Cisco Blogs


Cisco Blog > Security > Threat Research

Talos Discovered Three More Vulnerabilities in Pidgin

This post was authored by Yves Younan and edited by Armin Pelkmann

Table of contents

CVE-2014-3697, VRT-2014-0205
CVE-2014-3696, VRT-2014-0204
CVE-2014-3695, VRT-2014-0203

Cisco Talos is announcing the discovery and patching of another three 3 CVE vulnerabilities in Pidgin (An open-source multi-platform instant messaging client -- see wikipedia page). These vulnerabilities were discovered by our team and reported to the Pidgin team. They were found during our initial look at Pidgin which resulted in the first 4 vulnerabilities released in January, but were reported to Pidgin a little later and took longer to get patched. Now that these vulnerabilities were patched in the latest version of Pidgin, 2.10.10, we want to publicly disclose our findings.

 

The first vulnerability (CVE-2014-3697, VRT-2014-0205) is in the routines Pidgin uses to handle smiley and theme packages in Windows. These packages can be downloaded from websites and installed by dragging and dropping them to Pidgin. The packages are TAR files and Pidgin handles them by un-tarring the files to a specific directory. Read More »

Tags: , , , , , ,

Building the Platform for the Internet of Everything

We are embarking on a new technological journey that will fundamentally change forever the economy, society and the way that we live.  Wired magazine described a new era where “the most mundane items in our lives can talk wirelessly among themselves, performing tasks on command, giving us data we’ve never had before.”  The Internet of Everything (IoE) is a world where up to 50 billion things (or devices) will be connected to the Internet by 2020; or, the equivalent of 6 devices for every person on the planet.

Businesses are beginning to completely re-design their processes, operations and business models to benefit from this new era.  We are already starting to see the emergence of smart cities, connected utilities, connected railways, connected factories, connected cars, and even connected mines, to name but a few.  All industries are looking to IoE as a breakthrough technology to help them optimize their business, enter new markets and enhance their relationship with their customers.  This is why industry analysts, like IDC, estimate that businesses will spend up to $20 trillion over the next three years to realize the promise of the Internet of Everything.

But, The Internet of Things is More Than Just “Things”.  As I described in this recent article, the Internet of Things is really a short-hand for the four technology pillars (mobility, cloud, big data and things), wrapped in security, that are forging a revolutionary new, and revolutionary, connected world.  Successful IoE implementations don’t happen in isolation or independently.  Cisco is discovering that successful implementations require a technical and business platform into which different solutions can be easily plugged to efficiently and effectively achieve the promised business benefits.  The cornerstones of this IoE platform include a robust connectivity and technology infrastructure, operational and management services and a range of vertical and horizontal solutions.

IoE Impressions 11.6

In Cisco’s experience, all IoE implementations require all of these technical and business elements to be successful.  Our vision is that effective IoE deployments will build an IoE platform that can be extended across the business, or even entire industries, to deliver a range of unique, value-added IoE solutions.

Starting from the bottom, the layers comprise:

  1. Network Connection – connecting all of the solutions, data and applications through fiber backhaul or licensed cellular.
  2. Network Access – a managed Wi-Fi, or other unlicensed wireless network, to connect all of the sensors and applications.
  3. Technology Platform – a platform to allow new devices and solutions to readily and securely “plug and play” into the overall architecture, and to connect to cloud storage and compute services.
  4. Vertical and Horizontal Solutions – the combination of devices and applications that deliver the unique solutions for different vertical and horizontal industry segments.
  5. Platform Monetization – in some verticals, like smart cities and B2C, opportunities exist to leverage the platform and network to create new sources of revenue.
  6. Shared Operating Platform – a shared platform to consolidate the management, customer care and service issues across all of the solutions.
  7. Professional Services – services to support areas such as systems integration, planning and design.
  8. Program Leadership – services to program manage the entire implementation, operations and partner ecosystem.

Successfully deploying and capturing the tremendous potential benefits of IoE is not just about cool things and applications.  A comprehensive technical, operations and management IoE platform is required to turn vision and promise into reality.

Want to learn more and chat with our Cisco subject matter experts? Tweet us @CiscoSPMobility.

Tags: , , , , , , , , , , , , , , , ,

A Dynamic Integration: FireSIGHT and ISE

With the security landscape constantly evolving and attackers innovating at the rapid pace, it is important that we keep up with attackers.  For this reason we have based our security on imperatives like being visibility-driven and platform-based.

