Disk Image Deception
Cisco's Computer Security Incident Response Team (CSIRT) detected a large and ongoing malspam campaign leveraging the .IMG file extension to bypass automated malware analysis tools and infect machines with a variety of Remote Access Trojans. During our investigation, we observed multiple tactics, techniques, and procedures (TTPs) that defenders can monitor for in their environments. Our incident response and security monitoring team's analysis on a suspicious phishing attack uncovered some helpful improvements in our detection capabilities and timing.
Infosec Fun, Fear, and Fables with Denise Fishburne a Cisco Champion Radio Podcast (S5|Ep.19)
In this episode of Cisco Champion Radio, Cisco Champion hosts Tony Cuevas and Steve Kostyk talk all things InfoSec Fun, Fear, and Fables with Fish Fishburne.
Join our IoT System Security Webinar
Connecting more things in more places creates new security challenges. Please join us on November 17, 2015 at 8:00AM (PST) for the IoT System Security webinar and learn how to secure and control IoT with the Cisco IoT System Security. In this webinar you will hear how the IoT System Security product portfolio delivers secure […]
IE Zero Day – Managed Services Protection
As of May 1, 2014, we can confirm Cisco customers have been targets of this attack. For the latest coverage information and additional details see our new post on the VRT blog. Protecting company critical assets is a continuing challenge under normal threat conditions. The disclosure of zero-day exploits only makes the job of IT […]
Security Blog Story – Part 4: Lessons Learned
Editor’s Note: This is the final installment of a four-part series featuring an in-depth overview of InfoSec’s (Information Security) Unified Security Metrics Program (USM). In this blog entry, we discuss some of the lessons learned during the program’s first year. Winter weather in the North Atlantic Ocean can be precarious at best. Anyone recall the […]
Bring Your Own Service: Why It Needs to be on InfoSec’s Radar
Security concerns around cloud adoption can keep many IT and business leaders up at night. This blog series examines how organizations can take control of their cloud strategies. The first blog of this series discussing the role of data security in the cloud can be found here. The second blog of this series highlighting drivers […]
Making Your Metrics Program Effective Beyond Just Charts and Numbers
Information security is all about risk reduction, and risks are notoriously difficult to measure - ask any insurance salesman or actuary. So how do we handle this conundrum for a security metrics program that hasn't even reached its second anniversary yet?
Security Metrics Starting Point: Where to Begin?
Editor’s Note: This is the second part of a four-part series featuring an in-depth overview of Infosec’s (Information Security) Unified Security Metrics Program. In this second installment, we discuss where to begin measuring. H. James Harrington, noted author of Business Process Improvement, once said “Measurement is the first step that leads to control and eventually […]