Plesk 0-Day Targets Web Servers
Update 6/6/2013: We’re seeing reports of exploitation of this vulnerability. We can confirm Global Correlation – Network Participation telemetry is seeing multiple exploitation attempts across many customers. Customers who participate in Global Correlation – Inspection have a higher chance of this signature blocking in the default configuration since the sensor will take the reputation of an attacker into account […]
Botnets Riding Rails to your Data Center
Cisco Security Intelligence Operations is tracking reports of ongoing exploitation of a vulnerability in the popular web application framework Ruby on Rails that creates a Linux-based botnet. The vulnerability dates back to January 2013 and affects Ruby on Rails versions prior to 3.2.11, 3.1.10, 3.0.19, and 2.3.15. Cisco Security Intelligence Operations’ has previously published an […]
Seven Things to Complete Before Deploying Cisco Identity Services Engine
Connected devices are spreading like kudzu on the Carolina roadside. Cisco Identity Services Engine (ISE) is a great way to manage the devices on your network and with...
Massive Canadian Pharmacy Spam Campaign
On Tuesday May 28, 2013 at 17:30 UTC a massive pharmaceutical-based spam campaign began, using the Subject: header “Only 24 Hours Left to Shop!”. Cisco witnessed volume rates peaking as high as 8 out of every 10 spam messages being sent. The indiscriminate nature of the attack’s recipients suggests that most anti-spam vendors, including Cisco, will have blocked […]
Design & Implementation Guide: What’s In a Name?
This may seem to some a rhetorical question, right? It’s in the name! A guide that describes the design and implementation of a system or solution. That seems simple enough. Cisco Design and Implementation Guides (DIGs) can be found in the Cisco Design Zone. Many of these designs are Cisco Validated Designs (CVDs) that include […]
If You Didn’t Care About HIPAA Before, You May Need to Now
The HIPAA Omnibus Final Rule, released January 2013, greatly expands the number of organizations that must comply with HIPAA beyond the known ‘Covered Entities.’ The Final Rule expands the definition of a Business Associate to include an organization that ‘creates, receives, transmits or maintains’ PHI. Adding the term ‘maintains’ into the definition makes a big […]
Network Threat Defense at Black Hat 2013
Join us at Black Hat 2013 in Las Vegas this July, for our two-day hands-on Network Threat Defense, Countermeasures, and Controls course. Courses will be offered on July 27-28 and July 29-30, and attendees will learn and perform two network security roles. First, as a Security Practitioner, you’ll learn to secure and harden network infrastructure devices, and second, as […]
Network World’s Top VPN Choice: Cisco ASA and AnyConnect
Network World recently completed a competitive review of the leading Virtual Private Networking (VPN) products and the Cisco® Adaptive Security Appliance (ASA) and AnyConnect™. With a long history of providing market-leading remote access VPN capabilities and optimal usability, Cisco is honored to receive this recognition from Network World based on their hands-on product testing.
Foundational Network Traffic Collection and Analysis Setup
This introductory post explains how one of Cisco’s security research groups established a network data collection capability for large amounts of network traffic. This capability was necessary to support research into selected aspects of the Domain Name Service (DNS), but it can be adapted for other purposes.