17 Mar | View galleries
A vulnerability in Cisco’s widely deployed IOS software that was disclosed in the recent WikiLeaks dump of CIA exploits has triggered the company to release a critical warning for its Catalyst networking customers.
Cisco has reported a serious flaw in its IOS software that could give hackers complete control over 300 vulnerable enterprise and industrial switches.
Governments and corporations alike must escalate the treatment of cybersecurity to the point where it is handled with the same severity as any other risk, speakers at this month’s Cisco Live! conference agreed as security and IT administrators gathered to weigh the progress of cybersecurity policy and technology.
It may not be a word that most CISOs use to describe their jobs, but the proclamation of Cisco Systems chief information security officer Steve Martino (read CSO Australia’s interview) that “it’s sexy to be a security person today” resonated strongly with the themes of this year’s Cisco Live! conference in Melbourne.
Australia’s mandatory breach disclosure legislation has leapfrogged that in other countries and reflects the government’s world-beating cybersecurity posture, Cisco Systems’ most senior security executive has advised while warning that Australian security innovators must not be afraid to “go for it” to help the country dominate the region’s cybersecurity agenda.
Security orchestration methods and of course SDN is driving the need for programmable interfaces in security products. The Cisco ASA Firewall added a REST API back in December with the 9.3(2) code release. I've asked Mason Harris, from Cisco, to write up a quick how-to primer on the ASA API capabilities. Thank you Mason for the great information.
In an attempt to address such anxieties Cisco today announced Umbrella, a secure, cloud-based gateway, based on technology from OpenDNS and other technologies it acquired such as CloudLock as well as existing Cisco security services that together ultimately promises to offer secure business access to resources even when users are not using the safety of a VPN.
Security vendor Imperva is shopping itself around and may be attractive to the likes of Cisco and IBM, according to Bloomberg.
Cisco’s security intelligence and research group Talos, said that it had reported a serious vulnerability in Rockwell Automation’s industrial control system – the MicroLogix 1400 programmable logic controller (PLC). The Simple Network Management Protocol exploit could let an attacker take complete remote control of the MicroLogix system and modify the device firmware, letting an invader run his own malicious code on the device.
When Black Hat convenes next week in Las Vegas, it will be a rich environment for gathering tools that can be used to tighten security but also - in the wrong hands - to carry out exploits.
What can malware do in 60 seconds? One minute can change everything for a business. The speed of business is all about being responsive to customers and stakeholders. So what happens when the speed of business is overtaken by the speed of malware? Given the unprecedented growth in the number of security threats that focus on stealing data, sabotaging business continuity and damaging a company’s reputation, what should organizations do to ensure the speed of malware doesn’t disrupt the speed of business? T