , , , , , , , , ,

Threat Spotlight: “Kyle and Stan” Malvertising Network Threatens Windows and Mac Users With Mutating Malware

This post was authored by Shaun Hurley, David McDaniel and Armin Pelkmann.

Update 2014-09-22: Updates on this threat can be found here

img_MetricsHave you visited amazon.com, ads.yahoo.com, www.winrar.com, youtube.com, or any of the 74 domains listed below lately? If the answer is yes, then you may have been a victim to the “Kyle and Stan” Malvertising Network that distributes sophisticated, mutating malware for Windows and even Macs.

Table of contents

Attack in a Nutshell
Timeline
Technical Breakdown
Reversing of the Mac Malware
Reversing of the Windows Malware
IOCs
Conclusion
Protecting Users Against These Threats

Malvertising is a short form for “malicious advertising.” The idea is very simple: use online advertising to spread malware. Read More »

Tags: , , , , , , , , , , , , , , , , , ,

Hacking Made Easy – Courtesy of IoT

For most of us, technology has become an integral part of our daily lives and promises to become even more prevalent in the near future due to the emerging technological revolution called the Internet of Things (IoT). The number of connected objects now exceeds the world’s human population, and is expected to grow exponentially over the next three to five years.

The early stage of IoT has already started making our lives easier and far more comfortable, giving us the ability to remotely monitor our homes and businesses, turn on the lights and heat before we return home from a long day, and even help us find a place to eat in an unfamiliar city. In fact, so many of our daily activities are becoming automated through the use of IoT technologies, we will soon wonder how we could have functioned without them – similar to looking back now on the pre-smart phone era! Read More »

Tags: , , , , , ,