Tag: Cisco

  • Assessing the ‘War on Tech’: Huawei vs. U.S.

    Assessing the ‘War on Tech’: Huawei vs. U.S.

    [I wrote this with Curtis Kang who did a lot of work researching various aspects of this article and provided invaluable help. His research and written contributions made this article possible. It was originally intended to be published on RiskBasedSecurity.com in early 2020 but was passed over so I am publishing it here.] In 2019,…

  • Making the Vulnerability Disclosure ‘Nice’ List: Cisco

    Making the Vulnerability Disclosure ‘Nice’ List: Cisco

    This was originally published on the Risk Based Security blog. 10/4/2025: Please note, an important update at the end of this blog. Risk Based Security® has always made it a point to praise organizations that operate in good faith and Cisco’s PSIRT team definitely knocked it out of the park this month. It is vital…

  • It’s patch xxxday!

    [This was originally published on the OSVDB blog.] A while back, Microsoft announced they were moving to release patches on the second Tuesday of each month, lovingly called Patch Tuesday. Soon after, Oracle announced that they too would be moving to scheduled releases of patches on the Tuesday closest to the 15th day of January,…

  • Fiasco: BlackHat, Cisco, ISS, Lynn

    [This was originally published on the OSVDB blog.] There are far too many articles covering this topic to justify me rewriting the story in my own words. So in summary, relevant links with background. End up with Schneier’s commentary for a good summary and additional links. BlackHat Briefings: Cisco IOS Security Architecture by Michael Lynnhttp://www.blackhat.com/html/bh-usa-05/bh-usa-05-schedule.html…