Opinions expressed by ICN authors are their own.
Aaron Woland, CCIE No. 20113, is a Principal Engineer at Cisco Systems, Inc., and works with Cisco’s Largest Customers all over the world. His primary job responsibilities include Secure Access and Identity deployments with ISE, solution enhancements, standards development, and futures. Aaron joined Cisco in 2005 and is currently a member of numerous security advisory boards, and standards body working groups.
Prior to joining Cisco, Aaron spent 12 years as a Consultant and Technical Trainer. His areas of expertise include network and host security architecture and implementation, regulatory compliance, as well as route-switch and wireless. Aaron is the author of Cisco ISE for BYOD and Secure Unified Access book (Cisco Press), and many published white papers and design guides. Aaron is a member of the Hall of Fame for Distinguished Speakers at Cisco Live, and is a security columnist for Network World where he blogs on all things related to Identity. His other certifications include: GHIC, GSEC, Certified Ethical Hacker, MCSE, VCP, CCSP, CCNP, CCDP and many other industry certifications.
The opinions expressed in this blog are those of Aaron Woland and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies, including Cisco Systems.
You may feel many things right now- anger, sadness, grief, frustration, or fear! Are you arguing with your loved ones more than you want, irritable, depressed, or tired of trying everything but getting nowhere? Many don’t realize how trauma affects daily lives and steals who you're meant to be! Trauma can be things like emotional neglect and abuse in childhood, adult sexual/physical assault, infidelity, sudden death of a loved one, your child being abused, or the state of the world! You may have problems trusting, worrying, being anxious, and can't fully embrace life or relationships with hope, love, curiosity, and courage!
OAKLAND — Cisco Systems Inc on Friday lost a court appeal to move to private arbitration a case over alleged caste discrimination in its Silicon Valley offices, where managers of Indian descent are accused of bias against a fellow employee from India.
The networking gear and business software company has denied the allegations. It had argued to a California appeals court that the state’s Civil Rights Department, which had brought the case on behalf of a worker identified under the pseudonym John Doe, should be subjected to an employment arbitration agreement signed by Doe.
“As an independent party, the Department cannot be compelled to arbitrate under an agreement it has not entered,” the appellate panel wrote.
In a separate order Friday, it told a lower-court judge to reconsider a ruling that would have required the state to identify Doe. The lower court had said the law prevented it from considering whether Doe’s family members in India could be harmed by naming him.
The higher court wrote that “harm to family members anywhere is a legitimate consideration in determining whether a party should be granted anonymity.”
Cisco and the state agency did not immediately respond to requests for comment.
The ancient socioreligious concept of caste has led to centuries of oppression against some families born into the lowest groupings in India. California has alleged that those biases had traveled to the U.S. tech industry, where Indians are the largest pool of immigrant workers.
The state sued Cisco in 2020 after Doe complained to it about company human resources staff not finding merit in his concerns that two higher-caste managers had allegedly denied him work and disparaged him.
The lawsuit has ignited advocacy at U.S. companies, universities and other institutions calling for more guidelines and training related to the potential for caste prejudice. (Reporting by Paresh Dave; Editing by David Gregorio & Shri Navaratnam)
Connectivity needs are growing and how are you looking at these new evolving needs of enterprises. What exactly do you have to offer to them?
We have seen a handful of major shifts in the last few years. And I think COVID has really opened people’s eyes up in a couple of ways. And the two biggest changes we have seen are around hybrid work and hybrid cloud. And in hybrid work, we just talked about it today, we have really looked at one just building a really tight integration between the networking, collaboration and security. The technology needed to deliver this kind of hybrid work unified experience for end-users. And the collaboration has seen countless innovations, including third-party support and third-party integrations. But we found a lot of power and integration between a Cisco portfolio - ThousandEyes and WebEx, for example. And the reason why is this simplifying that experience for IT, and how IT deploys these hybrid work experiences, makes a huge difference in the kind of experience in the unified experience that they are able to deliver to their end-users. The more we simplify the management, provisioning, the orchestration, Cisco technology becomes unified, more reliable and more resilient.
