Disk Image Deception
Cisco's Computer Security Incident Response Team (CSIRT) detected a large and ongoing malspam campaign leveraging the .IMG file extension to bypass automated malware analysis tools and infect machines with a variety of Remote Access Trojans. During our investigation, we observed multiple tactics, techniques, and procedures (TTPs) that defenders can monitor for in their environments. Our incident response and security monitoring team's analysis on a suspicious phishing attack uncovered some helpful improvements in our detection capabilities and timing.
Cisco Leading Cyber Training Effort to Help Employ Virginia Veterans
The Virginia Veterans Cyber Training (VVCT), pioneered by Cisco, is a free accelerated online program offering cyber training from Cisco, Amazon Web Services, (ISC)2, Palo Alto Networks, and Fortinet.
Protect Your Entire Digital Self
Cisco is proud to join the National Cybersecurity Alliance in its support of White House efforts to improve online security.
Security Steps to Take in the Holiday Season – and Beyond
Retail companies face a landscape filled with growing and increasingly complex threats. And the financial impact of these breaches is soaring. There are obvious financial incentives for attacking retailers because they typically don’t spend as much on security as financial institutions or government organizations, so they’ve become easy targets in recent years. According to Gartner, […]
Cyber Threat Management from the Boardroom Risk: Lost in Translation
I was at the Gartner Security and Risk Management Summit at the Gaylord National Harbor and had the opportunity to attend the session, “Finding the Sweet Spot to Balance Cyber Risk,” which Tammie Leith was facilitating. During the session, the panel had been discussing how the senior leadership teams address the problem of putting their […]
Cupcakes and Cyber Espionage
This blog will suggest a change of strategy in how we address the threat of cyber espionage. One which leverages traditional tactics of counter-intelligence and uses a new approach different than the Lockheed Martin Cyber Kill Chain approach to security, which seeks to disrupt the chain of attack as quickly as possible. Rather than simply […]
Cybersecurity: Where are the Biggest Threats?
Cyber Crime: Identifying the Sources of an Everyday Threat Cyber crimes, cyber thievery, and cyber warfare have become an everyday reality. In fact, security breaches are so prevalent that, according...
Missing the Mark on Cloud-based Intelligence
This week, Juniper Networks announced a new cloud-based threat intelligence service focused on fingerprinting attackers’ individual devices. We’d like to officially welcome Juniper to the cloud-based security intelligence market—a space where Cisco has a proven track record of leadership through Security Intelligence Operations (SIO). Imitation is indeed the sincerest form of flattery, but in Juniper’s […]