Cisco Blogs


Cisco Blog > Mobility

Ready for #SuperMobility?

It’s no longer a question of whether mobility best practices and policies are required, it’s a matter of when your strategy will get ahead of the unstoppable trend. Business and IT leaders alike are not just witnessing the movement of everything mobile, but guilty themselves: who isn’t on their devices for both work and play anymore?

User experience, performance, security and management are key red flags that shoot up when we think about mobile. Getting these four totems right will help organizations keep employees or customers happy and productive, while protecting the business. This is no piece of cake: mobility is a journey and you need a strategy.

Thought leaders and innovators across industries are converging on #SuperMobility Mobile Con this week in Vegas to discuss best practices and ways for organizations to tackle these key issues. We’ll be there too to discuss how to move beyond BYOD and develop an enterprise mobility strategy.

Session: Embark on Your Employee and Customer Mobility Journey
Time: Sep. 09, 2014 from 3:30 PM to 4:29 PM
Location: Sands Expo − MobileCON Show Floor, Stage 3 Read More »

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Threat Spotlight: “Kyle and Stan” Malvertising Network Threatens Windows and Mac Users With Mutating Malware

This post was authored by Shaun Hurley, David McDaniel and Armin Pelkmann.

Update 2014-09-22: Updates on this threat can be found here

img_MetricsHave you visited amazon.com, ads.yahoo.com, www.winrar.com, youtube.com, or any of the 74 domains listed below lately? If the answer is yes, then you may have been a victim to the “Kyle and Stan” Malvertising Network that distributes sophisticated, mutating malware for Windows and even Macs.

Table of contents

Attack in a Nutshell
Timeline
Technical Breakdown
Reversing of the Mac Malware
Reversing of the Windows Malware
IOCs
Conclusion
Protecting Users Against These Threats

Malvertising is a short form for “malicious advertising.” The idea is very simple: use online advertising to spread malware. Read More »

Tags: , , , , , , , , , , , , , , , , , ,

Danger at the Retail Point of Sale

This blog post was authored by Martin Lee and Jaeson Schultz.

With the announcement that yet another major retailer has allegedly been breached, it is important to review how attackers compromise retail systems and how such intrusions can be prevented. In this latest case, retailers are working to determine if a large cache of credit card information offered for sale on an underground trading forum originated as a result of a systems breach.

The presence of large amounts of financial and personal information within retail systems means that these companies are likely to remain attractive targets to attackers. Illicit markets exist for such information so that attackers are able to easily monetize stolen data. Although we don’t know the details of this specific attack, it may follow the same pattern as other major breaches in the retail sector. Incidents involving Point of Sale (POS) malware have been on the rise, affecting many large organizations.

In addition to the risk of fraud to the individuals affected, the consequences for the breached organizations are severe. News of customer data theft not only damages the brand, but recovering from the breach can also cost into the millions of dollars as systems are investigated, cleaned, repaired, and new processes are implemented to prevent future similar attacks.


POS Attack
Read More »

Tags: , , ,

Securing Mobile Data in the Event of Device Loss or Theft

September 4, 2014 at 6:00 am PST

As a business or technical leader, you know you need to protect your company in a rapidly evolving mobile ecosystem. However, threats are not always obvious. As malware and attacks become more sophisticated over time, business decision makers must work with technical decision makers to navigate security threats in a mobile world.

This blog series, authored by Kathy Trahan, will explore the topic of enterprise mobility security from a situational level and provide insight into what leaders can do now to mitigate risk. To read the first post focused on securing device freedom, click here. The second post, available here, focused on the risks that come with mobile connections. Kathy’s third post outlined three top considerations leaders must consider when examining their current mobile data security plan. The fourth post in this series highlights how security compliance is necessary for real-time mobile data access. – Bret Hartman, Chief Technology Officer (CTO) for Cisco’s Security Technology Group

Many of us have experienced that panicked “oh no!” moment when we’ve misplaced a mobile device or worse, found out it was stolen. The stakes are raised even higher when a lost or stolen device is company issued, or a personal device an employee uses for business purposes and contains sensitive data.

According to a recent report, more than 3.1 million smart phones were stolen just in America last year alone. This same report revealed that 34% of people took no security measures at all to protect sensitive information – not even a simple four-digit password. 51% of end users use their smartphone to perform daily business activities.

Read More »

Tags: , , , , ,

Behind the Music: The New Threat Management with NextGen IPS CVD

If you’ve ever caught an episode of VH1’s Behind the Music, the TV series that profiles rock bands and personalities, you may agree with me that it can be fascinating. I especially like the interviews about the creative process. I’ve learned that great songs can come from just about anywhere. And that a talented group of people working together can produce amazing results.

When it comes to our Secure Data Center for the Enterprise Portfolio CVDs (Cisco Validated Designs), that’s exactly what happened. We just released the fourth CVD: Threat Management with NextGen IPS, which focuses on giving you a full set of capabilities for a threat management system. But it’s also aware that the data center has to remain efficient and support other business goals while it’s defending against cyber attacks. Read More »

Tags: , , , , , ,