Do you have a third-party or vendor-led approach?
We have tons of partners in the collaboration space. And they all work with WebEx natively. But now they can work with Zoom and Teams as well. That’s an enormous benefit. And it just comes from customer focus. Customers want the best possible experience, if they are already using a competitor’s solution, that doesn’t mean they can’t use our devices. We have partnerships with technologies across the board, in just about every area in order to just bring that unified experience.. As we know it’s a multi-vendor world, and we are going to partner deeply with third parties to make sure that it’s the customer experience that matters.
When it comes to hybrid work, do you have any case studies? Have you recently deployed it anywhere in the world?
I mean, it’s perhaps the number one thing we are deploying right now. We have enormous demand, for example, Wi-Fi. And we are because people are building denser and denser Wi-Fi networks in their sites because they know it’s going to be a much more collaborative space there. And so we see that everywhere we actually built-in, in New York, Penn Plaza office, just a straight-up case study site for how to build out for hybrid work included the smart workspaces application that allows you to see telemetry from all of our systems, including sensors and cameras and Wi-Fi that shows you where people are in the office, which rooms are being used, what the air quality is, what the comfort of that room might be, lets you book, the room, automatically get lets you find rooms that have the right type of WebEx equipment that you would be for that meeting. It’s a beautiful experience, we deployed that. But we also deployed IoT technology. We are building sites like in Chicago and Atlanta.
What are your views on open RAN? Considering this is the radio side of the network, are you partnering with some of the open RAN vendors?
We have, for sure, OpenRAN has been very successful for us and we are believers in OpenRAN for sure. We are looking at a 5G, 5G private network, we think it’s a big opportunity for us. I think private 5G is a big opportunity for us, especially as we deploy, we are deploying 5G as a sort of private 5G as a service so that we can host the whole back end, the whole 5G core, and partner with vendors and our folks are able to deploy the physical components.
What is your go-to-market strategy for working alongside your partner ecosystem?
We are deeply partner focused at Cisco, and especially in my business and networking business, we have traditional systems integrators, we have technology partners, and we manage service providers. For us, number one is to get 99% channel and partner, practically on the whole basis. Cisco does just a tiny bit of direct business. We have amazing partner relationships in India. And that is our go-to-market strategy.
Are you getting a few partners in India?
I just met Infosys. They were out in San Jose, a couple of weeks ago. I have a lot of relationships with those guys. As soon as I can get to India, I am super excited to go engage with the partners there. But you should know I mean, we are deeply a partnership organization all the way around the world but in India as much as I can get to the list of the top partners in India.
The first step to correct malfunctions is to close the application and then open it again.
If this does not work, shut down your machine, wait 20 seconds, and then restart your machine.
Next, verify that you are using the most current software version.
If you are still experiencing problems, contact the IITS Service Desk.
There’s a problem in the unrar utility, and as a result, the Zimbra mail server was vulnerable to Remote Code Execution by simply sending an email. So first, unrar is a source-available command-line application made by RarLab, the same folks behind WinRAR. CVE-2022-30333 is the vulnerability there, and it’s a classic path traversal on archive extraction. One of the ways this attack is normally pulled off is by extracting a symlink to the intended destination, which then points to a location that should be restricted. unrar has code hardening against this attack, but is sabotaged by its cross-platform support. On a Unix machine, the archive is checked for any symbolic links containing the ../ pattern. After this check is completed, a function runs to convert any Windows paths to Unix notation. As such, the simply bypass is to include symlinks using ..\ traversal, which don’t get caught by the check, and then are converted to working directories.
That was bad enough, but Zimbra made it worse by automatically extracting .rar attachments on incoming emails, in order to run a virus and spam check. That extraction isn’t sandboxed, so an attacker’s files are written anywhere on the filesystem the zimbra user can write. It’s not hard to imagine how this turns into a full RCE very quickly. If you have an unrar binary based on RarLab code, check for version 6.1.7 or 6.12 of their binary release. While Zimbra was the application specifically called out, there are likely to be other cases where this could be used for exploitation.
