I recently received an interesting email from Heiko Bauke about a new C++-based message-passing library that he is working on called MPL.
His library aims to make a simple-to-use library that exploits the features available in modern C++ compliers — it’s not a simple 1:1 mapping of C-to-C++ bindings like the MPI 2.x C++ bindings were.
The security of our customers is critical, and when needed, we pull out all stops to protect them.
Cisco participates in a large ecosystem of partners, industry peers (yes, that includes competitors), and non-profits that provides insight and awareness into a multitude of security threats. We also have deep internal expertise. The Cisco Talos organization is focused on threat research and content for our security offerings, our Information Security teams protect Cisco’s own network, and our PSIRT organization delivers coordinated vulnerability management.
Together these teams and partners represent a powerful ally for Cisco customers, working around the clock to develop robust detections and protect the integrity of Cisco IOS devices.
Our Talos team, along with one of our ecosystem partners Shadowserver, have been scanning to detect potential exposure to the malware now known as SYNful Knock. Many of our enterprise and service provider customers have seen the increase in scanning from Shadowserver to detect the related Indicators of Compromise (IOCs).
Shadowserver has established reporting capabilities, and at our request, additional data will now be included for potential matches to the SYNful Knock IOCs. Existing ShadowServer customers will benefit from this additional reporting soon. If you are not currently receiving their reports, you can request service on their website.
We believe this activity supports Cisco efforts that are already underway to identify and alert customers to potential exposures. It adds to the conversations we’re having with customers about the need for broad-based risk assessment, containment, and remediation. Our focus is on the integrity of Cisco devices, for this set of IOCs and beyond.
You can read my earlier blog posts on this subject: SYNful Knock: Detecting and Mitigating Cisco IOS Software Attacks and SYNful Knock: Protect Your Credentials, Protect Your Network to obtain more information about protecting your credentials and infrastructure, as well about techniques for detecting and mitigating attacks against Cisco IOS Software.
We remain focused on leveraging the benefits of our extensive industry relationships for our customers, and sharing the information needed they need to respond to a changing threat landscape.
As a reminder, you can find more about Cisco’s response to SYNful Knock on our Event Response Page.
Delivering on the promise of Big Data and Analytics takes an ecosystem of partners who collaborate to integrate the underlying technologies so your organization can turn data into business value – faster. That’s why Cisco and MapR are teaming to deliver integrated solutions that are transforming the way organizations deploy and capitalize on the value of Hadoop technology.
The Cisco UCS Integrated Infrastructure for Big Data with MapR solution combines the MapR Distribution including Apache Hadoop with Cisco UCS Integrated Infrastructure for Big Data, which unifies computing, storage, connectivity, and management capabilities. This validated solution delivers an industry-leading architectural platform for Hadoop-based applications.
https://instagram.com/p/76fBlZNNqg/
Cisco and MapR continue to innovate to enable new customer use cases. MapR Senior Solutions Architect, Dr. James Sun, provides an excellent example on his latest blog on Dockerizing Apache Webservers with Cisco UCS, Apache Mesos and MapR.
Continue reading “Cisco UCS and MapR Transform Delivery of Hadoop Technology”
Guest Blog by Ron Graham ![Ron_graham[1]](https://blogs.cisco.com/gcs/ciscoblogs/1/Ron_graham1.jpg)
Ron Graham had served as a Data Center Architect and Systems Engineer for some of the largest IT companies in the U.S. including Cisco Systems, NetApp, Sun Microsystems, and Oracle. He is currently working for Cisco Systems as a Big Data Analytics Engineer.
What is Data Virtualization? Our definition is: Agile data integration software that makes it easy to access all your data no matter where it’s managed, and query it across the network as if it were in a single place. I like to say it differently – the real value lies in its ability to provide business users with a single high-level view of data that is spread across their infrastructure.
Data Virtualization is essentially middleware software that leverages a high-performance query engine and can utilize advanced computer architectures such as Cisco UCS. It’s a virtual data integration layer that can deliver data from multiple sources that are loosely coupled or have little or no knowledge of the other components. Of course this is done in a logically organized manner as show by the diagram below.
This is all nice but where is the beef, or the sex appeal? The sexy part is in the front-end business intelligence platforms and data visualization tools that can access and analyze data such as Tableau. Tableau can simply access data through the Cisco Data Virtualization with an ODBC driver. From here, business users can query data on demand from a single point of access (i.e. a common data model) without having to understand the different schemas or SQL dialects of the original data sources.
