Cisco Blogs


Cisco Blog > Security

New Email Security Release Adds Graymail Protection, Web Interaction Tracking, AMP Threat Grid, and More

Each day more than 100 billion corporate email messages are exchanged1. Who doesn’t need to do a little housekeeping and eliminate unwanted emails? But you need to think twice before you click on “unsubscribe.”

As you likely read in the 2015 Cisco Annual Security Report, attackers are using applications users inherently trust or view as benign, like web browser add-ons, to distribute malware. One of the latest phishing techniques is graymail – directing the “unsubscribe” link at the bottom of a seemingly innocuous marketing email to a malware infested website. Many of us click on these links without a second thought. But instead of ridding ourselves of unwanted emails, we’re actually opening ourselves up to an attack.

This is just one example of how attackers continue to innovate, and Cisco does as well. Our new AsyncOS release for Cisco Email Security Appliance (Cisco ESA) demonstrates how Cisco empowers you with a threat-centric approach to security and more comprehensive management control.

Read More »

Tags: , ,

Understanding Logjam and Future-Proofing Your Infrastructure

On May 19th, 2015 a team of researchers (Henninger et. al) published a paper with the title “Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice”.

The paper can be divided in two sections: 1) discrete logs on a 512-bit Diffie-Hellman (DH) group, and 2) a new attack against the Transport Layer Security (TLS) protocol. We’ll review both sections.
Read More »

Tags: , ,

#CiscoChampion Radio S2|Ep 20. Talos

CiscoChampion200PXbadge#CiscoChampion Radio is a podcast series by Cisco Champions as technologists. Today we’ll be talking about the Talos Security and Intelligence Research Group with Sr. Technical Leader / Security Outreach Manager Craig Williams.

Listen to the Podcast.

Learn about the Cisco Champions Program HERE.
See a list of all #CiscoChampion Radio podcasts HERE.
Ask about the next round of Cisco Champions nominations. EMAIL US.

Cisco SME
Craig Williams, Sr. Technical Leader / Security Outreach Manager
Blogs by Craig Williams
Craig Williams (@security_craig) on Twitter

Cisco Champion Guest Hosts
Jake Gillen, @jakegillen, Senior Security Engineer

Moderator
Brian Remmel (@bremmel) Read More »

Tags: , , ,

Securing the Internet of Things: A Proposed Framework

By 2020, the number of connected devices is expected to grow exponentially to 50 billion. The world of interconnected objects will have it’s data collected, analyzed and used to initiate action, which will provide a wealth of intelligence for planning, management, policy and decision-making.

Man on Mobile Device

Important information will be pushed out to machines, to individuals, and to Read More »

Tags: , , , , ,

Trojanized PuTTY Software

This post was authored by Cisco CSIRT’s Robert Semans, Brandon Enright, James Sheppard, and Matt Healy.

In late 2013­­­–early 2014, a compromised FTP client dubbed “StealZilla,” based off the open source FileZilla FTP client was discovered. The attackers modified a few lines of code, recompiled the program, and disbursed the trojanized version on compromised web servers. This new attack appears to involve the same actors who reused the same techniques to alter the source code of the widely used open source Telnet/SSH client, PuTTY, and used their network of compromised web servers to serve up similar fake Putty download pages. This new campaign is like the StealZilla campaign in almost every way. Read More »

Tags: ,