SYNful Knock: Protect Your Credentials, Protect Your Network

/in /von

By Omar Santos Interest in IT security has never been higher. So when a new type of attack comes along, it attracts the attention of our customers and others in the industry. Earlier this week Cisco and Mandiant/Fireye released information about the so-called SYNful Knock malware found on Cisco networking devices. You can read my earlier blog on this subject here: SYNful Knock: Detecting and Mitigating Cisco IOS Software Attacks . This attack isn’t caused by a problem or vulnerability with a Cisco product. It results from an attacker stealing administrative credentials []

Source:: Cisco Security Notice

Fortinet and Splunk Technical Alliance Delivers High Performance Security Intelligence, Visibility and Protection to Customers Globally

/in /von

Fortinet and Splunk Technical Alliance Delivers High Performance Security Intelligence, Visibility and Protection to Customers Globally

Source:: Fortinet

Fortinet and Splunk Technical Alliance Delivers High Performance Security Intelligence, Visibility and Protection to Customers Globally

/in /von

Fortinet and Splunk Technical Alliance Delivers High Performance Security Intelligence, Visibility and Protection to Customers Globally

Source:: Fortinet

Hello World!

/in /von

By Dan Hubbard This post is officially my first after coming over as part of the Cisco acquisition of OpenDNS . Since 2012, I’ve served as the CTO and am proud to be part of an incredible research team, OpenDNS Labs. Like the Talos Research Group we are focussed on detecting and preventing threats that help protect our customers globally. We are uniquely positioned to do this through statistical models and classification techniques that are fueled by our satellite view of the internet’s infrastructure with more than 80 Billion active DNS queries per day. Today I’d like []

Source:: Cisco Security Notice

Hello World!

/in /von

By Dan Hubbard This post is officially my first after coming over as part of the Cisco acquisition of OpenDNS . Since 2012, I’ve served as the CTO and am proud to be part of an incredible research team, OpenDNS Labs. Like the Talos Research Group we are focussed on detecting and preventing threats that help protect our customers globally. We are uniquely positioned to do this through statistical models and classification techniques that are fueled by our satellite view of the internet’s infrastructure with more than 80 Billion active DNS queries per day. Today I’d like []

Source:: Cisco Security Notice

When Does Software Start Becoming Malware?

/in /von

By Talos Group This post was authored by Earl Carter , Alex Chiu , Joel Esler , Geoff Serrao, and Brandon Stultz. Defining what is malware relies on determining when undesirable behavior crosses the line from benign to clearly unwanted. The lack of a single standard regarding what is and what is not acceptable behavior has established a murky gray area and vendors have taken advantage of this to push the limits of acceptable behavior. The “Infinity Popup Toolkit” is a prime example of software that falls into this []

Source:: Cisco Security Notice

When Does Software Start Becoming Malware?

/in /von

By Talos Group This post was authored by Earl Carter , Alex Chiu , Joel Esler , Geoff Serrao, and Brandon Stultz. Defining what is malware relies on determining when undesirable behavior crosses the line from benign to clearly unwanted. The lack of a single standard regarding what is and what is not acceptable behavior has established a murky gray area and vendors have taken advantage of this to push the limits of acceptable behavior. The “Infinity Popup Toolkit” is a prime example of software that falls into this []

Source:: Cisco Security Notice

Fortinet’s New High-Performance Web Application Firewalls and Security Services Further Protect Customer Data from Attack and Data Loss

/in /von

Fortinet’s New High-Performance Web Application Firewalls and Security Services Further Protect Customer Data from Attack and Data Loss

Source:: Fortinet

Fortinet’s New High-Performance Web Application Firewalls and Security Services Further Protect Customer Data from Attack and Data Loss

/in /von

Fortinet’s New High-Performance Web Application Firewalls and Security Services Further Protect Customer Data from Attack and Data Loss

Source:: Fortinet

SYNful Knock: Detecting and Mitigating Cisco IOS Software Attacks

/in /von

By Omar Santos Historically, threat actors have targeted network devices to create disruption through a denial of service (DoS) situation. While this remains the most common type of attack on network devices, we continue to see advances that focus on further compromising the victim’s infrastructure. Recently, the Cisco Product Security Incident Response Team (PSIRT) has alerted customers around the evolution of attacks against Cisco IOS Software platforms . Today, Mandiant/FireEye published an article describing an example of this type of attack. This involved a router “implant” that they dubbed SYNful Knock, reported to have been found in []

Source:: Cisco Security Notice