Are Third Parties Your Greatest Weakness?
There are many advantages in outsourcing functions to specialist providers that can supply services at lower cost and with more functionality than could be supplied in-house. However, companies should be aware that when buying services, you may also be buying risk. Organisations that have successfully implemented strategies to reduce the probability of experiencing a breach, […]
OpenSSL Website Breached Via Hypervisor Management Interface Misconfiguration
The website of the OpenSSL project, which provides a widely-used SSL/TLS implementation, was breached on 29th December and defaced (OpenSSL.org announcement). This defacement only affected the website of the project, however. The OpenSSL project has since checked the cryptographic hashes of the OpenSSL source code and confirmed that the source code has not been modified […]
2014: A Look Ahead
It’s December and the 2013 cyber security news cycle has just about run its course. We’ve seen more and increasingly virulent attacks, continued “innovation” by adversaries, and a minor revival of distributed denial of services (DDOS) actions perpetrated by hacktivists and other socio-politically motived actors. Against this, Cisco stood up tall in recognizing the importance […]
What Next-Generation Wi-Fi Models Could Mean for Secure Mobility
With the adoption of the Internet of Things and Internet of Everything, advances in mobility and next-generation Wi-Fi are driving faster speeds, higher signal quality and more reliable...
Features, Bugs, and Backdoors: The Differences, How Language Can Be (Mis)Used, And A Word Of Caution
Language is a powerful tool. With acronyms like ACL, IPS/IDS, and APT*, the security world has created its own language, acronyms, and catchphrases. In our industry, sometimes the meaning of more commonly used words can cause misunderstandings. For example, is a hacker a bad actor or a well-intentioned individual? Are all software bugs also security […]
Beware: Insider Threats Getting Worse
Most recently ESG/Vormetric came out with a threat report that highlighted the increase in insider threats & the significance to augment perimeter and host-based security. The rationale behind the increase was that more people are accessing the network, increase cloud and network traffic are making it difficult to isolate the problem. Almost 50% of the […]
A Thief Inside of Cisco? SecCon 2013 San Jose
A thief on the loose you say, at Cisco Systems, in San Jose? Turns out he was invited. Apollo Robbins was one of the headliners for Cisco SecCon in San Jose during the first week of December. Mr. Robbins taught us an important lesson about security: seeing is not always believing. Apollo demonstrated the art […]
Our Unofficial Top Ten Cyber Trends for 2014
(I pulled this list together with the help of my colleague Martin Chorich. Or maybe it was the other way around. ) Every year, publications ranging from supermarket tabloids to serious academic journals issue forecasts for the coming year. Those with foresight hold on to these articles and read them again the following December for […]
Big Data in Security – Part V: Anti-Phishing in the Cloud
In the last chapter of our five part Big Data in Security series, expert Data Scientists Brennan Evans and Mahdi Namazifar join me to discuss their work on a cloud anti-phishing solution. Phishing is a well-known historical threat. Essentially, it’s social engineering via email and it continues to be effective and potent. What is TRAC currently doing […]
Why Cisco Security?
Explore our Products & Services
Subscribe to our Blogs
Stay up to date and get the latest blogs from Cisco Security