Avatar

Ben Nahorney

Threat Intelligence Analyst

Cisco Security

Ben Nahorney is a Threat Intelligence Analyst focused on covering the threat landscape for Cisco Security. With more than a decade and a half of experience in the Internet security field, Ben has weathered threat outbreaks reaching back to the early 2000s and helped develop and report on breaking research such as the Stuxnet virus.

A firm believer in “the right tool for the job,” Ben has been an avid producer of written, graphical, video, and data-driven content to help convey how threats operate, and authored papers on security topics ranging from email threats to detecting IoCs to annual reports on the state of the threat landscape.

Articles

October 19, 2021

SECURITY

Threat Trends: Firewall

9 min read

Firewalls are a key component of any perimeter defense —the proverbial guard towers in your fortifications. Here, we examine the top threats encountered by Cisco Secure Firewall, and the Secure IPS component and Snort rules used control and inspect the traffic on the network.

August 11, 2021

SECURITY

Threat Protection: The REvil Ransomware

6 min read

We take a look under the hood of the headline-grabbing REvil ransomware, showcasing what the threat looks like and how it goes about locking down a computer.

March 23, 2021

SECURITY

Threat Trends: DNS Security, Part 2

6 min read

A deep dive into industry-specific threat trends surrounding malicious DNS activity.

March 11, 2021

SECURITY

Threat Trends: DNS Security, Part 1

8 min read

An examination of the trends seen in malicious DNS activity during 2020, covering threat categories such as illicit cryptomining, phishing, trojans, ransomware, and others.

November 9, 2020

SECURITY

RDP and the remote desktop

6 min read

Does your organization use RDP? In our latest Threat of the Month blog, we examine how bad actors leverage the protocol and what can be done to protect against attacks.

October 12, 2020

SECURITY

Threat Trends: Endpoint Security, Part 2

9 min read

In this blog series, Threat Landscape Trends, we’ll be taking a look at activity in the threat landscape and sharing the latest trends we see. By doing so, we hope to shed light on areas where you can quickly have an impact in defending your assets, especially if dealing with limited security resources.

September 21, 2020

SECURITY

Threat Trends: Endpoint Security, Part 1

7 min read

In our new blog series, Threat Landscape Trends, we’ll be taking a look at activity in the threat landscape and sharing the latest trends we see. By doing so, we hope to shed light on areas where you can quickly have an impact defending your assets, especially if dealing with limited security resources.

September 3, 2020

SECURITY

Threat protection: The WastedLocker ransomware

6 min read

What is WastedLocker and how do Cisco Security technologies stop it? In this blog, we walk through the infection process, alongside points where our technologies can detect and block the threat.

May 28, 2020

SECURITY

Remote work and the threat landscape

4 min read

This month, we decided to take a look at some of the trends we’ve seen in a shifting threat landscape, including attackers who are adapting their techniques to take advantage of new opportunities. When you understand what they’re doing, it’s easier to mount a better defense against new trends in the threat landscape. 

April 27, 2020

SECURITY

Securing the remote work environment

6 min read

As organizations adopt remote working, how should they evaluate their security posture? And what are the top threats they may face?

March 31, 2020

SECURITY

Stealing passwords with credential dumping

6 min read

What is “credential dumping” and why should security professionals be paying attention? Find out more in this Threat of the Month.

February 25, 2020

SECURITY

Explorations in the spam folder

7 min read

Everyone has a spam folder. It’s often disregarded as a dark, bottomless pit for fake emails from FedEx, pharmacy offers, and introductory emails from women far too amorous to be anything but fantastical. You’d be right to largely ignore this folder. Yet each day new emails end up in it. Most of us have learned […]

January 29, 2020

SECURITY

Securing Industrial IoT

6 min read

It’s hard to ignore the ubiquity of the internet of things (IoT). Even if you’re one of those holdouts that doesn’t own consumer IoT devices such as a smart speaker, internet-connected thermostat, or a smart watch, industrial IoT (IIoT) devices—a subset of the IoT landscape—are already playing a part in your daily life. From the […]

November 25, 2019

SECURITY

Malvertising

6 min read

Online advertising is an integral part of today’s internet experience. In many ways, ads are the lifeblood behind many websites, providing the necessary funding to keep sites running, as well as supporting the creation of new content. While it may appear as though the ads that are displayed are just a component of the site […]

October 30, 2019

SECURITY

Remote Access Trojans

6 min read

You’re working for a high-profile technology company, close to releasing a market-changing product to the public. It’s a highly contested space, with many competitors, both domestic and international. There’s also...

September 30, 2019

SECURITY

Threats in encrypted traffic

5 min read

There was a time when the web was open. Quite literally—communications taking place on the early web were not masked in any significant fashion. This meant that it was...

September 9, 2019

SECURITY

The Value of Threat Hunting

4 min read

Threat hunting, i.e. looking for threats that somehow got past your defenses, is featured in our Cisco Cybersecurity Series, "Hunting for Hidden Threats: Incorporating Threat Hunting Into Your Security Program."