A widespread malware campaign has been discovered in a bit of an odd place: running on the firmware of Small Office/Home Office (SOHO) network devices. The surprising element is how many different devices are supported by the campaign, including Cisco, Netgear, ASUS, etc. The key is that the malware is a little binary compiled for the MIPS architecture, which is used by many routers and access points.
Once in place, the malware then launches Man-in-the-Middle attacks against DNS and HTTP connections, all with the goal of compromising the Windows machines that run their connection through the compromised device. There have been mass exploit campaigns in the past, where the DNS resolver was modified on vulnerable routers, but this seems to be quite a bit more sophisticated, leading the researchers to suspect that this may be a state-sponsored campaign. There’s an odd note in the source report, that the initial exploit script makes a call to /cgi-bin/luci, which is the web interface for OpenWRT routers. We’ve reached out for more information from Lumen, so stay tuned for the details. It may very well be that this malware campaign is specifically targeting the hoard of very old, vulnerable OpenWRT-based routers out there. There may be a downside to multiple companies using old versions of the Open Source project as their SDK.
One of the most interesting concepts to happen recently in the browser space is WebAssembly. You have a library written in C, and want to use it with JavaScript in a browser? Compile it to WebAssembly, and you have a solution that’s faster than JavaScript, and easier to use than a traditionally compiled binary. It’s a very clever solution, and allows for some crazy feats, like Google Earth in the browser. Could there be any down side to running C in the browser? The good folks at Grav have an example of the sort of thing that could go wrong: good old buffer overflows.
Now it’s a bit different from how a standard overflow exploit works. One reason, Wasm doesn’t have address layout randomization or Data Execution Prevention. On the other hand, web assembly functions don’t reside at a memory address, but simply a function index. The RET instruction equivalent can’t jump to arbitrary locations, but just to function indexes. However, it’s still a stack, and overflowing a buffer can result in overwriting important data, like the return pointer. Time will tell whether WebAssembly exploits are going to be a big deal, or will forever be a novelty.
In our new, brave future, remote work seems to be the new standard, and this brings some new security considerations. Example: Microsoft’s Intune remote management suite. It’s supposed to be an easy way to deploy, manage, and monitor laptops and desktops remotely. In theory, a robust remote admin suite combined with Bitlocker should make for an effective protection against tampering. Why Bitlocker? While it prevents an attacker from practicing data from the disk, it also prevents tampering. For instance, there’s a really old trick, where you copy the cmd.exe binary over the top of the sticky keys, or accessibility binary. These can be launched from the login page, and results in a super-easy root shell. Bitlocker prevents this.
It sounds great, but there’s a problem. Intune can be deployed in two ways. The “user-driven” flow results in a system with more administrative capabilities entrusted to the end user, including access to the BitLocker recovery key. The only way around this is to do the setup, and then remove the Primary User and rotate the Bitlocker keys. Then there’s the troubleshooting mode, holding Shift+F10 during initial setup grants SYSTEM access to the end user. Yikes. And finally, that last gotcha to note is that a remote wipe removes user data, and deletes extra binaries from some important places, but doesn’t do any sort of file verification, so our simple sticky-keys hack would survive. Oof.
[Jack Dates] participated in 2021 Pwn2Own, and put together an Apple Safari exploit that uses the Intel graphics kernel extensions for the escape. It’s a *very* deep dive into OSX exploitation. The foothold is an off-by-one error in a length check, which in total allows writing four bytes of arbitrary data. The key to turn this into something useful was to strew some corpses around memory — forked, dead processes. Corrupt the size of the corpse, and you can use it to free other memory that’s still in use. Use after free for the win!
The OpenSSL bug we talked about last week is still being looked into, with [Guido Vranken] leading the charge. He found a separate bug that specifically isn’t a security problem back in May, and it’s the fix for that bug that introduced the AVX512 problem we’re interested in. There still looks to be a potential for RCE here, but at least it’s proving to be non-trivial to put such an attack together.
