Year: 2017

May 12, 2017 Leave a Comment
Avatar

Threat Round-up for May 05 – May 12

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between May 05 and May 12. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically protected from these threats.

As a reminder, the information provided for the following threats in this post is non-exhaustive and current as of date of publication. Detection and coverage for the following threats is subject to updates pending additional threat or vulnerability analysis. For the most current information, please refer to your FireSIGHT Management Center, Snort.org, or ClamAV.net.

Read more »

Authors

Avatar

Talos Group

Talos Security Intelligence & Research Group

1 Comment
Avatar

Jaff Ransomware: Player 2 Has Entered The Game

This post was written by Nick Biasini, Edmund Brumaghin and Warren Mercer with contributions from Colin Grady

Summary

Talos is constantly monitoring the email threat landscape and tracking both new threats as well as changes to existing threats. We recently observed several large scale email campaigns that were attempting to distribute a new variant of ransomware that has been dubbed “Jaff”. Interestingly we identified several characteristics that we have previously observed being used during Dridex and Locky campaigns. In a short period of time, we observed multiple campaigns featuring high volumes of malicious spam emails being distributed, each using a PDF attachment with an embedded Microsoft Word document functioning as the initial downloader for the Jaff ransomware. While Cisco customers were already automatically protected against this threat, we decided to take a deeper look at this threat and its possible implications across the threat landscape. We have outlined the infection process and additional relevant information regarding this threat in detail below.

Read More >>

Authors

Avatar

Talos Group

Talos Security Intelligence & Research Group

1 Comment
Avatar

Vulnerability Spotlight: Hangul Word Processor Remote Code Execution Vulnerability

Talos is disclosing the presence of a vulnerability in Hangul Word Processor. Published by Hancom inc. the Hangul Office Suite, of which Hangul Word Processor is part, is the leading word processing and office productivity suite in South Korea. This vulnerability allows attackers to craft a malicious document that when opened, allows the attacker to cause arbitrary code to be executed on the victim’s system.

Read More >>

Authors

Avatar

Talos Group

Talos Security Intelligence & Research Group

May 11, 2017 4 Comments
Avatar

Orchestrated Assurance: What is it and why do I need it?

Service Providers aim to deliver network services faster with assured customer quality.  But, as networks are becoming increasingly software-defined and programmable, the rate at which they change is also rising, driven by network-on-demand offerings and self-service portals. In this dynamic environment, traditional test and assurance solutions just cannot keep up, and if they can, they bring unacceptable operational costs. These traditional hardware-bound solutions also hobble agility and innovation, and in today’s evolving networks, innovation is key to staying competitive.

Model-driven Orchestrated Assurance offers an approach to bridging the gap between service fulfillment and assurance. Software-based test agents, which are well suited to a dynamic network environment, perform end-to-end activation tests and active monitoring that are automated throughout the full service lifecycle in closed-feedback loops. This enables Service Providers to automatically validate SLAs, discover issues earlier, and resolve problems faster.

Cisco has a solution to this challenge!  We are pleased to announce the availability of Cisco Orchestrated Assurance powered by Netrounds.  Netrounds, a leading provider of active, programmable test and service monitoring solutions for communications service providers (CSPs), has become an official member of the Cisco SolutionsPlus Program. This means that CSPs worldwide are able to approach Cisco and approved Cisco partners to purchase Netrounds as a validated solution and addition to Cisco Network Services Orchestrator (NSO). This allows CSPs to incorporate automated activation testing as an integral part of the NSO Service Activation process and subsequently monitor services in an active manner following successful activation for improved customer experience.

Through the integration of Netrounds and Cisco NSO, telecoms operators and CSPs are able to:

  • Actively verify that services work once provisioned by Cisco NSO – by generating real world traffic to ensure services are delivered correctly before end users are exposed to a service and delivering birth certificates to key stakeholders.
  • Ensure that provisioned services continue to work over their lifetime – using active measurements for enhanced service quality insights from the end users’ view.
  • Resolve problems faster – utilize remote testing capabilities to automate advanced test scenarios through Cisco NSO and to test across layers, services, and domains.
  • Minimize manual and field test efforts – by automating test sequences and by using remote troubleshooting to reduce manual field efforts, dispatching technicians to fix problems, not to find them.

