On September 15, Cisco and Mandiant (FireEye) published information about a new type of malware called "SYNful Knock.” This attack isn’t caused by an issue with Cisco products. It occurs when an attacker gains or steals administrative credentials or gets physical access to a networking device. They can then load a modified version of the device’s operating system software.
For some time we’ve talked about networking devices and their credentials being high-value targets for attackers, and the need to protect them accordingly. In this video, Cisco Principal Engineer, Omar Santos describes SYNful Knock and shares details that will help customers detect, remediate and prevent future attacks.
On January 22, 2020, the Cisco Product Security Incident Response Team (PSIRT) disclosed a vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC). The vulnerability could allow an unauthenticated, remote attac...
Meet the Authors Event - A Cybersecurity Deep Dive with Omar Santos
(Live event – Thursday, January 23rd, 2020 at 10:00 a.m. Pacific / 1:00 p.m. Eastern / 7:00 p.m. Paris)
This event will have place on Thursday 23rd, January 2020 at 10hrs PDT
Posting this for anyone interested in using a Raspberry PI as a flow collector for Stealthwatch. We created a very lightweight version of our software. It can create flows if the eth port is attached to a SPAN or you can forward NetFlow/IPFIX ...
Dear Team Suppose we have hundreds of rules in access policy on cisco fmc device. Now I want to fetch all access policy rules in which I have mentioned some specific port number X. Can anyone help me with the process to fetch the same?