Cisco aims for AI-first security with Armorblox buy

Cisco plans to buy Armorblox, a six-year-old AI vendor, to help create “an AI-first Security Cloud.”“Leveraging Armorblox’s use of predictive and Generative AI across our portfolio, we will change the way our customers understand and interact with their security control points,” wrote Raj Chopra senior vice president and chief product officer for Cisco Security in a blog announcing the pending acquistion.While securing email was Armorblox’s first application of its AI techniques, they might also be applied to attack prediction, rapid threat detection, and efficient policy enforcement, Chopra wrote. “Through this acquisition though, we see many exciting broad security use cases and possibilities to unlock.”To read this article in full, please click here READ MORE HERE…

Read more

Cisco wants you to buy now, pay later

Cisco today announced a new finance program that encourages customers to buy products and services now without having to start paying for them till 2024.Specifically the Cisco Capital Business Acceleration Program will let customers purchasing Cisco products before July 29, 2023, and defer all payments until 2024. Payments deferred until 2024 would be based on the total amount financed and contract terms, the vendor stated.Cisco said another flexible payment option is available for its partners to let their customers buy Cisco technology today, and pay later, the vendor said in a statement.The entirety of Cisco’s portfolio is eligible for the program, including hardware, software, and services, as well as select partner services and third-party hardware. In addition the Cisco Refresh portfolio of Cisco certified remanufactured products is also eligible for organizations that want to acquire used gear, the vendor stated.To read this article in full, please click here READ MORE HERE…

Read more

Your decommissioned routers could be a security disaster

Here’s bad news: It’s easy to buy used enterprise routers that haven’t been decommissioned properly and that still contain data about the organizations they were once connected to, including IPsec credentials, application lists, and cryptographic keys.“This leaves critical and sensitive configuration data from the original owner or operatoraccessible to the purchaser and open to abuse,” according to a white paper by Cameron Camp, security researcher, and Tony Anscombe, chief security evangelist, for security firm Eset (See: Discarded, not destroyed: Old routers reveal corporate secrets).To read this article in full, please click here READ MORE HERE…

Read more

Arista streamlines network access control via SaaS

Arista Networks has rolled out a SaaS-based service aimed at helping enterprises more network access control (NAC) more easily.The service, called CloudVision Guardian for Network Identity (CV-AGNI) uses real-time telemetry from Arista’s network products, combines it with data from its CloudVision management platform, and uses artificial intelligence to evaluate the information and implement security policies. The service can also onboard new devices, authenticate existing users, segment devices on the network, or help troubleshoot problems from a cloud-based system, according to Pramod Badjate, group vice president and general manager, of Arista’s Cognitive Campus group. To read this article in full, please click here READ MORE HERE…

Read more

Cisco to launch an extended detection and response SaaS package

Cisco is taking its first major step into Extended Detection and Response (XDR) with a SaaS-delivered integrated system of endpoint, network, firewall, email and identity software aimed at protecting enterprise resources.Cisco’s XDR service, which will be available July, brings together myriad Cisco and third-party security products to control network access, analyze incidents, remediate threats, and automate response all from a single cloud-based interface. The offering gathers six telemetry sources that Security Operations Center (SOC) operators say are critical for an XDR solution: endpoint, network, firewall, email, identity, and DNS, Cisco stated.To read this article in full, please click here READ MORE HERE…

Read more

Cisco warns of attacks on network routers, firewalls

Cisco’s Talos security intelligence group issued a warning today about an uptick in highly sophisticated attacks on network infrastructure including routers and firewalls.The Cisco warning piggybacks a similar joint warning issued today from The UK National Cyber Security Centre (NCSC), the US National Security Agency (NSA), US Cybersecurity and Infrastructure Security Agency (CISA) and US Federal Bureau of Investigation (FBI) that noted an uptick in threats in part utilizing an exploit that first came to light in 2017.  That exploit targeted an SNMP vulnerability in Cisco routers that the vendor patched in 2017. To read this article in full, please click here READ MORE HERE…

Read more

Nation-state threat actor Mint Sandstorm refines tradecraft to attack high-value targets

Today, Microsoft is reporting on a distinct subset of Mint Sandstorm (formerly known as PHOSPHORUS), an Iranian threat actor that specializes in hacking into and stealing sensitive information from high-value targets. This subset is technically and operationally mature, capable of developing bespoke tooling and quickly weaponizing recently disclosed vulnerabilities.
The post Nation-state threat actor Mint Sandstorm refines tradecraft to attack high-value targets appeared first on Microsoft Security Blog. READ MORE HERE…

Read more

DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia

Microsoft analyzes a threat group tracked as DEV-0196, the actor’s iOS malware “KingsPawn”, and their link to an Israel-based private sector offensive actor (PSOA) known as QuaDream, which reportedly sells a suite of exploits, malware, and infrastructure called REIGN, that’s designed to exfiltrate data from mobile devices.
The post DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia appeared first on Microsoft Security Blog. READ MORE HERE…

Read more