Cisco SIO
March Madness May Equal to Malware Madness
Are you excited about March Madness? Turn on a TV and it will be hard to avoid the games, the news, the commentaries, and the jokes about it. If you eavesdrop in any restaurant, bar, or office conversation, I can assure you that you will hear something about it. Even U.S. President Barack Obama fill…
Chronology of a DDoS: SpamHaus
Around 12:00 GMT March 16, 2013, a distributed denial of service (DDoS) attack took offline both the spamhaus.org website and a portion of its e-mail services. SpamHaus was able to restore connectivity by March 18; however, SpamHaus is still weathering a massive, ongoing DDoS attack. The DDoS attack…
Thoughts on DarkSeoul: Data Sharing and Targeted Attackers
The attacks against South Korean media and banking organizations last week severely disrupted a handful of organizations with a coordinated distribution of “wiper” malware designed to destroy data on hard drives and render them unbootable. At 14:00 KST on March 20, 2013, the wiper was tr…
Today’s the Day: Announcing the Cisco IOS Software Security Advisory Bundle
Today, Cisco is celebrating a milestone in its commitment to helping you act on security intelligence—our 10th bundle of Cisco IOS Software Security Advisories. We’re proud of our commitment to these predictable disclosures (on the fourth Wednesday of March and September annually) because they…
Cisco Security Masters Dojo Course at CanSecWest 2013
My colleague, Joe Karpenko, and I will be presenting the Network Threat Defense, Countermeasures, and Controls Security Masters Dojo training course at the CanSecWest 2013 Applied Security Conference. Attendees will perform two roles. First, as a Security Practitioner who will secure and harden devi…
New PSIRT Deliverable Aids Transparency in Vulnerability Disclosure
A phrase I’ve recently been hearing repeated is that “product features will come and go, but risk mitigation is continuous.” With that in mind, our Product Security Incident Response Team (PSIRT) is doing its part by seeking ways to improve how we transparently communicate information about Cisco p…
Protecting Our Networks: It’s a Team Game Now!
I have been coaching youth sports for the past seven plus years now and one of my common mantras when speaking to the girls and boys each season is that “we will win as a team and lose as a team.” In other words, I will never tolerate one player acting selfishly enough to think he or she is above e…
Security Assessments: More Than Meets the Eye
Is the product safe to use? I have been asked this question on occasion in a non-technical sense and maybe you have too. In a technical context, I could frame the question as “Are the online services and underlying technologies supporting my services safe?” A continuous effort must go into substant…
1