security research

April 17, 2019

THREAT RESEARCH

DNS Hijacking Abuses Trust In Core Internet Service

1 min read

This blog post discusses the technical details of a state-sponsored attack manipulating DNS systems. While this incident is limited to targeting primarily national security organizations in the Middle East and...

July 20, 2016

SECURITY

Research Innovations in Simple Usable Security

3 min read

Every year the Symposium on Usable Privacy and Security brings together an interdisciplinary group of researchers and practitioners in human computer interaction, security, and privacy, to present and discuss the latest research in the areas of usable security and privacy. Cisco’s sponsorship of SOUPS supports student research and mentorship in this area (see below), as […]

November 16, 2015

SECURITY

An introduction to the new Cisco Network Visibility Flow Protocol (nvzFlow)

5 min read

As recently announced, Cisco AnyConnect 4.2 extends visibility to the endpoint with the Network Visibility Module (NVM).  Users are one of the most vulnerable parts of any security strategy, with 78% of organizations saying in a recent survey that a malicious or negligent employee had been the cause of a breach.  However, until now, IT Administrators […]

October 26, 2015

SECURITY

Calling all Incident Responders

1 min read

We are happy to announce the final schedule for IRespondCon, a conference that is specifically designed for incident responders. IRespondCon is held annually at OpenDNS HQ and offers a day of free training, presentations, and networking with some of the top information security engineers, instructors, and fellow responders. They’ll be showing how to use freely […]

February 18, 2015

SECURITY

New Must-Know Security Research for Midsize Organizations

2 min read

Midsize organizations are among the earliest adopters of new technologies. In general, they conduct much of their business over the Internet and are quick to embrace new apps, online payment systems, cloud, and Bring Your Own Device (BYOD) technologies. Fast adoption of innovations helps them to compete against larger organizations by meeting customer demands more […]

June 30, 2014

SECURITY

Threat Spotlight: A String of ‘Paerls’, Part One

5 min read

This post was co-authored by Jaeson Schultz, Joel Esler, and Richard Harman.  Update 7-8-14: Part 2 can be found here This is part one in a two-part series due to the sheer amount of data we found on this threat and threat actor. This particular attack was a combined spearphishing and exploit attempt. As we’ve seen in the past, this […]

November 4, 2013

SECURITY

Massive Increase in Reconnaissance Activity – Precursor to Attack?

2 min read

Update 2013-11-12: Watch our youtube discussion Update 2013-11-05: Upon further examination of the traffic we can confirm that a large percentage is destined for TCP port 445. This is indicative of someone looking for nodes running SMB/DCERPC. With that in mind it is extremely likely someone is looking for vulnerable windows machines or it is quite possible that […]

June 13, 2013

SECURITY

Scope of ‘KeyBoy’ Targeted Malware Attacks

2 min read

On June 6, 2013, malwaretracker.com released an analysis of Microsoft Office-based malware that was exploiting a previously unknown vulnerability that was patched by MS12-060. The samples provided were alleged to be targeting Tibetan and Chinese Pro-Democracy Activists. On June 7, 2013, Rapid7 released an analysis of malware dubbed ‘KeyBoy,’ also exploiting unknown vulnerabilities in Microsoft Office, similarly patched by MS12-060, […]