Posts Tagged Cisco
Cisco Intended to purchase ScanSafe, Leading SaaS Web Security Provider
Posted by Mourad Ben Lakhoua in Cloud Computing Security, News, Web Security on October 29, 2009
Cisco is about to purchase ScanSafe a web security company for a 183 million dollars. This step will allow Cisco to increase the competition with other big companies in this industry such as Symantec and McAfee.
ScanSafe provides products in the web filtering security services to protect corporate workstations and networks from hackers. You will already notice on the home page a message shows that “Cisco to acquire ScanSafe”.
Symantec and McAfee are the leaders in Computer security software field and are offering already a bunch of advance Cloud based security software with a high growth in sales that exceeds the traditional antiviruses.
This step will help Cisco to expand their security services to include Web security and email security services that are already provided by Ironport, so we expect a Total space security by Cisco.
make sure you subscribe to my RSS feed!
Microsoft and Cisco released a fix for the Sockstress TCP DoS
Posted by Mourad Ben Lakhoua in News, Vulnerabilities on September 10, 2009
Microsoft and Cisco have released a number of updates designed to protect customers from a new types of attack that do not require a big bandwidth access and can cause a denial-of-service condition on routers and servers.
The same bug that was discovered last year on October, in which researchers Jack C. Louis and Robert E. Lee demonstrated how it is possible to route traffic from victim’s machine making the remote system unavailable.
Microsoft has made advisory bulletin (MS09-048) available yesterday which covers a wide range of Operating system network vulnerabilities and in this update it introduces a new measure of protection named memory pressure protection, this can helps to automatically resets the TCP connection and SYN requests in case of attack.
The Tuesday update includes fixing for eight vulnerabilities in JavaScript Scripting Engine, Windows Media Format and Wireless software…, here you can find more details.
On the other hand Cisco also released a security advisory for the TCP DoS attack, warning costumers that products (Cisco IOS Software, Cisco IOS-XE Software, Cisco CatOS Software, Cisco Adaptive Security Appliance and Cisco PIX, Cisco NX-OS Software) are affected by this vulnerability.
So it is time to review the security advisories and implement the suggested workarounds list to help mitigate the risks.
make sure you subscribe to my RSS feed!
Cisco Releases Security Advisory for Firewall Services Module Vulnerability
Posted by Mourad Ben Lakhoua in News, Vulnerabilities on August 21, 2009
Cisco has released a new update designed to patch vulnerabilities in their network devices. According to Cisco this hole can allow an attacker to create a denial of service on the routers and switches. This vulnerability particularly concerns the Cisco Firewall Services Module (FWSM) for Cisco catalyst 6500 and Cisco router 7600 series.
The vulnerability exists in the Firewall Services Module. By sending specially crafted ICMP messages to the Firewall Services Module, an attacker can cause a denial-of-service condition.
For this month there were already long lists of software patches among them the latest ColdFusion and JRun patches and the monthly set of patches by Microsoft that was designed to eliminate 19 Bugs.
So take a look at all security advisories and apply any necessary updates or workarounds to help mitigate the risks.
make sure you subscribe to my RSS feed!
Cloud computing a 'security nightmare,' says Cisco CEO
Posted by Mourad Ben Lakhoua in Cloud Computing Security on April 23, 2009
If anyone has the right to be excited about cloud computing, it’s John Chambers. But on Wednesday Cisco Systems’ Chairman and CEO conceded that the computing industry’s move to sell pay-as-you-go computing cycles available as a service on the Internet was also “a security nightmare.”
Speaking during a keynote address at the annual security confab, Chambers said that cloud computing was inevitable, but that it would shake up the way that networks are secured. “You’ll have no idea what’s in the corporate data center,” he said. “That is exciting to me as a network player. Boy am I going to sell a lot of stuff to tie that together.”
However, he added, “It is a security nightmare and it can’t be handled in traditional ways.”
Cloud computing is a hot topic here at the RSA security conference in San Francisco this week. Big computing companies like Cisco and IBM are eager to talk about it, but security experts see a lot of work ahead.
“I think it’s really going to be a focal point of a lot of our work in the cyber security area,” said Ronald Rivest a MIT computer science professor and noted cryptographer, speaking during a conference panel Tuesday. “Cloud computing sounds so sweet and wonderful and safe… we should just be aware of the terminology, if we go around for a week calling it swamp computing I think you might have the right mindset.”
[Source: Computer world]
SUBSCRIBE
Latest Comments