Talos recently spotted a targeted phishing attack with several unique characteristics that are not normally seen. While we monitor phishing campaigns used to distribute threats such as Dridex, Upatre, and Cryptowall, targeted phishing attacks are more convincing because the format of the message is personalized to the targeted user. This targeted attack was more difficult to detect because adversaries chose to leverage AutoIT, a well known freeware administration tool for automating system management in corporate environments. This notable characteristic made this attack worthy of further analysis.
Utilizing AutoIT within a payload is unique because it is a legitimate management tool. In this attack, AutoIT was utilized to install a Remote Access Trojan (RAT) and maintain persistence on the host in a manner that’s similar to normal administration activity. RATs allow adversaries to fully control compromised hosts remotely to conduct malicious operations, such as exfiltrating sensitive information. The use of AutoIT is potentially an extremely effective method of evading detection by traditional anti-virus technologies and remaining hidden on the system if it is used by the target to manage systems. The combination of a legitimate administration tool being used to install a back-door onto a target system is unique and is why this attack caught our attention.
Another characteristic of this attack that was notable is how adversaries went to great lengths to spoof a phishing message that would appear credible to the user. In this attack, an actual business was impersonated, using the logo and physical address of the business, in order to appear legitimate. The bait in this case is a Microsoft Word document containing a macro that downloads and executes a binary from hxxp://frontlinegulf[.]com/tmp/adobefile.exe.
Figure 1: A screenshot of the Word document, demonstrating how adversaries impersonated a real company to trick the target.
Last week, here, I started my 2 part blog on some of the top SAN design and deployment challenges we see. As I mentioned, I put this together with help from my SAN expert colleagues, Barbara Ledda and Wolfgang Lang. We are all part of the Cisco Services professional services team, where we experience first-hand the challenges of adopting new technologies including SAN.
Last week, we discussed the following challenges:
#1 Don’t assume that your server multi-pathing software is installed or working, or even licensed, or installed but never used/tested by your server team!
#2 Tendency to significantly over-estimate utilization on the SAN network.
Lets’ now discuss our challenges #3 – #5, which will discuss interoperability, expertise and architectural details respectively. Architectural details as it turns out is a key concern of some of you reading Part 1 of this blog – a few questions came in and you can view the discussion here (and thanks to my colleagues Venkat Kirishnamurthyi and Jing Luo for contributing to this discussion). With this in mind, you may find the Cisco MDS architecture discussion video here also useful.
“The future of many companies will depend on their willingness and ability to rethink their supply chains, to experiment with new processes and uses for data from Internet-connected objects that may change supply chains at their foundations.”
We often hear the terms Internet of Things (IoT) and Internet of Everything (IoE) or digitization. They have many definitions, but to me it’s fairly simple. IoT is about the instrumentation of discrete systems that “connect the unconnected” and pull data from devices that were previously unattainable or required physical proximity. On the other hand, digitization is really the innovation that occurs when you take these new connected systems and the information they provide and mash them together in previously impossible ways. One of the industries this is happening faster in than most is the manufacturing sector.
Over the last year Cisco’s supply chain organization and Flextronics launched a pilot program in Penang (Malaysia ) to explore the “Factory of the Future“ and its possible benefits. One of the priorities was to monitor energy consumption of the many diverse devices on the manufacturing lines as a means to better understand how energy was being used on Flextronics’ plant floor and what could be done to reduce its use and cost to the company.
This portion of the project was led by the Cisco Energy Management Team and it is estimated to save 20%-30% in energy usage, reduce greenhouse gas emissions in the supply chain, and expand the Cisco Energy Management solution from our IT roots into the IoT domain.
How it Works
Our energy management solution is a cloud-based software and analytics package that measures, monitors, and manages the energy consumption of any connected device. In the Flextronics instance it also required the deployment of sub meters located on the manufacturing shop floor.
Information from the devices is collected, displayed on a robust reporting visualization engine, and analyzed allowing for continued data monitoring, modeling of efficiency improvements, and automated system alerting. This level of sophistication enables automatic energy optimization using highly intelligent device control and management policies such as hibernating or gracefully powering off end devices. Additionally, the solution provides visibility into:
Power usage (baselines and trends)
Power analytics and device management to reduce consumption by changing behavior
Carbon emissions and reduction reporting
Utility bill analysis and many other data points
Optimization: Going Beyond Reduced Energy Consumption
Imagine having the visibility and agility to adjust the timing of runs to limit cost based on electricity and nitrogen gas costs during temperature testing. This energy information can be measured and visualized in manufacturing terms such as: areas of the factory (test, assembly), types of equipment (temperature chambers, chillers), and specialized views such as heaters, compressors, blowers and nitrogen gas flow.