“This proven integration between Netrounds and Cisco NSO allows our customers to introduce automated assurance into their networks with confidence and ease,” said Mats Nordlund, CEO and co-­founder of Netrounds. “Adding Netrounds to the Cisco SolutionPlus Program and enabling our customers to purchase Netrounds directly from the Cisco price list further adds to that ease of deployment.”

Mats Nordlund, Netrounds CEO and co-founder

“Partnering with Netrounds will allow our customers to achieve greater automation and assured agility of network services, allowing them to drive revenue growth and reduce operational concerns when deploying new services,” said Charles Stucki, vice president and general manager of Network Function Virtualization (NFV) Business Unit, Cisco. “Cisco’s NSO technology is a key NFV solution that can help enable faster and more flexible delivery of existing and new services.  By combining Netrounds with NSO, customers can manage and assure these services throughout the entire service lifecycle in a completely automated way.”

Charles Stucki, VP & general manager of Network Function Virtualization (NFV) Business Unit, Cisco

 

Register to view our special Cisco Knowledge Network webinar (available for viewing on demand now) here featuring Netrounds’ Dr. Stefan Vallin and Cisco’s NSO Technology Director, Carl Moberg. We explain how the proven integration between the market-leading Cisco NSO and Netrounds’ Orchestrated Assurance solutions enables customers to introduce automated assurance into their networks with confidence and ease.  We additionally share real-life use case examples of the business benefits that can be yielded through network orchestration and automation.

View our recent press release: “Netrounds Added to the Cisco SolutionsPlus Program to Expedite Deployment of Automated Network Assurance” here

To find out more about what Cisco Orchestrated Assurance powered by Netrounds can do for your business view our Solution At a Glance here.

To learn what Cisco Network Services Orchestrator can do for your business, visit www.cisco.com/go/nso.

In addition, if you are joining us in Las Vegas for Cisco Live US on June 25 -29, 2017, visit the Cisco booth, which will feature demos of Cisco® Network Services Orchestrator (NSO) and Cisco Orchestrated Assurance powered by Netrounds.

Authors

Avatar

John Malzahn

Senior Marketing Manager

Service Provider Cloud Solutions

2 Comments
Avatar

Bridging the Digital Divide at the Montebello Unified School District

Expanding student horizons with help from ConvergeOne and the Cisco partner ecosystem.

It’s east of Los Angeles. With 85% of kids on free or reduced lunch. But many of the staff and teachers at the Montebello School District were students there not long ago. And they’re back, teaching, leading, looking for ways to level the playing field. The biggest issue? Access to technology.

When they called us, we put them in touch with ConvergeOne, one of our Cisco Ecosystem partners with a successful SLED practice. What began as a tool to automate attendance turned into a multi-year digital transformation strategy.

ConvergeOne says…

Our goal was to modernize the entire school district. We started with a Right Foundations assessment. We went from closet to classroom to understand the environment, the gaps, the limitations, and what’s already in place. We discovered that Montebello was basically 30 years behind. No reliable wi-fi. Hand built servers in their data center. Nothing was even connected, much less automated.

We started with the core in the data center. Their security posture. And, from there, towards the campus cores, over high speed connectivity and finally pushing towards each individual classroom where it could have the biggest impact on learning models and methodology of teachers and students.

It was more than any one company could do alone, which is why we rely on partnerships. We pulled together a team of eight other Cisco partners whose expertise combines to deliver this entire end-to-end solution.

We’ve come a long way already. The data center is finished. We’ve built 27 computer labs and installed over 1,200 all- in-one desktops. The next step is fiber optic connectivity to each and every school site and wi-fi in every classroom.

Big difference for the school. Recurring revenue for us, and a collaborative solution we can repeat.

Nine partners. One solution.

Thanks, ConvergeOne and team!

The story doesn’t end there.

