security

Enterprises, governments, and organizations of all sizes are moving to the cloud in record numbers. The cloud can offer resiliency, but it also introduces new security challenges. Security needs to be baked in from the beginning, across the board. Cisco has invested over $1 billion in people, infras…

Today the web is a favorite vector for threat actors to launch their attacks. According to the Cisco 2014 Midyear Security Report, More than 90 percent of customer networks observed in the first half of 2014 were identified as having traffic going to websites that host malware. More recently, Talos…

This month Microsoft is releasing 14 security bulletins. Originally they had planned to release 16, but due to issues that emerged in late testing, two bulletins that were announced in the Advance Security Notification, MS14-068 and MS14-075, have been postponed. Of the 14 bulletins, four are consid…

Mention Network Access Control (NAC) to some security or network operations engineers, and they just might grimace.  Why?  Most people still associate NAC with a set of technologies that were complicated to deploy and implement effectively. Today, however, those nightmare assumptions are far removed…

Cisco customers, partners, and field have been eagerly awaiting the release of the latest version of the Identity Services Engine and the AnyConnect Secure Mobility Client. Well, the wait is now over! After another highly successful limited availability program, Cisco ISE 1.3 and Cisco AnyConnect 4.…

This post was authored by Yves Younan and edited by Armin Pelkmann Table of contents CVE-2014-3697, VRT-2014-0205 CVE-2014-3696, VRT-2014-0204 CVE-2014-3695, VRT-2014-0203 Cisco Talos is announcing the discovery and patching of another three 3 CVE vulnerabilities in Pidgin (An open-source multi-plat…

In our increasingly interconnected world, the Internet of Everything is making trust a critical element of how people use network-connected devices to work, play, live, and learn. The relentless rise in information security breaches underscores the deep need for enterprises and governments alike to…

As I’ve discussed in past blog posts, advanced malware and sophisticated attacks are relentless as they compromise environments using new and stealthy techniques. Modern malware is dynamic and exists in an interconnected ecosystem that is constantly in motion. It will use an array of attack ve…

At a recent offsite, the Identity Services Engine (ISE) project team, and our InfoSec and Mobility teams spoke at length about how we will tackle the challenge of getting all Internet of Everything (IoE) devices securely on the network. Cisco IT has an aggressive schedule for the deployment of ISE c…