Search the Community

Cisco today launched a framework that leverages artificial intelligence (AI) to test a software patch in a digital twin running on an endpoint to make sure an application doesn’t break before actually deploying it. Jeetu Patel, executive vice president and general manager for security and collaboration at Cisco, said Cisco Hypershield makes use of extended.. The post Cisco Taps AI and eBPF to Automate Security Operations appeared first on Security Boulevard. View the full article

Networking giant Cisco has warned its users of an ongoing attack against its business VPN services. In a security advisory, Cisco said it had been notified of an ongoing password-spraying attack against different third-party VPN concentrators. In this instance, it was Remote Access VPN (RAVPN) services configured on Cisco Secure Firewall that were affected. Russian attackers “Depending on your environment, the attacks can cause accounts to be locked, resulting in Denial of Service (DoS)-like conditions,” Cisco explained, saying that the activity appears to be a reconnaissance effort. The threat actors were not named. Password spraying is a type of attack in which the threat actor tries the same password with multiple accounts, until one combination works. Listing its set of defenses and mitigations, Cisco recommended enabling logging to a remote syslog server for improved correlation and auditing of network and security incidents across various network devices; securing default remote access VPN profiles by pointing unused default connection profiles to sinkhole AAA servers; leveraging TCP shun to manually bloc dangerous IP addresses, configuring control-place ACLs to block unauthorized public IP addresses from running VPN sessions; and using certificate-based authentication for RAVPN. Security researcher Aaron Martin claims the attack was likely the work of an undocumented malware botnet named Brutus. He made the connection after observing the malware’s targeting scope and attack patterns, it was said. In his analysis of the botnet, Martin said it counts some 20,000 IP addresses worldwide. At first, the attacks targeted SSLVPN appliances from Fortinet, Palo Alto, SonicWall, and Cisco, but have since evolved to include web apps using Active Directory for authentication, too. To avoid raising any flags, Brutus rotates its IPs every six attempts. Although inconclusive, some evidence points to Brutus being the work of APT29, an infamous Russian state-sponsored threat actor. Via BleepingComputer More from TechRadar Pro What is credential stuffing, and how does it work?Here's a list of the best firewalls around todayThese are the best endpoint security tools right now View the full article

