Retailers Lying Awake at Night – Who’s Next?
In the past few weeks, I’ve received two replacement credit cards. And, no, this does not indicate I’ve done too much shopping! It means that hackers are continuing to target retailers and the bank decided I needed to be protected by new credit card numbers. I’m Carol Ferrara-Zarb, and as the leader of Cisco’s Security Solutions […]
Attack Analysis with a Fast Graph
This post is co-authored by Martin Lee, Armin Pelkmann, and Preetham Raghunanda. Cyber security analysts tend to redundantly perform the same attack queries with different input data. Unfortunately, the search for useful meta-data correlation across proprietary and open source data sets may be laborious and time consuming with relational databases as multiple tables are joined, […]
Angling for Silverlight Exploits
This post is co-authored by Andrew Tsonchev, Jaeson Schultz, Alex Chiu, Seth Hanford, Craig Williams, Steven Poulson, and Joel Esler. Special thanks to co-author Brandon Stultz for the exploit reverse engineering. Silverlight exploits are the drive-by flavor of the month. Exploit Kit (EK) owners are adding Silverlight to their update releases, and since April 23rd we have […]
Sensitive Data Exfiltration and the Insider
The Insider Lifecycle Traditional security is designed to keep outsiders from getting in. What happens when the enemy is an insider? A new paradigm must be explored, where the focus needs to shift inward and how data is going outbound. Identifying anomalies in data exfiltration is critical to how to spot the insider. The insider […]