1. See how they did it.

https://youtu.be/la98mVwe3V8

2. Read the story.

3. Scan the slide.

 

Authors

Avatar

Julie Colwell

Marketing Manager

Global Partner Marketing

3 Comments
Avatar

Connected Education and the Power of Video

This post comes from Marissa Liu, a collaboration product marketing specialist at Cisco. As a recent graduate of The University of North Carolina at Chapel Hill, she has seen firsthand the evolution of digital education and is optimistic about its future.

Whether you’re in fourth grade or grad school, collaborating on group projects for a class can be a real hassle. You have to plan where and when to meet with your classmates, decide how to divide the work, and figure out how to track progress, deliverables, and deadlines. These days, both students and instructors are constantly on the move — and usually have a million things on their minds. They want the tools they use to be easy to access, quick to set up, and simple to use.

In surveys from Ovum and the National Center for Education Statistics, researchers found that:

  • 78% of students agree that technology contributes to the successful completion of courses.
  • 49% of institutions rate increased operating efficiency as a first or second priority.
  • 46% of students are more actively involved in courses that use technology.

Collaboration shouldn’t have to be hard. Schools at all levels are finding that collaboration technology can help students and teachers connect -– whether for group projects, online lectures and coursework, or spontaneous ad-hoc sessions. With the Cisco Digital Education Platform (DEP), institutions can provide a secure and seamless integration of collaboration technology including Cisco WebEx and Cisco Spark with other learning-management systems (LMSs) to ensure their students and faculty are able to do their best work.

 

With the world becoming increasingly digital, it’s easier than ever to collaborate with people globally. For example, California’s San Jose State University is using Cisco WebEx to partner with universities around the world to foster curriculum development and global learning through video conferencing. Embracing a digital learning environment allows universities like SJSU to:

  • Extend reach to new student populations by offering online classes
  • Bring in more expert instructors from anywhere around the world via video
  • Collaborate with other schools around the world

Video allows you to have face-to-face interaction with your peers, even if you’re in different locations. It allows you to see emotions and reactions, something that is hard to pick up through pure audio. Using video in your meetings also helps you build personal trust and closer connections with your students, instructors, and peers.

Digital education doesn’t take away the importance of personal interaction. On the contrary, it reinforces the necessity of the human element in education. Learning requires understanding perspectives from different points of view, and with collaborative technology, students can practice that in real life from their peers. Collaboration should be a natural and easy component of education, and that’s something that Cisco is actively driving with our innovations.

Learn more about Cisco solutions for education:
Cisco Digital Education Platform
Education Industry Solutions
Cisco WebEx

https://www.youtube.com/watch?v=j7vbXRRAPyg&feature=youtu.be

Authors

Avatar

Kim Austin

No Longer with Cisco

1 Comment
Avatar

Exploring Industry and University Collaboration Models

The New Zealand and Australian economies are being disrupted in fundamental ways, driven by the rapid digitization of industries and communities. Countries, institutions and individuals are starting to realize that an incremental response to change won’t be sufficient.

Recently, I led the 2017 Cisco New Zealand Higher Education and Government Study Tour, which was an inaugural tour designed to help universities identify opportunities arising from disruption rather than focusing only on the challenges and risks. The tour was supported by Intel and included visits to four of Cisco Australian partner universities (University of New South Wales, Flinders University, Curtin University and Edith Cowan University).

Two topics dominated the agenda for the tour: innovation models and the impact of digitization. The focus of institutions on the tour was not whether they should innovate or digitize, but rather how to do it and with whom. Four conclusions were made about what universities needed to do to capture opportunities.

Here’s more information on each:

Execute at speed and scale The scale of activity at the Tonsley innovation precinct in Adelaide provided a stark example. When the automotive industry vacated a large parcel of land in Adelaide, the South Australian Government decided to create a joint industry-university-polytechnic innovation precinct. The result: the innovation precinct employs more people today than when the last car rolled off the assembly line.

Think laterally about competitive advantage and assets For many universities, competitive advantage will just as likely come from how they do things, not just what they do.

Collaborate, don’t just cooperate  Australia and New Zealand are small economies in a global context and the need to collaborate is more acute than elsewhere. Ideally, that collaboration occurs between university, industry and government to create a ‘triple helix’ effect a model that is proven in some of the world’s innovation hotspots including Barcelona, Israel, Singapore and the Scandanavian region.

