Security @ Cisco Blogs

Security

Threat Spotlight: PoSeidon, A Deep Dive Into Point of Sale Malware

This post was authored by Andrea Allievi, Ben Baker, Nick Biasini, JJ Cummings, Douglas Goddard, William Largent, Angel Villegas, and Alain Zidouemba Cisco’s Security Solutions (CSS) consists of information security experts with a unique blend

March 20, 2015 • 6 min read

Talos Group

Research Spotlight: Exploiting Use-After-Free Vulnerabilities

This blog post was authored by Earl Carter & Yves Younan. Talos is constantly researching the ways in which threat actors take advantage of security weaknesses to exploit systems. Yves Younan of Talos will be presenting at CanSecWest on Friday

March 17, 2015 • 2 min read

Talos Group

Talos Discovery Spotlight: Hundreds of Thousands of Google Apps Domains’ Private WHOIS Information Disclosed

This post was authored by Nick Biasini, Alex Chiu, Jaeson Schultz, and Craig Williams. Special thanks to William McVey for his contributions to this post. Table of Contents Overview WHOIS Privacy Protection Why Does This Exist The Issue Implications

March 12, 2015 • 5 min read

Talos Group

Microsoft Patch Tuesday for March 2015: 14 Bulletins Released; FREAK Patched

Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release sees a total of 14 bulletins being released which address 45 CVEs. The first 5 bulletins

March 10, 2015 • 5 min read

Omar Santos

Mitigations Available for the DRAM Row Hammer Vulnerability

This blog post was authored by Troy Fridley and Omar Santos of Cisco PSIRT. On Mar 9 2015, the Project Zero team at Google revealed findings from new research related to the known issue in the DDR3 Memory specification referred to as “Row

March 9, 2015 • 4 min read

Jessica (Bair) Oppenheimer

AMP Threat Grid Empowers Law Enforcement to Fight Cybercrime

Recognizing the critical need for state and local law enforcement agencies to have state-of-the art technologies to effectively fight digital crime, Cisco is creating the AMP Threat Grid for Law Enforcement Program. The program is designed to empower

March 9, 2015 • 2 min read

Evelyn de Souza

The Seven Wonders of User Access Control: Part II

In the first of a two-part blog series, The Seven Deadly Sins of User Access Controls, my colleague Jean Gordon Kocienda provided fresh insights into overly-permissive user access controls as a common underlying cause of data breaches. In this blog, I

March 4, 2015 • 2 min read

Talos Group

Threat Spotlight: Angler Lurking in the Domain Shadows

This post was authored by Nick Biasini and edited by Joel Esler Overview Over the last several months Talos researchers have been monitoring a massive exploit kit campaign that is utilizing hijacked registrant accounts to create large amounts of

March 3, 2015 • 10 min read

Jean Gordon Kocienda

The Seven Deadly Sins of User Access Controls: Part I

2014 was a terrible year for corporate data breaches. If there is to be any silver lining, information security professionals must draw lessons from the carnage. A good place to start is to identify common denominators. Several of the most damaging

March 3, 2015 • 2 min read

Cisco Blogs

Security

Our Favorite Topics:

Security

Threat Spotlight: PoSeidon, A Deep Dive Into Point of Sale Malware

Research Spotlight: Exploiting Use-After-Free Vulnerabilities

Talos Discovery Spotlight: Hundreds of Thousands of Google Apps Domains’ Private WHOIS Information Disclosed

Microsoft Patch Tuesday for March 2015: 14 Bulletins Released; FREAK Patched

Mitigations Available for the DRAM Row Hammer Vulnerability

AMP Threat Grid Empowers Law Enforcement to Fight Cybercrime

The Seven Wonders of User Access Control: Part II

Threat Spotlight: Angler Lurking in the Domain Shadows

The Seven Deadly Sins of User Access Controls: Part I

Cisco Cybersecurity Viewpoints

Why Cisco Security?