In so many parts of life, the passing of time is a benefit. Wine and whisky mature, intelligence is gained, and friendships grow stronger. For those of us working in IT security, however, the passing of time brings new challenges. Prolonging the use of older technology exponentially increases risk and the resulting problems can cost more than recommended maintenance/upgrades.
Let’s consider three facts:
Consider these facts together and what is the conclusion?
Interest in IT security has never been higher. So when a new type of attack comes along, it attracts the attention of our customers and others in the industry.
Earlier this week Cisco and Mandiant/Fireye released information about the so-called SYNful Knock malware found on Cisco networking devices. You can read my earlier blog on this subject here: SYNful Knock: Detecting and Mitigating Cisco IOS Software Attacks.
This attack isn’t caused by a problem or vulnerability with a Cisco product. It results from an attacker stealing administrative credentials or getting physical access to a networking device, allowing them to load a modified version of operating system software.
Just as technology advances, so too do the nature and sophistication of attacks. Although Mandiant’s research focuses on a specific piece of malware, we believe that it is an example of an evolution of attacks. Attackers are no longer focusing just on disruption, but on compromising credentials to launch an undetected and persistent attack.
For many years we’ve known that networking devices and their credentials are high-value targets for attackers. There has always been a need to protect them accordingly. This was something we reinforced last month in this security bulletin: Evolution in Attacks Against Cisco IOS Software Platforms
We know this is an important topic for our customers, so have created an on-demand webcast outlining how to detect and remediate this type of attack:
https://youtube.com/watch?v=KlcpPpHEfYg+
The webcast also continues the conversation about good operating procedures, like network hardening and monitoring, that can help prevent this type of attack. The resources it describes can also be found on our Event Response Page.
If you have any additional questions about SYNful Knock, including how we can help implement some of these recommendations, please speak with your Cisco account manager.
If you are experiencing immediate technical challenges and require support, the Cisco Technical Assistance Center (TAC) is here to help.
And if you’re a member of the press with questions, please contact my PR friends at media_pr@cisco.com.
Today, in universities around the world, leading professors are looking for top notch PhD students and researchers to push the boundaries and explore areas that will enable tomorrow’s technology innovation. To have a preview of what the future could look like, we at Cisco asked 60 leading academic professors in Electrical Engineering (EE) and Computer Science (CS) in 25 top universities worldwide the following question: “What areas of research will you be focusing on going forward?”.
Here are 4 things, which we learned from their passionate and fascinating answers:
#1 – The Pending End of Moore’s Law
The Interviewed Professors generally see Moore’s law coming to an end in the next 5-10 years (predictions of the end of the law are almost as old as the law itself…). It looks like smaller transistors can still be developed but at a high cost. Although not really about physical limits, but rather an economic issue, significant research is taking place to find alternative improvement mechanisms beyond reducing size. For example, replacing signal wires with optical signals, increasing energy efficiency, or using smarter data processing allocation between devices and the cloud.
I was reading the latest ACG Research report on Mobile IP Infrastructure and reflecting how the importance of the IP Packet Core has evolved, and how the technology leaders in this area have also evolved.
Back in the “3G era” the Packet Core sat alongside the Voice Core, and was considered an adjunct to the Radio Access Network. The traditional RAN vendors would often bundle the core as part their end-to-end contract. Since initial data services where Mobile Broadband, and monetisation was just based on volume, 3G Packet Cores were all about “feeds and speeds”.
With 4G/LTE the all-IP nature makes the Packet Core the heart of Continue reading “Leading the Evolution of the Mobile Packet Core”
![Cisco_Chat_Industrial Security_TWITTER[1]](https://blogs.cisco.com/gcs/ciscoblogs/1/Cisco_Chat_Industrial-Security_TWITTER1-550x275.jpg)
Manufacturing is undergoing radical advancements, much like the ones we’ve seen in healthcare and education, thanks to the Internet of Everything (IoE) and all of the people, data, processes and things it connects.
By 2020, it’s estimated that there will be 50 billion devices and objects connected to the Internet, including many of the devices in the manufacturing world. “Smart” factories where machines “talk” to one another, fleet vehicles such as trucks and forklifts with sensors that monitor their movements, and even wireless inventory tracking devices are all in play at manufacturers across the globe. Manufacturers are embracing a new generation of Machine-to-Machine (M2M) and Person-To-Machine (P2M) systems, as well as mobile applications and cloud-based services that drive efficiency and innovation across their value chain.
All of these connected “things” and processes allow manufacturers to Continue reading “#CiscoChat: Industrial Security: Critical for Digital Manufacturing?”