Adding a data virtualization layer along with the Cisco Energy Management software suite, brings together a complete energy picture that includes IT devices, Operation Technology devices and IoT sensor data into a single enterprise-wide energy focused view. This delivers an extensive ROI model based not only on energy costs but data driven opportunities to improve operational workflows that help to cut costs.
Where We Are Today?
To date, we have nearly 1,300 devices instrumented to monitor energy data on Flextronics’ (Penang) assembly and test floors, its equipment (temperature chambers, chillers, heaters, and compressors), and on the specialized energy use of nitrogen flow.
We are in the final stages of correlating the many data sources such as device energy, shop floor equipment test schedules and the manufacturing production and test databases to determine all the ROI opportunities available for decreasing energy costs from the manufacturing business.
We believe this initiative will help manufacturing supply chains greatly reduce their energy consumption and save tens of millions of dollars in the process. With Flextronics Penang alone, conservative estimates show the company saving $85,000 a month or just over $1M a year in USD.
Whether it’s the manufacturing floor, institutions of education, or smart cities, our goal is to find new ways to connect the unconnected for the benefit of all. The Internet of Things (IOT) is the engine to make it happen and cutting-edge innovation will lead the way.
What does the future look like? Only time will tell but it is clear IoT opens the door to a world of limitless possibilities and innovation will continue to prove supreme in this virtual kingdom.
What are your thoughts and questions about instrumenting the factory floor as a means to reduce energy consumption? Leave your comments below.
Have you seen the vBrownBag Tech Talks at previous conferences or maybe checked them out on YouTube? If not, I highly recommend it. If you’re not familiar with vBrownBag it is actually several things! For one, it’s a weekly podcast (or videocast, really) with different guest hosts every week who usually give about an hour presentation and demo on various technologies. vBrownBag has also taken on a strong role at tech conferences by allowing presenters from every arena give lightning tech talks that are streamed live as well as recorded for later viewing on YouTube. In essence, it’s an awesome and free way to get and give information.
I’m excited about this panel session for several reasons. For one, I’m also a part of the vBrownBag crew so it’s always fun when these two worlds collide. More than that, though, is getting to hear these brilliant people talk about new features in Application Centric Infrastructure. While there are several new features in the new release of ACI, the panel will be concentrate on the new Troubleshooting Wizard, ACI Optimizer, which is a capacity planning tool, and last but not least the enhanced microsegmentation offerings. Not only are we utilizing dynamic end point groups to enable microsegmentation, we’ve also included a distributed firewall which can do stateful packet inspection between end point groups. Continue reading “vBrownBag Cisco ACI Panel Session at VMworld 2015”
The world is awash in data, and 90 percent of it was created in the last two years.1 In fact, every day we create 2.5 quintillion bytes of data2 and that number is growing exponentially. The explosive growth of the Internet of Things (IoT) promises to add to this data glut, with 40 percent of all data coming from sensors by 2020.3 Today, a jet engine may generate 1 terabyte of data in a single flight,4 and a major global retailer collects 2.5 petabytes of customer day each hour.5 Yet 99.5 percent of all this data is never used or analyzed.6
As more people, process, devices and data become linked together through the Internet of Everything (IoE), the benefits from those connections become more widespread. While IoE is often discussed in terms of the future, it is already helping employees more effectively perform their jobs, turning cities into energy- and cost-saving urban centers and redefining how state and federal government agencies serve their constituents.
Both personally and professionally, connecting the unconnected is changing daily life. This is no different in the defense and intelligence community, where IoE technologies are improving military operations at home and around the world. In fact, one of the best examples of IoE’s influence can be seen through the creation of smart and connected bases.
Bases are the hub of everyday life for millions of military servicemen and women around the world. They function like small cities, with everything from residences, hospitals, office buildings, police stations and more. Bases are vital to the everyday operations of our military and require significant investment to maintain their infrastructure and functionality. IoE connected technologies are helping daily processes and life on a base run more efficiently. Smart and connected bases save money, reduce wasted time and free up personnel to perform more mission-critical tasks.
For example, RFID sensor systems can support security at base entrances. These sensors can read an RFID tag on approaching cars to identify active duty service members. The guard on duty will receive an automatic signal notifying him or her that those vehicles are approved for automated entry, allowing service members to be admitted onto the base at an automatic gate kiosk. This reduces required manpower at the gate, decreases wait times during rush hour and allows security forces to focus on unidentified and unregistered vehicles that may pose a threat or require entry assistance.