Organizations need total visibility of their environments for full contextual awareness, ultimately enabling better network protection, since we can’t protect what we can’t see.  The imperative of being platform-based is also important for more simplified architectures with fewer security devices that smoothly integrate with existing IT environments, capable of sharing deep contextual data.

These imperatives working in concert mean defenders can now move towards security systems that see everything and share context and intelligence for correlation to dynamically apply controls in real-time based on what is seen and learned.

These imperatives are also central to the Identity Services Engine (ISE) and its partner ecosystem powered by Platform Exchange Grid (pxGrid) to share contextual information between platforms for better visibility, mobile device compliance, cyber threat defense, threat remediation, network troubleshooting and IoT security.

The continued integration of Cisco and Sourcefire continues to show the commitment to an evolving and powerful security portfolio, based on these imperatives.  Today we unveil another integration: Cisco ISE with FireSIGHT Management Center using pxGrid.

FireSIGHT Management Center is the management console for Cisco ASA with FirePOWER Services and Cisco FirePOWER appliances providing total, real-time network visibility and security automation.  Cisco ISE is our security policy management platform unifying and automating secure access control to enforce role-based access to networks and network resources.

Now, corporate environments with networks that contain both FireSIGHT and ISE can use them together for threat detection and quarantine.

Cisco ISE leverages pxGrid technology to integrate with FireSIGHT so it can collect identity contextual information from ISE for identity-based event logging as well as specifying quarantine actions for remediation.  Simply put, when an AMP for Endpoints malware detection appears in FireSIGHT, it dynamically instructs ISE to quarantine the infected endpoint.

With FireSIGHT and ISE working together for more dynamic controls, we drive further momentum after introducing Cisco ASA with FirePOWER Services and incorporation of Advanced Malware Protection (AMP) on Cisco content security products.

To install please visit the Cisco support community or visit our booth at Cisco Live Cancun November 3-6 for a demo.  For information on ISE, please see our recent post on the Cisco Identity Services Engine (ISE) and its expanding technology partner ecosystem.

Tags: , , , , , ,

Ensuring Security and Trust Stewardship and Accountability

In our increasingly interconnected world, the Internet of Everything is making trust a critical element of how people use network-connected devices to work, play, live, and learn. The relentless rise in information security breaches underscores the deep need for enterprises and governments alike to trust that their systems, data, business partners, customers, and citizens are safe.

Consequently, I see an evolution taking place regarding accountability in cybersecurity moving up to the boardroom level, an issue I discussed earlier this year in Fortune. In a recent Information Systems Audit and Control Association (ISACA) report, 55 percent of corporate directors revealed that they have to personally understand and manage cyber as a risk area. The National Association of Corporate Directors recently published a document on corporate directors’ ownership and management of risk in cyber for public companies. In March of this year, an SEC commissioner said that the SEC plans to create a requirement for corporate directors regarding managing cybersecurity as a risk.

Read More »

Tags: , , , , ,

ASA now with FirePower Services?

October 29, 2014 at 1:08 pm PST
ASA and SourceFire

ASA and SourceFire

Traditional network security solutions have been built from disparate point technologies that create gaps in traditional defenses that sophisticated attackers exploit. With an integrated approach, organizations gain the full contextual awareness and dynamic controls necessary to automatically assess all threats, correlate intelligence, and optimize defenses to protect modern enterprise networks. An integrated threat defense also considers both network and endpoint perspective across the extended enterprise. Contrast this with point solutions that lack the visibility needed to spot multi-vector threats and to see what users, applications, content and devices are on the network and what each are doing.

 - Watch the Entire Show Right Now - 

In today’s dynamic network environment, point solutions lack the visibility and control required to implement effective security policy to accelerate threat detection and response. In addition, disparate solutions add to capital and operating costs and administrative complexity. They also result in higher implementation costs to integrate with the existing IT environment, work stream, and network fabric.  By integrating defense layers, organizations can enhance visibility, enable dynamic controls, and provide advanced threat protection that address the entire attack continuum – before, during, and after an attack

Cisco ASA with FirePOWER Services is a new, adaptive, threat-focused next-generation firewall that delivers superior, multi-layered protection, improves visibility, and reduces security costs and complexity. It provides integrated threat defense for the entire attack continuum by combining proven ASA firewall skills with industry- leading Sourcefire next-generation IPS and advanced malware protection.

But haven’t we heard this all before? 

 

Tags: , , , , ,