Cisco Blogs


Cisco Blog > Security

Angling for Silverlight Exploits

VRT / TRACThis post is co-authored by Andrew Tsonchev, Jaeson Schultz, Alex Chiu, Seth Hanford, Craig Williams, Steven Poulson, and Joel Esler. Special thanks to co-author Brandon Stultz for the exploit reverse engineering. 

Silverlight exploits are the drive-by flavor of the month. Exploit Kit (EK) owners are adding Silverlight to their update releases, and since April 23rd we have observed substantial traffic (often from Malvertising) being driven to Angler instances partially using Silverlight exploits. In fact in this particular Angler campaign, the attack is more specifically targeted at Flash and Silverlight vulnerabilities and though Java is available and an included reference in the original attack landing pages, it’s never triggered.

Rise in Angler Attacks

HTTP requests for a specific Angler Exploit Kit campaign

Exploit Content Type

Angler exploit content types delivered to victims, application/x-gzip (Java) is notably absent

 

Read More »

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Understanding the Changing Mobile User

Mobile communications today is virtually indistinguishable from the first mobile call that was made four decades ago.  We have gone from monster handsets to pocket-sized portable computers.  Mobile communications has become an essential part of our daily lives.  For mobile operators and other companies operating in this space it is essential to know the facts about the mobile market and how the mobile user is changing.

The recent video by Cisco “Understanding the Changing Mobile User” provides key insights for SPs into how mobile users are using LTE, Wi-Fi and their changing mobile behavior.  The video identifies options for operators to be successful in the changing mobile world.

The Read More »

Tags: , , , , , , ,

Not If, but When: The case for Advanced Malware Protection Everywhere

A recent Bloor Research Market Update on Advanced Threat Protection reminds us of something that many security vendors have long been loath to acknowledge: traditional, point-in-time technologies, like anti-virus or sandboxes, are not entirely effective when defending against complex, sophisticated attacks.

This is due to something we have said before and we will say again: malware is “the weapon of choice” for malicious actors. We know blended threats introduce malware. Our 2014 Annual Security Report notes that every Fortune 500 company that was spoken to for the report had traffic going to websites that host malware. Bloor tells us all, once again, that attack methods are becoming more complex.

To put it plainly, when it comes to networks being breached, it is not a case of if, but when.

Read More »

Tags: , , , , , , , ,

Small Cells Are Big For Business

Closing the big deal.  Calming an irate customer.  Clarifying instructions given in an email.  Voice has long been the killer app for business.  As the world goes mobile, smartphones are becoming a key way for business people to stay connected, not just when they are out of the office, but an important means of voice communication in the office.  Like consumers, many business users are cutting the cord and using their mobile device, instead of their desk phone, to make and receive voice calls.  A recent Cisco study of mobile users reveals that 50 percent of knowledge workers use their mobile phone at least one-quarter of the time to make calls in the office, instead of reaching for a desk phone.  And, 35 percent of knowledge workers equally choose between a mobile and desk device when placing a call.  We expect this mobile displacement of the traditional desk phone to grow as employees increasingly bring their own mobile devices to work and use them for conducting business.

Mobile cellular networks were built to cover large outdoor and semi-outdoor areas.  They were never built to penetrate the steel, glass and concrete of modern buildings.  While there may be some coverage near the windows, the signal strength rapidly degrades as you head towards the center of the building.  This is only going to get worse as new building materials, such as blast resistant glass, make it even harder for signals from the macrocell network to adequately cover the place of work.  Our research found that one-third of all business users receive only 1 to 3 bars of signal strength at their place of work.  And, 10 percent of business people obtain very poor quality mobile service (1 to 2 bars).

The shift to mobile in the workplace should be Read More »

Tags: , , , , , , , ,

Five Predictions for the Future of Wi-Fi and Mobile

New devices, changes in customer behaviors, and technological advances are rapidly changing the mobile market and consumers’ expectations of mobility.  A recent Cisco study of mobile consumers reveals how much, and how quickly the world of mobility is changing.  The survey uncovers some startling revelations about what consumers are doing on their mobile devices, how and where they are using them, and how they are connecting them to the Internet.  Highlights of the research are revealed in my recent blog Discover What Consumers Want from Wi-Fi and Mobile.

The majority of devices are now Wi-Fi-enabled, and the fastest-growing category is “nomadic” devices like tablets and eReaders.  We now need to speak of the “mobile home,” as the home is by far the most popular location for consumers to use their mobile devices. Surprisingly, Wi-Fi is the network connection of choice for most consumers for all of their devices.  Public Wi-Fi is now a big part of mobile life.

Consumers are generally satisfied with their public Wi-Fi experience, but they want it to be faster, more secure, better quality, and most of all, available in more places. Consumers are anxious for enhanced personal mobile experiences that can be delivered by unlocking the inherent business value hidden in the Wi-Fi infrastructure.

While it is never easy to foresee the future, we are making five predictions for key changes in the mobile industry over the next two years based on insights from the Cisco mobile consumer research: Read More »

Tags: , , , , , , , ,