Connected Mobile Experiences (CMX) Analytics helps you create personalized mobile experiences for mobile end users and gain operational efficiency with location-based services. CMX Analytics lets you tap into the visitors connected lifestyle and provide relevant mobile content while gaining meaningful data.
Cisco CMX Analytics allows mobile customers to connect through your onsite Wi-Fi. It opens a direct channel of communication to let you better understand and deliver what your guests truly want. The ability to capture new customers and engage with existing ones by delivering more value is essential to continued growth in all industries.
During our #CiscoChat on Tuesday, September 1 from 10-11 a.m. PST, @Cisco_Mobility will host the Twitter event and @Phunware will be asking questions and moderating the conversation. This will be an open discussion with the audience to ask questions, provide feedback and answer questions.
The Phunware CTO, Luan Dang and Cisco subject matter experts Darryl Sladden and Jagdish Girimaji will be discussing how CMX Analytics can tap into the lifestyle experiences in the retail, hospitality, transportation, healthcare, education, or government and visitors to your venue. Continue reading “#Ciscochat: CMX Analytics Creating Personalized Mobile Experiences”
If you’ve never heard about Cisco’s dCloud team, you’re about to. After this, you might think they’re Cisco’s best-kept secret, and the coolest team around.
dCloud’s Technical Lead Brian Villanueva and Program Manager Steve Dickson on the Cisco San Jose campus.
“We are using bleeding edge technology,” says Program Manager Steve Dickson (better known as dCloud Steve). “No one else is doing it like we’re doing it.”
Doing what, you ask? Cisco dCloud provides customers, partners and Cisco employees with a way to experience Cisco Solutions. From scripted, repeatable demos to fully customizable labs with complete administrative access, Cisco dCloud is your guide to all the Cisco goodness.
“For example,” says Technical Enablement Lead (Americas) Brian Villanueva, “Maybe you want to know how sausage is made. Or maybe you just want to enjoy the sausage. We have a learning solution based on what you want.”
“We have some of the sharpest people in their area of focus on this team,” Steve says. “It’s like joining a university faculty and sharing knowledge.”
One of those people is the team leader, Jason Angelus – director, Cisco dCloud. The dCloud team can’t say enough about him.
“We’re people first and treat each other like family,” Steve says. “We’re also probably the most diverse team at Cisco. Our ‘big cheese’ Jason is blind to color, gender, or whatever… what he does care about is bring the best talent and those that fit the ‘can do’ dCloud culture. We’re also encouraged to enjoy good home/work balance… not just all work. He cares about his team in a meaningful way, and we have fun together.”
The dCloud jacket is a trademark of the dCloud team!
One example of the family spirit on the dCloud team is that periodically there is an “All About Me” segment during their scheduled team call where they get a chance to learn more about each other The meeting facilitator asks new people to go off-script and share anything thing that they like that will help the team to learn about new team member, which builds trust on the team.
“Plus, Cisco allows dCloud to BE who we are,” Brian adds. “We’re not just contributing to the unknown. Cisco provides a clear vision, and inspires us to innovate. At dCloud, we actually feel like our work is contributing to Cisco, but also our greater community.”
Want to join the dCloud team? Or put your technology skills to work at a company that let’s you innovate like them? Then go apply at Cisco Careers.
Innovation has become an imperative for society at large. Whether it be entrepreneurs starting new ventures, large established corporations trying to defend their market position, or countries facing increased global competition, everyone is attempting to innovate. What does this mean? It means they turn new ideas into widely used practice.
The reasons are clear: the benefits from innovation are highly promising.
At a macro-economic level, the capability to innovate fuels countries’ global competitiveness. According to academic research, between 2010 and 2020, roughly a quarter of US productivity will be generated by innovation. And, as the economist William Baumol points out in his book The free market innovation machine “virtually all the economic growth that has occurred since the eighteenth century is ultimately attributable to innovation”.
There is strong consensus among policy makers that innovation is a main driver of economic progress and social well-being. It is a powerful tool to tackle societal challenges from resource scarcity and global warming, to poverty and health. Indeed, innovation has become a central pillar of national and regional economic policies. Horizon 2020 is an example. The European Union settled nearly EUR 80 billion of funding over seven years to boost research and innovation across different industries. This will undoubtedly help strengthen Europe’s global competitiveness.
To date, we have nearly 1,300 devices instrumented to monitor energy data on Flextronics’ (Penang) assembly and test floors, its equipment (temperature chambers, chillers, heaters, and compressors), and on the specialized energy use of nitrogen flow.
Have you seen the vBrownBag Tech Talks at previous conferences or maybe checked them out on YouTube? If not, I highly recommend it. If you’re not familiar with 
