Security

June 29, 2016

SECURITY

Cisco TrustSec, the “Swiss Army Knife” in your network security toolbox

A new approach to segmentation that simply delivers more Network segmentation has been around for quite a while as a way to isolate environments and critical systems to secure data and IT assets. Recent breaches have highlighted the value of segmentation in reducing the attack surface and preventing the lateral movement of targeted malware. But […]

June 29, 2016

THREAT RESEARCH

Detecting DNS Data Exfiltration

The recent discovery of Wekby and Point of Sale malware using DNS requests as a command and control channel highlights the need to consider DNS as a potentially malicious channel. Although a skilled analyst may be able to quickly spot unusual activity because they are familiar with their organisation’s normal DNS activity, manually reviewing DNS […]

June 28, 2016

THREAT RESEARCH

Vulnerability Spotlight: LibreOffice RTF Vulnerability

Vulnerability discovered by Aleksandar Nikolic of Cisco Talos. Talos is disclosing the presence of CVE-2016-4324 / TALOS-CAN-0126, a Use After Free vulnerability within the RTF parser of LibreOffice. The vulnerability lies in the parsing of documents containing both stylesheet and superscript tokens. A specially crafted RTF document containing both a stylesheet and superscript element causes […]

June 28, 2016

SECURITY

Better Security Through Openness and Multi-Vendor Integration

Cisco Further Expands Technology Partner Ecosystem – New Partners and New Tech Integration Areas  Security is an interconnected system, not a bunch of disparate boxes.  Like a school of fish, security should operate collaboratively to accomplish a goal. Not just for the sake of “integration”, but because the very nature of securing networks, applications and […]

June 23, 2016

SECURITY

Connected Value Chains: The Pervasive Security Imperative

We can no longer debate the reality of digital disruption and its impact on each of us in all we do, at work, at home and at play. Today’s challenge is to embrace the connected world and address security on a comprehensive continuum to ensure its optimum impact. To do this, we must look at […]

June 22, 2016

SECURITY

AMP for Networks is SAFETY Act Certified®

The Department of Homeland Security (DHS) issued a SAFETY Act Certification to Cisco for our Advanced Malware Protection for Networks technology. This certification follows an extensive DHS review and extends potential liability protections to Cisco’s customers that use AMP for Networks. Congrats to Cisco Systems, Inc., on their recent SAFETY Act Certification! More at: https://t.co/gDaVn0Pzkxpic.twitter.com/zHsmf1YajT […]

June 21, 2016

THREAT RESEARCH

Vulnerability Spotlight: Pidgin Vulnerabilities

These vulnerabilities were discovered by Yves Younan. Pidgin is a universal chat client that is used on millions of systems worldwide. The Pidgin chat client enables you to communicate on multiple chat networks simultaneously. Talos has identified multiple vulnerabilities in the way Pidgin handles the MXit protocol. These vulnerabilities fall into the following four categories. […]

June 21, 2016

THREAT RESEARCH

The Poisoned Archives

libarchive is an open-source library that provides access to a variety of different file archive formats, and it’s used just about everywhere. Cisco Talos has recently worked with the maintainers of libarchive to patch three rather severe bugs in the library. Because of the number of products that include libarchive in their handling of compressed […]

June 21, 2016

SECURITY

Protect against today’s attacks with AsyncOS 10.0 for Cisco Email Security

New email security release adds spoofing protection, auto-remediation of malware for Office 365 customers, AMP Private Cloud, and more. There’s been a spike in ransomware and spear-phishing attacks in the last several months. Read any news outlet and you’ll find examples of health records and other valuable data being locked up, employees duped into releasing […]

Why Cisco Security?

Explore our Products & Services

Get Security Blogs via Email

Stay up to date and get the latest blogs from Cisco Security