Cisco Systems has released a security update that closes a backdoor allowing attackers to control software that large organizations use to manage voice over IP (VoIP) calls and messaging over their networks.
Cisco has discovered spearphishing malware in Microsoft Word that uses an exploit targeting the software's Visual Basic Scripting for Applications feature.
Cisco's investigation into the malware identified a group of attacks by the same threat actor, with Cisco exposing the threat actor's network after it had discovered a Microsoft Word document that downloaded and executed a secondary sample, which began beaconing to a command and control server.
Cisco has continued the expansion of its security portfolio with the acquisition of malware analysis outfit ThreatGRID.
The acquisition target was founded in 2012, one of the then-burgeoning number of companies that pushed malware analysis, threat intelligence, and security analytics into the cloud (supplemented by an on-premise appliance).
Cisco chief executive John Chambers has complained to US President Barack Obama about the National Security Agency's spying practices, saying they were harming overseas business for US tech firms.
"This issue affects an entire industry," the head of the telecom equipment maker said in a letter dated Friday obtained by AFP.
Today’s security challenges are real and significant. We want governments to detect and disrupt terrorist networks before they inflict harm on our society, our citizens, and our systems of government. We also want to live in countries that respect their citizens’ basic human rights. The tension between security and freedom has become one the most pressing issues of our day. Societies wracked by terror cannot be truly free, but an overreaching government can also undermine freedom.
Cisco's security chief discusses security in the Internet of things era as software-defined networking is set to take hold.
As the Internet opens ups to connect more things and networking models move from physical devices to a virtualized software-defined networking (SDN) model, security needs to be top of mind. That's the message that Chris Young, senior vice president for Cisco's security business unit, is driving both within Cisco and to the market as a whole.
Cisco today kicked off a contest with $300,000 in prize money that challenges security experts around the world to put together ways to secure what's now called the "Internet of Things," the wide range of non-traditional computing devices used on the electric grid, in healthcare and many other industries.
Having acquired the security firm Sourcefire last October, Cisco is using this week's RSA Conference as the showcase for how Cisco's security products are being integrated as well as detailing how it will cut an open-source path for the next-generation application-layer firewall/IPS.
Innovatio IP Ventures has become arguably the most infamous sender of patent demand letters in recent memory, besides the $1,000-per-worker "scanner trolls" we covered last year. Innovatio bought old Broadcom patents and then sent out more than 13,000 letters asking for individual chain hotels and coffee-shops to pay between $2,300 and $5,000 in licensing fees, for using off-the-shelf Wi-Fi routers and other access points. When the company didn't get paid, lawsuits followed.
First there was cloud computing. Now Cisco is going deeper with what it refers to as "fog computing."
The networking giant has unveiled a new platform, once again revolving around the Internet of Things.
