Security

August 20, 2014

SECURITY

NSS Labs Report on Cyber Resilience Highlights the Need for a New Approach to Security

A few years ago, a point-product security vendor proudly declared their technology was the silver bullet that stopped ALL security threats from penetrating the corporate network. Many of us in the industry raised our collective eyebrows in surprise at such a bold claim. While the naive or inexperienced might have believed such an outrageous claim, […]

August 19, 2014

SECURITY

Cisco 2014 Midyear Security Report: Security Services and Risk Management

More organizations are starting to view cybersecurity as a strategic risk. They have to—it’s becoming unavoidable. Technology and the business are so intertwined. Regulators are issuing more compliance measures that include information security directives. And all the while, adversaries are relentless in their campaigns to compromise defenses to steal information, money, or otherwise create disruption.

August 14, 2014

SECURITY

Cisco 2014 Midyear Security Report: Focusing on Common Vulnerabilities is Smart Security Strategy

Enterprise security professionals have their hands full these days—monitoring networks for security breaches, managing the implications of “bring your own device” policies, and patching systems to combat “weak links,” or vulnerabilities that could allow online criminals to grant entry. Regarding this last task, security practitioners may be able to take an approach to addressing vulnerabilities […]

August 13, 2014

SECURITY

Putting a Damper on ‘Lateral Movement’ due to Cyber-Intrusion

Analysis of high-profile cyber breaches often reveals how intruders gain their initial footprint in the targeted organizations and bypass perimeter defenses to establish a backdoor for persistent activities. Such stealthy activities may continue until intruders complete their ultimate mission—claiming the “crown jewels” of the victim organization. “Lateral movement” is a term increasingly used to describe […]

August 12, 2014

SECURITY

Cisco 2014 Midyear Security Report: Exploit Kit Creators Vying for ‘Market Leader’ Role

Even in the world of cybercrime, when a top “vendor” drops out of the market, competitors will scurry to fill the void with their own products. As reported in the Cisco 2014 Midyear Security Report, when Paunch—the alleged creator and distributor of the Blackhole exploit kit—was arrested in Russia in late 2013, other malware creators […]

August 7, 2014

SECURITY

Cisco 2014 Midyear Security Report: Threats – Inside and Out

Through our ongoing “Inside Out” project at Cisco, our threat researchers have the opportunity to closely examine select networks—with our customers’ permission—to identify evidence of malicious traffic. We use Domain Name System (DNS) lookups emanating from enterprise networks to create a snapshot of possible data compromises and vulnerabilities. This research yielded a significant finding that […]

August 5, 2014

SECURITY

Cisco 2014 Midyear Security Report: Exposing Weak Links to Strengthen the Security Chain

The Cisco 2014 Midyear Security Report has been released, diving into threat intelligence and cybersecurity trends for the first half of 2014. You may be thinking, “What could have possibly changed since January?” True to form, the attacker community continues to evolve, innovate, and think up new ways to discover and exploit weak links in the security […]

July 29, 2014

SECURITY

Summary: Mitigating Business Risks

Organizations are rapidly moving critical data into the cloud, yet they still have serious concerns about security and other business risks. Read Bob Dimicco’s blog to learn several important steps companies can take to mitigate the risks of cloud services, such as uncovering shadow IT, assessing data security, and instituting cloud-specific employee policies.

July 28, 2014

SECURITY

Far East Targeted by Drive by Download Attack

This blog was co-authored by Kevin Brooks, Alex Chiu, Joel Esler, Martin Lee, Emmanuel Tacheau, Andrew Tsonchev, and Craig Williams.   On the 21st of July, 2014, Cisco TRAC became aware that the website dwnews.com was serving malicious Adobe Flash content. This site is a Chinese language news website covering events in East Asia from a […]

Why Cisco Security?

Explore our Products & Services

Subscribe to our Blogs

Stay up to date and get the latest blogs from Cisco Security