security

4 min read

This article discusses the increasing prevalence of exploit kits and drive-by exploits being leveraged by cyber criminals to spread malware quickly and effectively. It also highlights the use of Cisco Cloud Web Security, particularly in conjunction with Cisco ASAs, to reduce the risk of your networks and users falling victim to these exploit kits.

3 min read

These days, the generation of data has become almost as constant as breathing. With every click or swipe, today’s mobile, hyperconnected consumers exhale an ever-expanding trail of digital details, revealing troves of information about their wants, needs, interests, well-being, and aspirations. All of that data offers great promise for retailers looking to know their customers […]

6 min read

Researchers from Kaspersky Lab have released information about a large-scale cyber espionage campaign called Operation Red October (otherwise known as Rocra). The report has garnered the attention of multiple news agencies and generated many published articles since the Kaspersky report has claimed that attackers were targeting hundreds of diplomatic, governmental, and scientific organizations in numerous countries. These reports indicate that the command-and-control (C&C) infrastructure that is used on these attacks receives stolen information using more than 60 domain names to hide its identity. Furthermore, this information appears to be funneled into a second tier of proxy servers. These are very clever attacks that many are now claiming have been taking place for more than five years! Red October is being compared with other malware that has been associated with cyber espionage such as Duqu, Flame, and Gauss.

1 min read

Are you in the market for a new car in this year? Automotive retailers compete for your business in one of the most competitive industries, so reducing infrastructure and operating costs is key to selling you a car at the price you want. Hendrick Automotive Group is the second largest privately held automotive retailer in […]

3 min read

I have been coaching youth sports for the past seven plus years now and one of my common mantras when speaking to the girls and boys each season is that “we will win as a team and lose as a team.”  In other words, I will never tolerate one player acting selfishly enough to think […]

2 min read

This is our final post in the series of SecCon-related articles. This post drives home the point made by Cisco's senior executives at the SecCon conference - security must be pervasive in every aspect of every product we design, develop, and deploy. It’s what our customers expect, and SecCon is one of the major delivery vehicles for creating a unified front within the engineering community as part of Cisco’s evolution towards the “Internet of Everything”.

3 min read

Here's the fourth in a series of posts revolving around the recently held Cisco SecCon 2012 (December 3-6) security conference. This post zeroes in on the fact that software vendors need to start focusing (more) on the overall security and quality of software, not just on the implementation of security features in products.

1 min read

Here's the third in a series of posts revolving around the recently held Cisco SecCon 2012 (December 3-6) security conference. The focus of this post is on the Cisco Secure Development Lifecycle (CSDL), Cisco’s approach to building secure products and solutions, and specifically the release of two Cisco documents that have been an integral part of CSDL: “Linux Hardening Recommendations For Cisco Products” and “Product Security Baseline Linux Distribution Requirements."

4 min read

Here's the second in a series of posts discussing how Cisco SecCon 2012 (December 3-6) brought together hundreds of engineers, live and virtually, from Cisco offices around the globe with one common goal: to share their knowledge and learn best practices about how to increase the overall security posture of Cisco products.