Cisco Blogs


Cisco Blog > Threat Research

Microsoft Patch Tuesday for March 2015: 14 Bulletins Released; FREAK Patched

Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products.  This month’s release sees a total of 14 bulletins being released which address 45 CVEs.  The first 5 bulletins are rated critical and address vulnerabilities within Internet Explorer, Office, Windows, and VBScript. The remaining 9 bulletins are rated important and cover vulnerabilities within Windows Kernel Mode Drivers, Exchange, Task Scheduler, Remote Desktop, SChannel, and the Microsoft Graphics component. Read More »

Tags: , , , , ,

Mitigations Available for the DRAM Row Hammer Vulnerability

This blog post was authored by Troy Fridley and Omar Santos of Cisco PSIRT.

On Mar 9 2015, the Project Zero team at Google revealed findings from new research related to the known issue in the DDR3 Memory specification referred to as “Row Hammer”. Row Hammer is an industry-wide issue that has been discussed publicly since (at least) 2012.

The new research by Google shows that these types of errors can be introduced in a predictable manner. A proof-of-concept (POC) exploit that runs on the Linux operating system has been released. Successful exploitation leverages the predictability of these Row Hammer errors to modify memory of an affected device. An authenticated, local attacker with the ability to execute code on the affected system could elevate their privileges to that of a super user or “root” account. This is also known as Ring 0. Programs that run in Ring 0 can modify anything on the affected system. Read More »

Tags: , , , , , ,

Dridex Attacks Target Corporate Accounting

In February, Cisco Managed Threat Defense (MTD) security investigators detected a rash of Dridex credential-stealing malware delivered via Microsoft Office macros. It’s effective, and the lures appear targeted at those responsible for handling purchase orders and invoices. Here’s a breakdown of the types of emails we’ve observed phishing employees and inserting trojans into user devices.

Subjects captured from Dridex campaign in February 2015

Subjects captured from Dridex campaign in February 2015

Read More »

Tags: , , , , ,

The Seven Wonders of User Access Control: Part II

In the first of a two-part blog series, The Seven Deadly Sins of User Access Controls, my colleague Jean Gordon Kocienda provided fresh insights into overly-permissive user access controls as a common underlying cause of data breaches. In this blog, I address the solutions to those “Seven Deadly Sins” with a modern twist on the antiquity typically known as the “Seven Wonders.”

Information Security professionals need to address user access control in the context of today’s complex threats, coupled with a fast changing IT landscape. Long gone are the days of only a few with a need to know and key corporate assets being housed behind the enterprise perimeter. We have shifted to an agile, data-centric environment with increasing user populations who may also be third-party suppliers or contractors needing fast access to assets that were previously off limits. And, it’s not just massive volumes of data that need protecting; it’s access to critical work streams and transactions too.

Read More »

Tags: , , , ,

Telefónica and Cisco Personalize the Consumer Experience at Mobile World Congress

On March 2 at Mobile World Congress, Robert Franks, Managing Director, Digital Commerce at Telefónica UK and Cisco’s Kelly Ahuja, SVP, Service Provider Business, Products & Solutions, had a standing-room only crowd as part of the “Personalizing the Consumer Experience” keynote.

cisco-kelly-ahuja-robert-franks

During their session, they emphasized how they could understand the consumer as a digital stream of information, not simply isolated pieces of information.  That stream of information, combined with in-person location details, can help both service providers and enterprises improve the experience for their consumer customers.  Both Kelly and Robert recognized that the data has always been available, but it wasn’t easily accessible.  Now Telefónica and Cisco are working together to find ways to use that information to provide a better experience for consumers.

Kelly summarized it well by stating that “personalization is going to be the key to determine the consumer experience.”  Audience members agreed with what was said in real-time tweets.

1

Both Robert and Kelly discussed Read More »

Tags: , , , , , ,