Security

May 1, 2013

SECURITY

Linux/CDorked FAQs

Last Friday (April 26), ESET and Sucuri simultaneously blogged about the discovery of Linux/CDorked, a backdoor impacting Apache servers running cPanel. Since that announcement, there has been some confusion surrounding the exact nature of these attacks. Rather than reinvent the analysis that has al…

April 30, 2013

SECURITY

Tools of the Trade: The Compressed Pcap Packet Indexing Program

Prologue The Compressed Pcap Packet Indexing Program (cppip) is a tool to enable extremely fast extraction of packets from a compressed pcap file. This tool is intended for security and network folk who work with large pcap files. This article provides a complete discussion of the tool and is split…

April 24, 2013

SECURITY

Possible Exploit Vector for DarkLeech Compromises

Often it is quite surprising how long old, well-known vulnerabilities continue to be exploited. Recently, a friend sent me an example of a malicious script used in an attempted attack against their server: The script attempted to exploit the Horde/IMP Plesk Webmail Exploit in vulnerable versions of…

April 23, 2013

SECURITY

Latest Oracle Java Patches and Security Best Practices

Java exploits account for 87% of total web exploits – Cisco 2013 Annual Security Report This month’s release of the Oracle Java SE Critical Patch Update includes patches for 42 vulnerabilities. Vulnerabilities in the Oracle Java SE Java Runtime Environment (JRE) component have received widespr…

April 22, 2013

SECURITY

London Calling

The Infosec London Conference is coming up this week, running April 23-25 at the Earl’s Court Exhibition Center. Cisco will be there of course, in a booth showing the latest Cisco security innovations and presenting four papers on: • “Securely Accelerate Access to Data Center Applications” (Tuesday,…

April 22, 2013

SECURITY

Customized WordPress, Joomla Brute Force Login Attempts

In recent weeks, the occurrence of brute force login attempts targeting WordPress and Joomla installations have significantly increased in volume, with some entities reporting triple the attempts seen in the past. The attack volume has been so severe that it has led some hosting providers to block a…

April 22, 2013

SECURITY

CVRF: A Penny For Your Thoughts

The Common Vulnerability Reporting Framework (CVRF) is a security automation standard intended to make your life easier by offering a common language to exchange traditional security and vulnerability bulletins, reports, and advisories. You can read more about it on the official ICASI CVRF 1.1 page,…

April 19, 2013

SECURITY

Security Automation Live Webcast!

UPDATE: Webcast information is also now available at the Cisco Live 365 site Many network security administrators are struggling to keep their network “up-to-date” with the constant release of new vulnerabilities and software fixes. At the same time, they’re under pressure to provi…

April 18, 2013

SECURITY

Yesterday Boston, Today Waco, Tomorrow Malware

At 10:30 UTC one of the botnet spam campaigns we discussed yesterday took a shift to focus on the recent explosion in Texas. The miscreants responded to the tragic events in Texas almost immediately. The volume of the attack is similar to what we witnessed yesterday with the maximum volume peaking a…

Why Cisco Security?

Explore our Products & Services

Subscribe to our Blogs

Stay up to date and get the latest blogs from Cisco Security