Year: 2015

March 20, 2015 17 Comments
Avatar

Threat Spotlight: PoSeidon, A Deep Dive Into Point of Sale Malware

This post was authored by Andrea Allievi, Ben Baker, Nick Biasini, JJ Cummings, Douglas Goddard, William Largent, Angel Villegas, and Alain Zidouemba

 

Cisco’s Security Solutions (CSS) consists of information security experts with a unique blend of law enforcement, enterprise security and technology security backgrounds. The team works directly with Cisco’s Talos Security Intelligence & Research Group to identify known and unknown threats, quantify and prioritize risk, and minimize future risk.

When consumers make purchases from a retailer, the transaction is processed through Point-of-Sale (PoS) systems. When a credit or debit card is used, a PoS system is used to read the information stored on the magnetic stripe on the back of the credit card. Once this information gets stolen from a merchant, it can be encoded into a magnetic stripe and used with a new card. Criminal markets exist for this valuable information because the attackers are able to easily monetize stolen credit card data. Incidents involving PoS malware have been on the rise, affecting many large organizations as well as small mom-and-pop establishments and garnering a lot of media attention. The presence of large amounts of financial and personal information ensures that these companies and their retail PoS systems will remain attractive targets.

image14

Overview

There is a new malware family targeting PoS systems, infecting machines to scrape memory for credit card information and exfiltrate that data to servers, also primarily .ru TLD, for harvesting and likely resale. This new malware family, that we’ve nicknamed PoSeidon, has a few components to it, as illustrated by the diagram below:

PoSeidonimage10

At a high level, it starts with a Loader binary that upon being executed will first try to maintain persistence on the target machine in order to survive a possible system reboot. The Loader then contacts a command and control server, retrieving a URL which contains another binary to download and execute. The downloaded binary, FindStr, installs a keylogger and scans the memory of the PoS device for number sequences that could be credit card numbers. Upon verifying that the numbers are in fact credit card numbers, keystrokes and credit card numbers are encoded and sent to an exfiltration server.

Continue reading “Threat Spotlight: PoSeidon, A Deep Dive Into Point of Sale Malware”

Authors

Avatar

Talos Group

Talos Security Intelligence & Research Group

2 Comments
Avatar

Navigating Dark Data To Find Hidden Value in a Digital Era

Our world is rapidly connecting people, process, data, and things in ways that were unimaginable just a few years ago. The Internet of Everything (IoE) is at the heart of this transformation.

As more dark assets are “lit up,” organizations will receive an influx of valuable data that can lead to insights, knowledge, and opportunities. However, much of the data generated will be just beyond reach, frequently referred to as “dark data.” Continue reading “Navigating Dark Data To Find Hidden Value in a Digital Era”

Authors

Avatar

Joseph M. Bradley

Global Vice President

Digital & IoT Advanced Services

March 19, 2015 1 Comment
Avatar

Building a Successful Hybrid Cloud That Delivers Flexibility, Choice and Control

The debate about whether businesses need hybrid clouds is over. Technology executives see value in public clouds because they offer speed, economics, and scale that are very hard to achieve in a private cloud environment. On the other hand, private clouds offer control, data sovereignty, and security. Businesses need both, which means they need hybrid clouds. The question is; how can they successfully build them?

What makes a true hybrid cloud?

Hybrid clouds are like the Internet. When users connect a device, whether it’s a handheld or a laptop, or another machine, they don’t think twice about how these things are going to talk to each other. Similar to that, hybrid clouds are an “Intercloud” of clouds. That means that regardless of whether it’s a combination of a private cloud, a public cloud, or an extended set of clouds, the environments all work seamlessly together. They have consistent security and networking, and applications and workloads can be moved freely from cloud to cloud.
Continue reading “Building a Successful Hybrid Cloud That Delivers Flexibility, Choice and Control”

Authors

Avatar

Rahul Tripathi

Senior Director of Product Management and Marketing

Cloud & Virtualization Group

Leave a Comment
Avatar

OpenStack Podcast #24: Stu Miniman

You might recognize Stu Miniman as the host of theCube. Others know him as a Senior Analyst at Wikibon. But the tables turned in the 24th episode of OSPod!

In this episode, get the inside skinny on:

  • Stu’s roots in tech, including sales, engineering, product management, and strategy
  • OpenStack reality versus hype per the latest Wikibon survey data
  • Startup culture versus enterprise culture, and the need to innovate around old processes
  • How Docker really is changing everything
  • Career transformation and staying relevant as companies head for the cloud

https://www.youtube.com/watch?v=76XCnX8mH9w

For a full transcript of the  interview, click read more below.

Continue reading “OpenStack Podcast #24: Stu Miniman”

Authors

Avatar

Niki Acosta

OpenStack Evangelist

4 Comments
Avatar

How Important are Physical Routers in the move toward Virtualization?

nehib-1Guest blog by Greg Nehib, SP Product and Solutions Marketing

How important are physical routers in the move toward virtualization?

My one word response would be “very”. But the longer version would start with “it depends”.