There’s a new malware campaign, ytstealer, that is explicitly targeting YouTube account credentials. The malware is distributed as fake installers for popular tools, like OBS Studio, Auto-Tune, and even cheats and cracks for other software. When run, YTStealer looks for an authentication cookie, logs into YouTube Studio, and grabs all the data available there from the attached account. This information and cookie are encrypted and sent on to a C&C server. It’s unclear why YouTube accounts are so interesting to an attacker, but maybe we can all look forward to spammy videos getting uploaded to our favorite channels.
And finally, because there’s more to security than just computers, a delightful puzzle solve from LockPickingLawyer. Loki is a puzzle lock made from a a real padlock, and it caught the attention of our favorite lock-picker, who makes an attempt to open it. We won’t spoil any of the results, but if puzzles or locks are your jam, it’s worth a watch.
In the latest trading session, Cisco Systems (CSCO) closed at $44.64, marking a +1.85% move from the previous day. This move lagged the S&P 500's daily gain of 2.62%. Meanwhile, the Dow gained 1.37%, and the Nasdaq, a tech-heavy index, added 0.05%.
Coming into today, shares of the seller of routers, switches, software and services had gained 1.79% in the past month. In that same time, the Computer and Technology sector lost 3.46%, while the S&P 500 gained 0.24%.
Wall Street will be looking for positivity from Cisco Systems as it approaches its next earnings report date. This is expected to be August 17, 2022. On that day, Cisco Systems is projected to report earnings of $0.82 per share, which would represent a year-over-year decline of 2.38%. Meanwhile, our latest consensus estimate is calling for revenue of $12.75 billion, down 2.85% from the prior-year quarter.
CSCO's full-year Zacks Consensus Estimates are calling for earnings of $3.35 per share and revenue of $51.21 billion. These results would represent year-over-year changes of +4.04% and +2.79%, respectively.
Any latest changes to analyst estimates for Cisco Systems should also be noted by investors. latest revisions tend to reflect the latest near-term business trends. With this in mind, we can consider positive estimate revisions a sign of optimism about the company's business outlook.
Our research shows that these estimate changes are directly correlated with near-term stock prices. Investors can capitalize on this by using the Zacks Rank. This model considers these estimate changes and provides a simple, actionable rating system.
Ranging from #1 (Strong Buy) to #5 (Strong Sell), the Zacks Rank system has a proven, outside-audited track record of outperformance, with #1 stocks returning an average of +25% annually since 1988. Within the past 30 days, our consensus EPS projection has moved 0.03% higher. Cisco Systems is holding a Zacks Rank of #3 (Hold) right now.
In terms of valuation, Cisco Systems is currently trading at a Forward P/E ratio of 13.07. For comparison, its industry has an average Forward P/E of 15.08, which means Cisco Systems is trading at a discount to the group.
Investors should also note that CSCO has a PEG ratio of 2.01 right now. This popular metric is similar to the widely-known P/E ratio, with the difference being that the PEG ratio also takes into account the company's expected earnings growth rate. Computer - Networking stocks are, on average, holding a PEG ratio of 2.01 based on yesterday's closing prices.
The Computer - Networking industry is part of the Computer and Technology sector. This industry currently has a Zacks Industry Rank of 90, which puts it in the top 36% of all 250+ industries.
The Zacks Industry Rank gauges the strength of our industry groups by measuring the average Zacks Rank of the individual stocks within the groups. Our research shows that the top 50% rated industries outperform the bottom half by a factor of 2 to 1.
Be sure to follow all of these stock-moving metrics, and many more, on Zacks.com.
Want the latest recommendations from Zacks Investment Research? Today, you can get 7 Best Stocks for the Next 30 Days. Click to get this free report
Cisco Systems, Inc. (CSCO) : Free Stock Analysis Report
To read this article on Zacks.com click here.
