NSS Labs Report on Cyber Resilience Highlights the Need for a New Approach to Security
A few years ago, a point-product security vendor proudly declared their technology was the silver bullet that stopped ALL security threats from penetrating the corporate network. Many of us in the industry raised our collective eyebrows in surprise at such a bold claim. While the naive or inexperienced might have believed such an outrageous claim, […]
Cisco 2014 Midyear Security Report: Security Services and Risk Management
More organizations are starting to view cybersecurity as a strategic risk. They have to—it’s becoming unavoidable. Technology and the business are so intertwined. Regulators are issuing more compliance measures that include information security directives. And all the while, adversaries are relentless in their campaigns to compromise defenses to steal information, money, or otherwise create disruption.
Cisco 2014 Midyear Security Report: Focusing on Common Vulnerabilities is Smart Security Strategy
Enterprise security professionals have their hands full these days—monitoring networks for security breaches, managing the implications of “bring your own device” policies, and patching systems to combat “weak links,” or vulnerabilities that could allow online criminals to grant entry. Regarding this last task, security practitioners may be able to take an approach to addressing vulnerabilities […]
Putting a Damper on ‘Lateral Movement’ due to Cyber-Intrusion
Analysis of high-profile cyber breaches often reveals how intruders gain their initial footprint in the targeted organizations and bypass perimeter defenses to establish a backdoor for persistent activities. Such stealthy activities may continue until intruders complete their ultimate mission—claiming the “crown jewels” of the victim organization. “Lateral movement” is a term increasingly used to describe […]
Cisco 2014 Midyear Security Report: Exploit Kit Creators Vying for ‘Market Leader’ Role
Even in the world of cybercrime, when a top “vendor” drops out of the market, competitors will scurry to fill the void with their own products. As reported in the Cisco 2014 Midyear Security Report, when Paunch—the alleged creator and distributor of the Blackhole exploit kit—was arrested in Russia in late 2013, other malware creators […]
Cisco 2014 Midyear Security Report: Threats – Inside and Out
Through our ongoing “Inside Out” project at Cisco, our threat researchers have the opportunity to closely examine select networks—with our customers’ permission—to identify evidence of malicious traffic. We use Domain Name System (DNS) lookups emanating from enterprise networks to create a snapshot of possible data compromises and vulnerabilities. This research yielded a significant finding that […]
Cisco 2014 Midyear Security Report: Exposing Weak Links to Strengthen the Security Chain
The Cisco 2014 Midyear Security Report has been released, diving into threat intelligence and cybersecurity trends for the first half of 2014. You may be thinking, “What could have possibly changed since January?” True to form, the attacker community continues to evolve, innovate, and think up new ways to discover and exploit weak links in the security […]
Summary: Mitigating Business Risks
Organizations are rapidly moving critical data into the cloud, yet they still have serious concerns about security and other business risks. Read Bob Dimicco’s blog to learn several important steps companies can take to mitigate the risks of cloud services, such as uncovering shadow IT, assessing data security, and instituting cloud-specific employee policies.
Far East Targeted by Drive by Download Attack
This blog was co-authored by Kevin Brooks, Alex Chiu, Joel Esler, Martin Lee, Emmanuel Tacheau, Andrew Tsonchev, and Craig Williams. On the 21st of July, 2014, Cisco TRAC became aware that the website dwnews.com was serving malicious Adobe Flash content. This site is a Chinese language news website covering events in East Asia from a […]
Why Cisco Security?
Explore our Products & Services
Subscribe to our Blogs
Stay up to date and get the latest blogs from Cisco Security