Here’s the longer version:

It depends on your perspective. I remember when the Cisco 12000 Series GSR was introduced in the late 90’s. It started an arms race that would last for over a decade. The popular comparison at the time was all about who had the biggest router, or “speeds and feeds” as we used to describe them. 2015 offers us a very different networking discussion. People that design and operate networks are more interested in programmability and virtualization (a.k.a. SDN (Software Defined Networks) and NFV(Network Functions Virtualization). From Frederic Trate’s blog on Application Engineered Routing, you can see why this level of control is such an interesting and important place to start the discussion.

I would argue that in terms of talking points, “speeds and feeds” have taken a back seat in network design. After all, a bunch of static ports and traffic-engineered tunnels don’t lead us to the flexibility and scale that we all seek – or can they? Here are some instances where physical routers are still Continue reading “How Important are Physical Routers in the move toward Virtualization?”

Authors

Avatar

Greg Smith

Sr. Manager, Marketing

Cisco Solutions Marketing

2 Comments
Avatar

Continuous Delivery – realizing fast IT

For those following trends in the software industry, Continuous Delivery (CD) has been all the rage. What is it? Simply put – continuous delivery is the ability of a SaaS application to push new software into production multiple times per day. Typically, only the cloud software components are updated at this rate. Client code – either browser code or mobile applications – are updated at a pace between once a week and once a month.

As a software development team, continuous delivery is very exciting. But as the IT person that is the ultimate customer of SaaS applications, do you care about continuous delivery? The answer is -absolutely.

Rowan Trollope recently blogged about the importance of moving fast and innovating quickly. That is the essence of fast IT, and continuous delivery is the key to unlocking fast IT. This is because continuous delivery delivers three essential ingredients that make fast IT possible.

First, continuous delivery means better quality.  A SaaS application with continuous delivery will be able to measure and improve upon the performance, reliability and speed of the application in the hands of your own users. Every day you will see it get a little bit better. With continuous delivery, quality isn’t just about defect counts. With continuous delivery, Continue reading “Continuous Delivery – realizing fast IT”

Authors

Avatar

Jonathan Rosenberg

Cisco Fellow and Vice President

CTO for Cisco's Collaboration Business

Leave a Comment
Avatar

Converged Access Improves Wireless Performance at South Island School, Hong Kong

South Island School in Hong Kong is made up south island school 2of students from around the world, with 1,400 students from over 35 countries. One value that sets the school apart is its commitment to using technology in the classroom. For instance, every student has a laptop that they use to access e-books, watch educational videos, and complete homework assignments. Some exams are even taken digitally.

With wireless devices used daily by every student and faculty member, a stable network connection is almost as important as pencil and paper in classrooms. South Island School’s existing Cisco network had reached end of life, and the school needed to refresh the infrastructure with a network that could meet bandwidth needs for years to come.

“We looked at other vendors, but we were extremely impressed with how the existing Cisco equipment performed over the years,” says Victor Alamo, ICT manager at South Island Schools. “By upgrading to the latest Cisco access points and switches, we’d have an infrastructure that would keep up with our needs.” Continue reading “Converged Access Improves Wireless Performance at South Island School, Hong Kong”

Authors

Avatar

Alexey Zaytsev

Engineering Product Manager

IoT Business Unit

March 18, 2015 3 Comments
Avatar

Cisco Live Melbourne 2015

Exciting times! Cisco Live Melbourne 2015 started on the 17th with four packed days of technology updates and new solution launches. This year we are expecting a phenomenal crowd of more than 5700 attendees. Cloud, virtualization and SDN(Software Defined Networks)/NFV(Network Function Virtualization) are a big agenda for all our customers and you will find the latest here at Cisco Live with up to 16 concurrent sessions to choose throughout the day. Try your hands on one of many Self-paced Labs or show off your prowess at DevNet.

WOS_bicycles

And then, there is the World of Solutions @ Cisco Live. This year, the World of Solutions will have a wonderful village-like atmosphere complete with bus stands, trees and clouds amongst the Meet the Experts and CCIE corners. At Cisco, we believe that the future is about Connecting the Continue reading “Cisco Live Melbourne 2015”

Authors

Avatar

Khay Kid Chow

Customer Solutions Architect

Leave a Comment
Avatar

Women of Impact’s 2015 Fearless Female: Olivia Shen Green

Christine MorgnerGuest Blog and Interview by Christine Morgner

Olivia Shen Green was a valued member of Cisco for 8 years in various organizations including Supply Chain Management, Acquisition Integration, and the Office of Inclusion & Collaboration Group.  Recently Olivia left Cisco to pursue another opportunity.

During Olivia’s fearless pursuit to Connect, Empower, & Inspire women in the technology world, she founded the first women’s conference at Cisco.  In part, Olivia’s inspiration came from her mentor and manager at the time, Sonar Thekdi. Olivia credits Sonar as being a role model for how to be your authentic self.   Sonar had her back when the Women in Technology Forum was just a dream and assisted in securing senior leadership approval.

Olivia gathered passionate and outstanding leaders throughout Cisco Continue reading “Women of Impact’s 2015 Fearless Female: Olivia Shen Green”

Authors

Avatar

Rehana Rehman

No Longer with Cisco