High Stakes Gambling with Apple Stock
Miscreants are always trying to put new twists on age-old schemes. However, I must admit that this latest twist has me slightly puzzled. Today, Cisco TRAC encountered a piece of stock related spam touting Apple’s stock, AAPL.
7-Day Forecast: Bundle Up!
It’s that time of year again—consider this post your friendly T-7 notice to start preparing for the final Cisco IOS Software Security Advisory Bundled Publication of 2013! As a reminder, the Cisco Product Security Incident Response Team (PSIRT) releases bundles of Cisco IOS Software Security Advisories on the fourth Wednesday of March and September each […]
Watering-Hole Attacks Target Energy Sector
Beginning in early May, Cisco TRAC has observed a number of malicious redirects that appear to be part of a watering-hole style attack targeting the Energy & Oil sector. The structure consists of several compromised domains, of which some play the role of redirector and others the role of malware host. Observed watering-hole style domains […]
More Effective Threat Visibility Using Identity and Device-Type Context
The focus of this post is on the use of ISE in collaboration with existing Security Event & Information Management (SIEM) and Threat Defense (TD) systems.to help customers automate the analysis of which security events in an environment require immediate attention more accurately and quickly.
MS Detours: Ongoing vigilance keeps customers on the right track.
This post discusses the potential for vulnerabilities to be present in software products due to the use of 3rd party Dynamic Link Libraries (DLLs). In some cases the DLLs that are injected end up with privileges, or permissions, that are far greater than what should be allowed.
The Phishing Grounds
On August 15, 2013, Brian Krebs featured a screen shot of a fake Outlook webmail login page used by the Syrian Electronic Army in a phishing attack against the Washington Post. If you look carefully at the location bar, you will note that the domain used in the phishing attack is ‘webmail.washpost.site88.net’.
Syrian Electronic Army Continues Spree: Cracks New York Times, Twitter and Huffington Post
The Syrian Electronic Army continues to hammer away at media organizations. This afternoon the Syrian Electronic Army appears to have compromised the registrar Melbourne IT which hosts the domains of notable media organizations like Twitter, The New York Times, and The Huffington Post.
Crumbling to the Cookiebomb
Syrian Electronic Army Cracks ShareThis.com GoDaddy Account
ShareThis provides a mechanism for web surfers to share content online through a customizable widget. According to the information on their website, ShareThis interacts with “more than 94% of U.S. Internet users across more than 2 million publisher sites and 120+ social media channels.” On the evening of August 21, 2013, ShareThis reported that their […]
Why Cisco Security?
Explore our Products & Services
Subscribe to our Blogs
Stay up to date and get the latest blogs from Cisco Security