Empowering Defenders: AMP Unity and Cisco Threat Response
Steadily, more than two thousand customers have incorporated Threat Response and AMP Unity into their daily workflows.
The impact on network security through encrypted protocols – TLS 1.3
This post is the second part of my series around the impact of encrypted protocols on network security. You can find the first article about HTTP/2 here: http://blogs.cisco.com/security/the-impact-on-network-security-through-encrypted-protocols-http2 Now let us focus on the new and upcoming specification of TLS 1.3. It is important to understand what advantages TLS 1.3 brings to us, but also […]
The Secure Way to IPv6 – Use Your Proxy!
When asked about IPv6, many companies are aware that they must do something, but are not sure what is the best way to approach IPv6. In my talks with customers, I found that the unfamiliarity with IPv6 is one of the biggest obstacles. So, to gain experience with IPv6, there are several paths to go […]
Extending control and advanced threat protection for web security
Today the web is a favorite vector for threat actors to launch their attacks. According to the Cisco 2014 Midyear Security Report, More than 90 percent of customer networks observed in the first half of 2014 were identified as having traffic going to websites that host malware. More recently, Talos uncovered a massive malvertising network known […]
Threat Spotlight: “Kyle and Stan” Malvertising Network 9 Times Larger Than Expected
This post was authored by Armin Pelkmann. On September 8th, Cisco’s Talos Security Intelligence & Research Group unveiled the existence of the “Kyle and Stan” Malvertisement Network. The network was responsible for placing malicious advertisements on big websites like amazon.com, ads.yahoo.com, www.winrar.com, youtube.com and 70 other domains. As it turns out, this was just the tip of the iceberg. Ongoing research now reveals […]
Threat Spotlight: “Kyle and Stan” Malvertising Network Threatens Windows and Mac Users With Mutating Malware
This post was authored by Shaun Hurley, David McDaniel and Armin Pelkmann. Update 2014-09-22: Updates on this threat can be found here Have you visited amazon.com, ads.yahoo.com, www.winrar.com, youtube.com, or any of the 74 domains listed below lately? If the answer is yes, then you may have been a victim to the “Kyle and Stan” […]
Filtering Explicit Content
Many web sites provide a setting to reduce the amount of explicit, or objectionable, content returned by the site. The user configures these settings, but many users are unaware such a setting exists, or that it needs to be set for each web site. Additionally, the security administrator cannot audit that users have configured the […]
Botnets Riding Rails to your Data Center
Cisco Security Intelligence Operations is tracking reports of ongoing exploitation of a vulnerability in the popular web application framework Ruby on Rails that creates a Linux-based botnet. The vulnerability dates back to January 2013 and affects Ruby on Rails versions prior to 3.2.11, 3.1.10, 3.0.19, and 2.3.15. Cisco Security Intelligence Operations’ has previously published an […]