Archiv für die Kategorie: Cisco Security Notice

By Joe Malenfant I recently had the opportunity to sit down with Roland Cloutier, Global Chief Security Officer at ADP and former CISO at EMC, to discuss how they integrate and leverage threat intelligence into their security operations centers as well as their greater security technology infrastructure. It’s pretty rare for the CISO of a F500 company to discuss what technologies they use in such an open way, but it was really a testament to the trust they have for the solutions they […]

Source:: Cisco Security Notice

By Talos Group Talos is releasing an advisory for multiple vulnerabilities that have been found within the Total Commander FileInfo Plugin. These vulnerabilities are local denial of service flaws and have been assigned CVE-2015-2869. In accordance with our Vendor Vulnerability Reporting and Disclosure policy, these vulnerabilities have been disclosed to the plugin author(s) and CERT. This post serves as a summary of the advisory. Credit for these discoveries belongs to Marcin Noga of Talos. TALOS-2015-024/CVE-2015-2869 An attacker who controls the content of a COFF Archive Library […]

Source:: Cisco Security Notice

By Stuart Broderick Several years ago, an employee at an organization I worked for was terminated from his job, effective immediately. While being escorted from the facility this user picked up “his” backup media and started to leave the building. Fortunately, the security guards thought this was a little suspicious and escorted the user to the data center to ask whether this was permitted. They learned it wasn’t permitted and the user challenged the company’s right to confiscate of “his backup media”. In […]

Source:: Cisco Security Notice

By Joe Malenfant We recently announced the release of AsyncOS 9.5 for Cisco Email Security that included the integration of AMP Threat Grid. Now if Threat Grid could talk it would sound a lot like Ron Burgundy and say “I’m not sure if you know this, but I’m kind of a big deal.” Email is consistently one of the top two threat vectors for malware because so many people out there still open an attachment that looks harmless from someone they don’t know. We all […]

Source:: Cisco Security Notice

By Talos Group Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release sees a total of 14 bulletins being released which address 57 CVEs. Four of the bulletins are listed as Critical and address vulnerabilities in Windows Server Hyper-V, VBScript Scripting Engine, Remote Desktop Protocol (RDP) and Internet Explorer. The remaining ten bulletins are marked as Important and address vulnerabilities in SQL Server, Windows DCOM RPC, NETLOGON, Windows Graphic Component, Windows […]

Source:: Cisco Security Notice