17 Mar | View galleries
WebEx admins should take note of Cisco's advisory for its Webex Network Recording Player.
US NIST doesn’t have a system for certifying internet-connected things.
It may have only involved a few dozen executives, but if the findings of a new survey are anything to go by, Australian companies are leaving themselves horribly exposed:
Admins should keep an eye out for incoming patches that fix the products that use a vulnerable version of the Apache Struts 2 software library.
Attackers use iOS age restrictions to hide real apps and force victims into using a malicious one.
Security orchestration methods and of course SDN is driving the need for programmable interfaces in security products. The Cisco ASA Firewall added a REST API back in December with the 9.3(2) code release. I've asked Mason Harris, from Cisco, to write up a quick how-to primer on the ASA API capabilities. Thank you Mason for the great information.
Cisco had a pretty large dump of security advisories today – seven “high priority” and one “critical” – impacting a variety of products.
Cisco today issued two “critical” security advisories, one for Cisco IOS and Cisco IOS XE Software, the other for the ongoing discovery of problems with Apache Struts2
Cisco issues one "Critical" warning for vulnerability in Aironet 1830 Series and 1850 Series Access Points
In an attempt to address such anxieties Cisco today announced Umbrella, a secure, cloud-based gateway, based on technology from OpenDNS and other technologies it acquired such as CloudLock as well as existing Cisco security services that together ultimately promises to offer secure business access to resources even when users are not using the safety of a VPN.
Cloud, mobility, Internet of Everything (IoE), and social media technologies, combined with digital business practices, have helped countless organisations transform how they operate. But they have also increased the attack surface. Old methods of cybersecurity that focus on perimeter defense are no longer enough to keep an organisation safe. Organisations recognise that cyber attacks will be launched against them. But by adopting cyber resilient architectures and business processes, they can shift from a reactive to proactive state and tackle cyber risks with confidence. This paper: • Defines cyber resilience • Outlines its major benefits • Describes the seven major system capabilities of a cyber resilient enterprise
Email fraud is nothing new, but online criminals have become ever more-effective at spoofing their identities to trick employees into sending them money. The Australian Centre for Cyber Security (ACSC) recorded losses of over $20M to business email compromise (BEC) attacks last year alone, up 230 percent over the previous year – and the full amount is certain to be much larger.
Cybersecurity Insights - Attack
No matter how robust your security, or how diligent your employees, network credentials are a free pass for cybercriminals. This is mostly because employees are relied upon for their own password management. And with more than 4.8 billion sets of stolen credentials said to be available online, odds are that at least a few of your employees’ user IDs and passwords are just waiting to be used by unscrupulous outsiders. Are you ready to stop them?
Cybersecurity Insights - People
Cyber resilience will be particularly important as Australian organisations face increased pressure to quickly detect, respond to, and manage the repercussions of breaches in the wake of 2018’s Notifiable Data Breaches (NDB) scheme.