Cisco Blogs


Cisco Blog > Security

Fiesta Exploit Pack is No Party for Drive-By Victims

This post was also authored by Andrew Tsonchev and Steven Poulson.

TRAC-tank-vertical_logo

Update 2014-05-26Thank you to Fox-IT for providing the Fiesta logo image. We updated the caption to accurately reflect image attribution.

Cisco’s Cloud Web Security (CWS) service provides TRAC researchers with a constant fire hose of malicious insight and now that we are collaborating with Sourcefire’s Vulnerability Research Team (VRT) we have additional capabilities to quickly isolate and prioritize specific web exploit activity for further analysis. Thus when we were recently alerted to an aggressive Fiesta exploit pack (EP) campaign targeting our customers, we quickly compared notes and found that in addition to the typical Java exploits, this EP was also using a Microsoft Silverlight exploit. In the Cisco 2014 Annual Security Report (ASR) we discuss how 2013 was a banner year for Java exploits, and while updating Java should remain a top priority, Silverlight is certainly worth patching as threat actors continue to search for new application exploits to leverage in drive-by attacks.

Fiesta Exploit Pack

Image provided courtesy of Fox-IT

Over the past 30 days this specific Fiesta campaign was blocked across more than 300 different companies. The attacker(s) used numerous dynamic DNS (DDNS) domains -- that resolved to six different IP addresses -- as exploit landing pages. The chart below depicts the distribution of hosts used in this attack across the most blocked DDNS base domains.

CWS Fiesta Blocks by Distinct Requests

Read More »

Tags: , , , , , , , , , , , , , , , , , , , , , , ,

Focused on Driving Partner Profitability

Your profitability is a top priority for us at Cisco. In fact, we are increasing our investments in our partner incentive and profitability programs in Fiscal Year 2012 to help you not only drive profitable growth, but also to evolve your businesses.

With your input, we frequently refine our incentive and profitability programs to help you stay at the forefront of the industry and enhance your relevancy to customers. FY12 is no exception. Here’s a list of what’s new.

• We are rolling out the Teaming Incentive Program (TIP) globally to offer Cisco partners an opportunity to realize higher margins in deals where they team with Cisco.

• We are streamlining the Opportunity Incentive Program (OIP) to make it easier and faster for partners to receive approval on deal registration, and therefore, boost adoption and opportunity for higher margins for partners.

• We are simplifying the Technology Migration Program (TMP) and expanding competitive trade-in product recognition for easier quoting purposes.

• We are adding incentives to the recently announced Cisco Cloud Partner Program to help partners monetize the rapidly growing cloud market opportunities.

• We are building new incentives, which will be announced later in FY12, to reward our partners for actively participating in the new Partner Led go-to-market model.

• We are refreshing our ground breaking profitability program – the Cisco Value Incentive Program (VIP) – to meet changing customer and market demands and ultimately to help partners successfully evolve their practices as the industry moves forward.
Read More »

Tags: , , , , , , ,