The HashiCorp Terraform ecosystem continues to expand with new integrations that provide additional capabilities to Terraform Cloud, Enterprise, and Community edition users as they provision and manage their cloud and on-premises infrastructure. Terraform is the world’s most widely used multi-cloud provisioning product. Whether you're deploying to Amazon Web Services (AWS), Microsoft Azure, Google Cloud, other cloud and SaaS offerings, or an on-premises datacenter, Terraform can be your single control plane, using infrastructure as code for infrastructure automation to provision and manage your entire infrastructure. Terraform Cloud run tasks Run tasks allow platform teams to easily extend the Terraform Cloud run lifecycle with additional capabilities offered by services from partners. Wiz Wiz, makers of agentless cloud security and compliance for AWS, Azure, Google Cloud, and Kubernetes, launched a new integration with Terraform run tasks that ensures only secure infrastructure is deployed. Acting as a guardrail, it prevents insecure deployments by scanning using predefined security policies, helping to reduce the organization's overall risk exposure. Terraform providers We’ve also approved 17 new verified Terraform providers from 13 different partners: AccuKnox AccuKnox, maker of a zero trust CNAPP (Cloud Native Application Protection) platform, has released the AccuKnox provider for Terraform, which allows for managing KubeArmor resources on Kubernetes clusters or host environments. Chainguard Chainguard, which offers Chainguard Images, a collection of secure minimal container images, released two Terraform providers: the Chainguard Terraform provider to manage Chainguard resources (IAM groups, identities, image repos, etc.) via Terraform, and the imagetest provider for authoring and executing tests using Terraform primitives, designed to work in conjunction with the Chainguard Images project. Cisco Systems Cisco delivers software-defined networking, cloud, and security solutions to help transform your business. Cisco DevNet has released two new providers for the Cisco Multicloud Defense and Cisco Secure Workload products: The Multicloud Defense provider is used to create and manage Multicloud Defense resources such as service VPCs/VNets, gateways, policy rulesets, address objects, service objects, and others. The Cisco Secure Workload provider can be used to manage the secure workload configuration when setting up workload protection policies for various environments. Citrix Citrix, maker of secure, unified digital workspace technology, developed a custom Terraform provider for automating Citrix product deployments and configurations. Using the Terraform with Citrix provider, users can manage Citrix products via infrastructure as code, giving greater efficiency and consistency on infrastructure management, as well as better reusability on infrastructure configuration. Couchbase Couchbase, which manages a distributed NoSQL cloud database, has released the Terraform Couchbase Capella provider to deploy, update, and manage Couchbase Capella infrastructure as code. Genesis Cloud Genesis Cloud offers accelerated cloud GPU computing for machine learning, visual effects rendering, big data analytics, and cognitive computing. The Genesis Cloud Terraform provider is used to interact with resources supported by Genesis Cloud via public API. Hund Hund offers automated monitoring to provide companies with simplified product transparency, from routine maintenance to critical system failures. The company recently published a new Terraform provider that offers resources/data sources to allow practitioners to manage objects on Hund’s hosted status page platform. Managed objects can include components, groups, issues, templates, and more. Mondoo Mondoo creates an index of all cloud, Kubernetes, and on-premises resources to help identify misconfigurations, ensure security, and support auditing and compliance. The company has released a new Mondoo Terraform provider to allow Terraform to manage Mondoo resources. Palo Alto Networks Palo Alto Networks is a multi-cloud security company. It has released a new Terraform provider for Strata Cloud Manager (SCM) that focuses on configuring the unified networking security aspect of SCM. Ping Identity Ping Identity delivers identity solutions that enable companies to balance security and personalized, streamlined user experiences. Ping has released two Terraform providers: The PingDirectory Terraform provider is a plugin for Terraform that supports the management of PingDirectory configuration, while the PingFederate Terraform provider is a plugin for Terraform that supports the management of PingFederate configuration. SquaredUp SquaredUp manages a visualization platform to help enterprises build, run, and optimize complex digital services by surfacing data faster. The company has released a new SquaredUp Terraform provider to help bring a unified visibility across teams and tools for greater insights and observability in your platform. Traceable Traceable is an API security platform that identifies and tests APIs, evaluates API risk posture, stops API attacks, and provides deep analytics for threat hunting and forensic research. The company recently released two integrations: a custom Terraform provider for AWS API Gateways and a Terraform Lambda-based resource provider. These providers allow the deployment of API security tooling to reduce the risk of API security events. VMware VMware offers a breadth of digital solutions that power apps, services, and experiences for their customers. The NSX-T VPC Terraform provider gives NSX VPC administrators a way to automate NSX's virtual private cloud to provide virtualized networking and security services. Learn more about Terraform integrations All integrations are available for review in the HashiCorp Terraform Registry. To verify an existing integration, please refer to our Terraform Cloud Integration Program. If you haven’t already, try the free tier of Terraform Cloud to help simplify your Terraform workflows and management. View the full article

The vulnerabilities, one of which was rated critical and one of which was rated highly severe, affect Cisco IOS XE software.View the full article

The number of devices exposing the web UI on the internet, a timeline and technical details about this malicious activity, and tips for mitigating this zero-day threat are featured.View the full article

Cisco today revealed it has signed a definitive agreement to acquire Splunk for $28 billion in cash. View the full article

Cisco Systems has accelerated its efforts to converge network operations (NetOps) by adding support for Terraform tools for managing infrastructure-as-code as well as expanding its support for the Ansible IT automation framework. In addition, Cisco has improved and standardized the application programming interfaces (APIs) it makes available for its Application Centric Infrastructure (ACI) framework for […] The post Cisco Expands Effort to Meld DevOps, NetOps appeared first on DevOps.com. View the full article

Cisco Systems CEO Chuck Robbins said this week that the company’s No. 1 priority going forward is to enable IT organizations to better manage application experience via abstraction layers that make to possible for developers to programmatically manage infrastructure. Speaking at its annual Cisco Partner Summit, which occurred online, Robbins said Cisco is working toward […] The post Cisco CEO: Developers Need More Infrastructure Control appeared first on DevOps.com. View the full article

Cisco today announced a series of Catalyst offerings that combine the functionality of a secure software-defined wide area network (SD-WAN) and a router in a single platform. Archana Khetan, senior director of product management for enterprise routing and SD-WAN infrastructure within the Intent Based Networking Group at Cisco, said the Catalyst 8000 series is made […] The post Cisco Revamps Portfolio at the Network Edge appeared first on DevOps.com. View the full article