security

The topic of cybersecurity has become so ubiquitous that it’s almost a daily occurrence to read or hear about security breaches in the news. Cisco understands this paradigm shift within the nature of computing, that the Digital Economy and the Internet of Everything now requires what we are calling…

In one of my previous posts, I noted how Network Access Control (NAC) platforms have started evolving into more visibility-focused and context-aware platforms in the face of major business trends such as enterprise mobility, the migration of resources to the cloud, and the ubiquitous Internet of Eve…

“In our increasingly interconnected world, the Internet of Everything is making trust a critical element of how people use network-connected devices to work, play, live, and learn. The relentless rise in information security breaches underscores the deep need for enterprises to trust that their syst…

Today, enterprises need greater business agility and faster time-to-market for applications. That’s why, in many instances, they are building their own private clouds or adopting on-demand private cloud. Companies that are most suited to building their own private clouds are those that have deep eng…

Each day more than 100 billion corporate email messages are exchanged1. Who doesn’t need to do a little housekeeping and eliminate unwanted emails? But you need to think twice before you click on “unsubscribe.” As you likely read in the 2015 Cisco Annual Security Report, attackers are using applicat…

On May 19th, 2015 a team of researchers (Henninger et. al) published a paper with the title “Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice”. The paper can be divided in two sections: 1) discrete logs on a 512-bit Diffie-Hellman (DH) group, and 2) a new attack against th…

#CiscoChampion Radio is a podcast series by Cisco Champions as technologists. Today we’ll be talking about the Talos Security and Intelligence Research Group with Sr. Technical Leader / Security Outreach Manager Craig Williams. Listen to the Podcast. Learn about the Cisco Champions Program HERE. Se…

This post was authored by Cisco CSIRT’s Robert Semans, Brandon Enright, James Sheppard, and Matt Healy. In late 2013­­­–early 2014, a compromised FTP client dubbed “StealZilla,” based off the open source FileZilla FTP client was discovered. The attackers modified a few lines of code, recompile…

There’s a lot of hype around securing the Internet of Things (IoT). At the end of the day, I suggest that a more reasoned approach is in order. Securing the IoT will not be achieved by frantic worry about the volume of endpoints. Myopic focus on the volume of devices in an IoT ecosystem can lead to…