IPS

July 21, 2014

SECURITY

Old and Persistent Malware

2 min read

Malware can find its way into the most unexpected of places. Certainly, no website can be assumed to be always completely free of malware. Typically, there are many ways that websites can be compromised to serve malware:

July 18, 2014

SECURITY

You Can’t Protect What You Can’t See

2 min read

The title seems like a simple enough concept, but when it comes to advanced threat protection, truer words were never written. This concept of visibility into your network, which in turn enables better protection and control of your network, is at the heart of Cisco’s Next-Generation Intrusion Prevention System (NGIPS). Visibility is what feeds critical […]

May 5, 2014

SECURITY

IE Zero Day – Managed Services Protection

1 min read

As of May 1, 2014, we can confirm Cisco customers have been targets of this attack. For the latest coverage information and additional details see our new post on the VRT blog. Protecting company critical assets is a continuing challenge under normal threat conditions. The disclosure of zero-day exploits only makes the job of IT […]

April 30, 2014

NETWORKING

IWAN Wed: The Case for Direct Internet Breakout at Branch and IWAN

3 min read

Cloud services and SaaS applications is enabling customers to accelerate their business processes and improve employee productivity while lowering their total IT spending. The Cisco IWAN solution is helping organizations adopt cloud applications with an improved user experience by enabling local internet breakout from the branch environment, thus helping eliminate the need to backhaul internet-bound traffic […]

April 18, 2014

SECURITY

Cisco IPS Signature Coverage for OpenSSL Heartbleed Issue

2 min read

The Cisco IPS Signature Development team has released 4 signature updates in the past week. Each of the updates contains either modifications to existing signatures or additional signatures for detection of attacks related to the OpenSSL Heartbleed issue. I’m going to take a moment to summarize the signature coverage.

December 4, 2013

SECURITY

The Internet of Everything, Including Malware

3 min read

We are witnessing the growth of the Internet of Everything (IoE), the network of embedded physical objects accessed through the Internet, and it’s connecting new devices to the Internet which may not traditionally have been there before. Unfortunately, some of these devices may be deployed with a security posture that may need improvement. Naturally when we saw […]

November 4, 2013

SECURITY

Massive Increase in Reconnaissance Activity – Precursor to Attack?

2 min read

Update 2013-11-12: Watch our youtube discussion Update 2013-11-05: Upon further examination of the traffic we can confirm that a large percentage is destined for TCP port 445. This is indicative of someone looking for nodes running SMB/DCERPC. With that in mind it is extremely likely someone is looking for vulnerable windows machines or it is quite possible that […]

May 29, 2013

SECURITY

Botnets Riding Rails to your Data Center

3 min read

Cisco Security Intelligence Operations is tracking reports of ongoing exploitation of a vulnerability in the popular web application framework Ruby on Rails that creates a Linux-based botnet. The vulnerability dates back to January 2013 and affects Ruby on Rails versions prior to 3.2.11, 3.1.10, 3.0.19, and 2.3.15.  Cisco Security Intelligence Operations’ has previously published an […]

May 1, 2013

SECURITY

Coordinated Attacks Against the U.S. Government and Banking Infrastructure

8 min read

Prologue On April 10, 2013, a collective of politically motivated hacktivists announced a round of planned attacks called #OPUSA. These attacks, slated to begin May 7, 2013, are to be launched against U.S.-based targets. #OPUSA is a follow-up to #OPISRAEL, which were a series of attacks carried out on April 7 against Israeli-based targets. Our goal here is to […]