Archiv für die Kategorie: Cisco Security Notice

By Anthony Grieco With cyber threats escalating, security has emerged as a critical business driver and competitive differentiator. Organizations that successfully embed security throughout their network infrastructure, policies, processes, and culture are able to reduce risk while creating sustainable business advantage. At CiscoLive Berlin this year, we will examine how Cisco is building foundational security into the underlying architecture of our solutions as well as throughout our business operations to enhance the security of our products, our customers, and our company. Technical seminar TECSEC-4000 at […]

Source:: Cisco Security Notice

By John Klimarchuk On January 20, 2016, a new Linux Kernel zero-day vulnerability was disclosed by Perception Point . The vulnerability has the potential to allow attackers to gain root on affected devices by running a malicious Android or Linux application. Our investigation is ongoing; however, at this time we have not identified any Cisco products as exploitable. Should this change, we will publish a Security Advisory on the Cisco Security Portal. Additional Background: The Linux Kernel Zero-Day vulnerability has been present in Linux kernel […]

Source:: Cisco Security Notice

By Michelle Dennedy Data Privacy Day is January 28, and this year’s theme examines issues around respecting privacy, protecting data and enabling trust. Today more than ever, any global company is a digitized company, which means that every company is grappling with challenges around privacy, security and trust. As a result, these challenges are no longer an IT-only responsibility and now must be addressed by everyone: vendor, customer, partner, board member and end-user alike. While many security and privacy trends facing global companies […]

Source:: Cisco Security Notice

By Talos Group This post was authored by Aleksandar Nikolic, Warren Mercer, and Jaeson Schultz. Summary MiniUPnP is commonly used to allow two devices which are behind NAT firewalls to communicate with each other by opening connections in each of the firewalls, commonly known as “hole punching”. Various software implementations of this technique enable various peer-to-peer software applications, such as Tor and cryptocurrency miners and wallets, to operate on the network. In 2015 Talos identified and reported a buffer overflow vulnerability in client […]

Source:: Cisco Security Notice

By Tobias Mayer When dealing with TLS connections, it is important to understand how a client (in most cases this is a web browser) will be acting. Let’s quickly check some of the steps that are happening when a TLS connection is made. A web server will send its certificate down to the requesting client during the TLS handshake. But it is not only a single certificate but usually a complete chain of certificates. There is the server certificate , in many cases […]

Source:: Cisco Security Notice