Security

March 25, 2016

SECURITY

Avoiding the Trust Cliff of Data Privacy

Data protection and privacy are red-hot topics right now, as they should be. We are facing a watershed moment that could determine government and organizational policy for years to come. Weighing personal privacy against national security, for instance, is not as cut-and-dry as it may first appear. In our data-centric world, organizations are hungry for […]

March 23, 2016

THREAT RESEARCH

SamSam: The Doctor Will See You, After He Pays the Ransom

Cisco Talos is currently observing a widespread campaign leveraging the Samas/Samsam/MSIL.B/C ransomware variant. Unlike most ransomware, SamSam is not launched via user focused attack vectors, such as phishing campaigns and exploit kits. This particular family seems to be distributed via compromising servers and using them as a foothold to move laterally through the network to […]

March 23, 2016

SECURITY

Cisco IOS & IOS XE Bundled Publication and IOS Software Checker Updates

Today, we released the first of two semiannual Cisco IOS & XE Software Security Advisory Bundled Publications of 2016. (As a reminder, Cisco discloses IOS & XE vulnerabilities on a predictable schedule—the fourth Wednesday of March and September in each calendar year).   Today’s edition of the Cisco IOS & XE Software Security Advisory Bundled Publication includes […]

March 23, 2016

SECURITY

Don’t Let Your Cloud Security Strategy Get Railroaded by Old Thinking

The standard gauge used for railroads (that is the distance between the rails) in the U.S. is four feet, eight and a half inches, which is an odd number however you look at it. The history behind it is even stranger and is a cautionary tale of assumptions and the consequences of basing decisions on […]

March 22, 2016

THREAT RESEARCH

Vulnerability Spotlight: Apple OS X Graphics Kernel Driver Local Privilege Escalation Vulnerability

Piotr Bania of Cisco Talos is credited with the discovery of this vulnerability.   Cisco Talos, in conjunction with Apple’s security advisory issued on Mar 22, is disclosing the discovery of a local vulnerability in the communication functionality of the Apple Intel HD3000 Graphics kernel driver. This vulnerability was initially discovered by the Talos Vulnerability […]

March 21, 2016

THREAT RESEARCH

Malware Word Search: Identifying Angler’s Dictionary

This post authored by Steve Poulson with contributions from Nick Biasini. Exploit kits are constantly evolving and changing. We recently wrote about some subtle Angler changes but then Angler changed drastically on March 8. In this blog post, we will briefly cover these changes, examining different characteristics of the URL structure for Angler and the […]

March 21, 2016

SECURITY

Endpoint Protection Platform (EPP) vs Endpoint Detection & Response (EDR)

Many colleagues, customers, and Cisco partners have asked me, “Why isn’t Cisco AMP for Endpoints included in Gartner’s recent Magic Quadrant for Endpoint Protection Platforms (EPP)?” The answer to us is pretty simple. AMP was not categorized as a traditional “EPP,” and hence, was not included in the report. According to Gartner, “Endpoint protection platforms […]

March 17, 2016

SECURITY

AMP Threat Grid Renews the Support of Law Enforcement

In March 2015, Cisco created the AMP Threat Grid for Law Enforcement Program, empowering state and local law enforcement agencies with its dynamic malware analysis and threat intelligence platform. Cisco has renewed the program and made it a permanent part of Cisco Gives. Law Enforcement investigators can register for the program on the new Cisco […]

March 16, 2016

THREAT RESEARCH

Teslacrypt 3.0.1 – Tales from the Crypt(o)!

This post is authored by Andrea Allievi and Holger Unterbrink Executive Summary Ransomware is malicious software that is designed to hold users’ files (such as photos, documents, and music) for ransom by encrypting their contents and demanding the user pay a fee to decrypt their files. Typically, users are exposed to ransomware via email phishing campaigns and exploit […]

Why Cisco Security?

Explore our Products & Services

Get Security Blogs via Email

Stay up to date and get the latest blogs from Cisco Security