The study tour visited two Cisco innovation centres in Australia and there is interest in how this can be adapted to the NZ context. The centres have a strong vertical focus, target SMEs and multinationals, focus on projects with a three to six-month execution window and are based on open innovation principles. Cisco’s model was considered by NZ universities to be an excellent template for an industry-driven research collaboration, in part because it is focused on delivering ‘wins’ for all parties

Innovation and digitization needs to occur inside universities

Universities can no longer afford to simply talk about innovation and digitization. All Australian universities visited as part of the tour spoke of the importance of investing in their own technology to achieve innovation and broader objectives. Australian universities were considered more mature in terms of their own digitization, with most Australian universities investing in digital campus/IoT projects to improve student outcomes, research outcomes and operational efficiencies.

One of the most encouraging aspects of the study tour was the level and quality of collaboration that has occurred since. A range of potential projects have been tabled and are currently being worked through in the spirit of triple helix collaboration and we’ll continue to partner closely with universities and government organizations in New Zealand to further economic and community benefit.

Authors

Avatar

Reg Johnson

General Manager, Education

Cisco Australia and New Zealand

5 Comments
Avatar

New Cisco Moms Give Mother’s Day Career Advice

Some new moms set up play dates for their babies, but when you work for Cisco there are more – let’s call them connected creative options. Cisco collaboration can be used for more than business meetings when you want to share special moments with co-workers during baby “collaboration time”.

Cisco Collaboration tools are so easy, even a baby can use them! (Okay, maybe they need a little help from their moms.)

I started working at Cisco 11 years ago alongside of my co-contributor on this post and my very good friend and colleague Jennifer Frankie in the Sales Associate Program (CSAP) as engineers. Even though our careers have diverged in those 11 years, we’ve always kept in touch. That’s probably because during our CSAP program, we spent many long nights and weekends studying for certification exams and diving deep into Cisco technologies, doing a lot of work and having a lot of fun doing it. Over the years, we would see each other during the Global Sales Experience (GSX) and at other times when their paths would cross. We’re just a good personality match!

Last year, however, we found we had something else in common. We both found ourselves navigating the fact that we were both going to be first-time moms at nearly the same time, learning about maternity leave and sharing mom-to-be stories.

All of those late nights and Cisco-filled days were good preparation for being new moms. Our children came into the world about a month or so apart! Even though we were on leave, we still made time for video calls together with babies in tow.

Now when we’re back at Cisco and going through the “new working mom” process, it’s still a regular thing, as a way for us to share this journey together (and sometimes have new mom therapy sessions.)

Baby Collaboration!

Cisco is a great place for understanding a balance between work and life, and together we share tips, funny moments and serve as mentors to each other. Meanwhile, our sweet babies experience collaboration – even coo and wave at each other. It’s Cisco Collaboration tools at their finest, and at their most basic level of human connection. And now our babies will know the power of Cisco technology from the start! What amazing things will they do someday with such early introduction to this tech?!

That leads us into some tips for not only new moms at Cisco, but all moms considering Cisco and just moms in general in honor of Mother’s Day in the US.

  1. Connect with like-minded people as a community. For example, here at Cisco, did you know that there is a Cisco Internal maternity leave Spark community? We both received lots of good advice about maternity leave, ordering pumps, and all the other questions a Cisco mom-to-be might have, and it’s also great for connecting with other mothers at CiscoIt’s been amazing to see the progress from these interactions within our company and we are lucky to have a lot of passionate people about doing the right thing for working moms.
  2. Collaboration tools are THE BEST. Make sure you have a good internet connection and office space to be on video. We are on video a ton now. Working from wherever we need to gives us both a lot of convenience for pumping at work and still being super productive. Having the option to take calls over video really makes a difference for the new working mom.
  3. Forgive yourself. Being a working mom at Cisco or anywhere can be tough as you learn to balance and manage a new baby. It takes time to refocus after leave and maintain a new daily work flow. You have to work smarter and be efficient in new ways, but it is totally possible and just takes time.
  4. Use Cisco or employer resources. The lactation consultant phone calls that were provided by Cisco and information kit really helped improve the breast-feeding experience. The back-up daycare option is great for when we might be in a pinch and need help. Just become aware of what is available to you as a mom at your company and use it.
  5. Find something to do for you! When you are working and momming, it can be really hard to justify or even find time to have one small thing you do for yourself. Whether it is 15 minutes for a hot bath and a book, yoga, spa day, or a morning run, make it a priority. Same goes for your relationship. Take time to reconnect to your spouse.

