security

2 min read

Update 2014-01-10: This malicious campaign has expanded to include emails that masquerade as bills from NTTCable and from VolksbankU Update 2014-01-21: We’ve updated the chart to include the Vodafon emails and latest URL activity English language has emerged as the language of choice for international commerce. Since people throughout the world are used to receiving English […]

4 min read

One of the things I like best about Cisco’s focus on security is the internal SecCon conference we put on each year. It focuses on security threats, defenses, and innovation. Although I participate as a trainer, organizer, and reviewer, my favorite role this year was as an attendee. The conference theme, The State of the […]

2 min read

The website of the OpenSSL project, which provides a widely-used SSL/TLS implementation, was breached on 29th December and defaced (OpenSSL.org announcement). This defacement only affected the website of the project, however. The OpenSSL project has since checked the cryptographic hashes of the OpenSSL source code and confirmed that the source code has not been modified […]

3 min read

A thief on the loose you say, at Cisco Systems, in San Jose? Turns out he was invited. Apollo Robbins was one of the headliners for Cisco SecCon in San Jose during the first week of December. Mr. Robbins taught us an important lesson about security: seeing is not always believing. Apollo demonstrated the art […]

2 min read

Securing the Critical Internet Infrastructure is an ongoing challenge for operators that require collaboration across administrative boundaries. A lot of attention has been given in recent years to securing the Domain Name System through a technology called DNSSEC. However, in the last couple of years, the attention has shifted to the security of the Internet […]

7 min read

Security intelligence, threat intelligence, cyber threat intelligence, or “intel” for short is a popular topic these days in the Infosec world. It seems everyone has a feed of “bad” IP addresses and hostnames they want to sell you, or share. This is an encouraging trend in that it indicates the security industry is attempting to […]

1 min read

Proxy auto-config or PAC files are commonly used by IT departments to update browser settings so that internet traffic passes through the corporate web gateway. The ability to redirect web traffic to malicious proxy servers is particularly attractive for malicious actors since it gives them a method of intercepting and modifying traffic to and from […]

2 min read

Cisco will host a live backbone switching webcast on Wed Dec 4, 2013 to discuss BYOD, mobility, security and how Cisco backbone switching addresses these customer needs. This is the second webcast in the Cisco switching webcast series. You can view the first one, Cisco access switching webcast, at any time as it is now […]

1 min read

Securing critical internet infrastructure is an ongoing challenge for operators that require collaboration across administrative boundaries. Last September, something exceptional happened in the small South American country of Ecuador: the entire local network operation community got together to be pioneers in securing the local Internet infrastructure by registering its networks in the RPKI system and […]