Microsoft Tuesday is here once again and this month they are releasing a total of eight bulletins. Three of which are rated as critical, while the remaining five are rated as important. There’s a total of 24 CVEs this month, 20 of which were privately disclosed to Microsoft and four which are either publicly known or under active attack, making them 0-day vulnerabilities. Of those four, two are being actively attacked, while two have been publicly disclosed but do not seem to be under attack for supported software. Of the 24 CVEs, 15 are categorized as allowing remote code execution, four as elevation of privilege and three as security feature bypasses.
Everyone has certain characteristics that can be recognised. This may be a way of walking, an accent, a turn of phrase or a style of dressing. If you know what to look for you can easily spot a friend or acquaintance in a crowd by knowing what characteristics to look for. Exactly the same is true for threat actors.
Each threat actor group may have certain characteristics that they display during their attack campaigns. These may be the types of malware that they use, a pattern in the naming conventions of their command and control servers, their choice of victims etc. Collecting attack data allows an observer to spot the characteristics that define each group and identify specific threat actors from the crowd of malicious activity on the internet.
Talos security and intelligence research group collects attack data from our various telemetry systems to analyse, identify and monitor threat actors through their different tactics, techniques, and procedures. Rather than give names to the different identified groups, we assign numbers to the threat actors. We frequently blog about significant attack campaigns that we discover, behind the scenes we integrate our intelligence data directly into our products. As part of our research we keep track of certain threat actor groups and their activities. In conjunction with a number of other security companies, we are taking action to highlight and disrupt the activities of the threat actors identified by us as Group 72. Read More »
I am very pleased to be able to share some Gartner research on TrustSec.
While we’re continuing to make progress through broader product support, validation from auditors and implementation by other vendors, we believe that this research and Gartner’s perspective will provide you with a useful and informative viewpoint.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Source: Gartner Research, G00245544, Phil Schacter, 12 February 2013, refreshed 1 October 2014
This is part 2 of the “Your Business Powered By Cisco Customer Solutions Architecture (CSA)” blog series.
The following figure shows a simplified view of the Cisco CSA. It has five horizontal layers: Physical Infrastructure layer, Virtualized Infrastructure layer, Services layer, Service Management and Automation layer, and App/portal layer. Supporting each layer from top-to-bottom, there are three vertical layers: ITSM/ITIL services layer services enablement, Security layer for providing security across each of the horizontal layers, and Cisco Intellectual and domain management layer for providing Cisco best practices at each of the horizontal layers.
This CSA is a logically layered architecture (LLA), with each layer providing a distinct function. The model is designed in a hierarchical fashion with devices and facilities at the bottom, customer interactions at the top, and various required functionalities in the middle layers. The key to this model is the abstraction of each layer into software-defined components with standardized interfaces. Similar to other LLA models such as ITU-T TMN (Telecommunications Management Network), each horizontal layer supports the layer above in performing its business functions.
CSA Layered Approach
The interaction between various layers is through abstraction, orchestration, and API’s. The customers’ requests are processed from the top layer where orchestration fulfills the various components and provisions into the infrastructure using the API’s between the layers. Similarly, the Read More »
The theme of this year’s Cyber Security Awareness Month is “Our Shared Responsibility.” At Cisco, security is everyone’s responsibility – from our trustworthy development processes, to innovation enabling our customers and partners to address threats on end points, networks, and in the cloud. That is why Cisco is setting the industry standard for meeting the security needs demanded by the Internet of Everything (IoE).
Over the next six years, the number of devices connected to the Internet is going to reach 50 billion, creating some pretty unique opportunities and dilemmas as companies and industries are connecting people and devices to one another in ways we’ve never seen before, changing the way we work and live.
As the number of connected devices in the “Internet of Things” increases exponentially, organizations must keep security top of mind as the number and type of attack vectors increases alongside the quantity of data IoE creates. This shift is creating a daunting challenge for companies and those responsible to defend the infrastructure.
I recently did a video blog on the IoE from the security perspective. Take a look and let me know what you think in the comments.