security

3 min read

On May 19th, 2015 a team of researchers (Henninger et. al) published a paper with the title “Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice”. The paper can be divided in two sections: 1) discrete logs on a 512-bit Diffie-Hellman (DH) group, and 2) a new attack against the Transport Layer Security (TLS) protocol. We’ll […]

4 min read

This post was authored by Cisco CSIRT’s Robert Semans, Brandon Enright, James Sheppard, and Matt Healy. In late 2013­­­–early 2014, a compromised FTP client dubbed “StealZilla,” based off the open source FileZilla FTP client was discovered. The attackers modified a few lines of code, recompiled the program, and disbursed the trojanized version on compromised web […]

1 min read

I am often asked about how I transitioned from a music teacher to a Data Privacy and Compliance Leader. Reflecting on my journey over the last 15 years, I have realized that it’s the same strengths that I demonstrated as a music teacher that have contributed to my success in the high tech sector. One […]

3 min read

Over the past three years, Cisco has invested in the creation of an application security awareness program. The program helps the good citizens of this company understand, apply, and act upon a strategy to build more trustworthy products. We launched the existence of the program to the world at the RSA Conference 2015. I am […]

2 min read

On April 13th, 2015, Cisco PSIRT was made aware of multiple instances of customer disruption in a specific region caused by a denial of service attack against Cisco devices. We responded quickly to support speedy restoration for our customers. Our ongoing investigation has shown that the storage of some Cisco devices was erased, removing both […]

1 min read

Cybersecurity is a company-wide initiative. It touches every line of business, the technology, the fabric of the organization, its culture, brand and reputation. Customers are telling us that their most important issues are security and assuring the integrity of the products and data in their networks. In light of the heightened potential for cyber threats, trust […]

1 min read

The Cisco TelePresence Hardening Guide has been updated, adding the DX70, DX80, and DX650 models. The Cisco DX Series run the Google Android operating system, which has special considerations for security. The updates cover security areas related to: Access to the Google Play store and 3rd party apps Remote access to the device Simple versus Enhanced […]

2 min read

Be sure to join us on Twitter for #CiscoChat: Incident Response in a Complex Threat Environment on Tuesday, April 21 from 2 to 3 p.m. PST/ 11am to Noon EST. Just search for the hashtag #CiscoChat to find the conversation.

3 min read

One of the great scientific challenges of our time is the construction of a practical quantum computer. Operating using the counterintuitive principles of quantum physics, such a device could rapidly explore an vast number of possible states. It could perform computational tasks that are far beyond our current capabilities, such as modeling molecules and designing […]