What are some of your mom career tips, or even tips from your mom? Share them in the comments!

Want to work at a mom-friendly company like Cisco? Visit the Careers site and see the opportunities available!

Authors

Avatar

Nicole Scheffler

Channels Systems Engineer

Sales

26 Comments
Avatar

Changing the Game: Creating Intelligent, Conversational Interfaces

My dad got me my first computer for Christmas when I was 11 years old. It was a Texas Instruments 99-4a. He must have gotten it second hand because it had no box or any form of storage like a tape drive.

But that didn’t stop me. I had been obsessed with the movie War Games, so my first program on the TI was designed to replicate the computer in the movie which uttered the famous line “shall we play a game.”

My program gave static responses to a huge variety of programmed questions, and mostly followed the script from the movie. In other words, it was not very good and was easily tricked, but it still blew the minds of friends and family alike. When I got them to type questions and carry on a simple dialog with the T1, they thought I’d coded the computer to speak to them naturally. Most so-called “conversational” interfaces at the time used tremendous amounts of statically coded question/response approaches. And like my program, they simply weren’t very good.

Thirty years later, computers are finally able to carry on a real conversation.

My kids and I play a game in the car, which is to try to trick Siri with silly questions. I can always get them rollicking with laughter by throwing crazy accents at Siri and carrying on escalating silly conversations. “Siri, why don’t you love me?”, “How dare you speak to me in that tone of voice”, or “What kind of fool do you take me for?”. Siri often comes up with witty responses and occasionally surprises us.

But other than Siri and a small handful of others (Google Home, Cortana, etc), there are surprisingly few convincing conversational bots.

The rise of messaging apps, and the conversational bots which have followed, have given us a tremendous number of bots which are impressively bad at natural language conversation. They do OK with canned responses, but try to have a semi-unstructured conversation to get them to do something and the experience tends to be poor, frustrating and decidedly non-human.

Why is it that computers can think like us and program like us – but they can’t communicate like us?
At Cisco, we have been at the forefront of the messaging revolution with Cisco Spark, and have been seeing a boom in conversational bots for all kinds of purposes. We have also seen immense interest from our customer care customers, who see bots (rightly so) as the evolution of multiple choice interactive voice response (IVR) systems.

We realized that to really enable our customers to have more natural, conversational interactions in our enterprise collaboration tools, we’d have to do more for them, and do more of the heavy lifting.

So that’s why today, we are announcing the intent to acquire a company called MindMeld. MindMeld realized this same problem and has been at the forefront of Artificial Intelligence (AI) and Machine Learning (ML) research on creating lifelike, convincing conversational interfaces. Creating a high-quality conversational interface requires six distinct types of ML, including Natural Language Processing, Question Answering, Dialog Management and so on. MindMeld has written the book on these technologies and has built the world’s best conversational user interface platform.

This is the next step into a comprehensive AI-powered collaboration solution for Cisco. We are already leveraging AI/ML in new and exciting ways in existing products, from our SpeakerTrack to our VoiceTrack technologies. Bringing the MindMeld team to Cisco is a giant leap forward in helping our customers experience the next generation of interactive, conversational interfaces.

We’ve come a long way since the days of my silly first program on the TI 99-4a, but we’re really still at the beginning of the beginning of human-computer interfaces. Conversational interfaces are the next major step forward, and we’re thrilled to have MindMeld and their CEO, Tim Tuttle, join us to usher in the next era of AI-powered collaboration technology. What future do you see for AI in the enterprise? Let me know @rowantrollope.

Authors

Avatar

Rowan Trollope

Senior Vice President and General Manager

IoT and Collaboration Technology Group