Monday, November 16, 2015

Cisco = Detect & Defend?

We see Cisco's new security marketing push; however, that doesn't seem to square with reality currently.  Case in point:

- Excel spreadsheet on the loose with a malicious macro.  Raytheon|Websense File Sandbox Report here.

- The downloader, per the above report, attempts to pull another exe via HTTP in Finland:


- However, the site in question is currently listed with a "neutral" web reputation.  In other words, your users are going there if you are protected by a Cisco IronPort Web Gateway:


In summary, you may ask what the AV Detection Rate for the initial part of the attack (Excel File) is? Not good... only 3 of 54 AV Companies are currently detecting/protecting:


Posted by at

2 comments:

  1. gibsonherryDecember 11, 2017 at 2:46 AM

    This blog is really helpful for my database. It enhanced the area of my thoughts and pushed me beyond the boundaries. Work ethic of every point is different and represent a new way to improve myself.Cisco SG95D

    ReplyDelete
  2. kashyapMarch 22, 2018 at 4:06 AM

    Thanks for this nice post regarding, Image Clinic offers best cosmetic & plastic surgery clinic in Delhi, India. Aesthetic or cosmetic & plastic surgery by best surgeon and specialist with your cost. Find more information for best cosmetic surgery clinic of India at Image Clinic.

    ReplyDelete

Subscribe to: Post Comments (Atom)