* Cisco, Nike join MacDonald's, Renault in quitting
* New Russian law may encourage more foreign firms to go
* 'Trickle is becoming a torrent,' says analyst
By Praveen Paramasivam, Supantha Mukherjee and Mimosa Spencer
June 23 (Reuters) - U.S. companies Cisco Systems and Nike plan to fully exit Russia, the two firms told Reuters on Thursday, as the pace of Western firms departing accelerated.
Telecoms equipment maker Cisco will wind down its business in Russia and Belarus, the company said. Nike is making a full exit from Russia three months after suspending its operations there, the sportswear maker said.
Foreign companies seeking to exit Russia over the war in Ukraine face the prospect of a new law being passed in the coming weeks allowing Moscow to seize assets and impose criminal penalties. That has encouraged some businesses to accelerate their departure.
"What was a trickle is becoming a torrent", said Paul Musgrave, a political science professor at the University of Massachusetts, commenting on the latest round of companies announcing they would leave.
Cisco suspended business operations, including sales and services, in Russia in March.
"We have now made the decision to begin an orderly wind-down of our business in Russia and Belarus," it said in an emailed statement on Thursday.
Earlier this month, Cisco's rival International Business Machines Corp began winding down its business in Russia and Microsoft said it was making substantial cuts to its Russian business.
The withdrawal of top technology firms such as Cisco, IBM and Microsoft limits access to critical equipment for Russian businesses and households. They may now have to depend on older equipment and domestic alternatives.
Cisco has offered relocation options to its few hundred employees in those countries, it said. The company did not disclose which countries the employees were offered as alternative locations.
RIVALS MAY BENEFIT
Companies heading for the exit may struggle to return, said Musgrave. "This presents opportunities for domestic firms in some markets but even more for brands from China and elsewhere to make inroads," he said.
Nike said on March 3 it would temporarily suspend operations at all its Nike-owned and operated stores in Russia. It has now decided to leave entirely, it said Thursday.
Cisco and Nike join the likes of McDonald's and Renault in making complete exits from Russia. More companies are expected to leave in the coming weeks ahead of the new law.
The law, which could be in place within weeks, allows Russia to appoint administrators over companies owned by foreigners in "unfriendly" countries, who want to quit Russia as the conflict with Ukraine drags down its economy.
Nike's rival Adidas said in March it was shutting its Russian stores and pausing online sales.
Adidas currently has no plans to resume business in Russia, the German sportswear company told Reuters on Thursday.
"The operation of Adidas' stores and Adidas' online retail in Russia continues to be suspended until further notice, this also applies to the delivery of goods to Russia," it said in an emailed statement.
(Writing by Matt Scuffham and Richa Naidu; Editing by Edmund Blair)
Cisco Systems (CSCO) closed the most latest trading day at $44.13, moving +0.23% from the previous trading session. This change lagged the S&P 500's 0.59% gain on the day. Meanwhile, the Dow gained 0.15%, and the Nasdaq, a tech-heavy index, lost 0.02%.
Coming into today, shares of the seller of routers, switches, software and services had lost 0.25% in the past month. In that same time, the Computer and Technology sector lost 12.83%, while the S&P 500 gained 7.25%.
Investors will be hoping for strength from Cisco Systems as it approaches its next earnings release, which is expected to be August 17, 2022. The company is expected to report EPS of $0.82, down 2.38% from the prior-year quarter. Our most latest consensus estimate is calling for quarterly revenue of $12.75 billion, down 2.85% from the year-ago period.
Looking at the full year, our Zacks Consensus Estimates suggest analysts are expecting earnings of $3.35 per share and revenue of $51.21 billion. These totals would mark changes of +4.04% and +2.79%, respectively, from last year.
Investors should also note any latest changes to analyst estimates for Cisco Systems. These latest revisions tend to reflect the evolving nature of short-term business trends. As such, positive estimate revisions reflect analyst optimism about the company's business and profitability.
Our research shows that these estimate changes are directly correlated with near-term stock prices. We developed the Zacks Rank to capitalize on this phenomenon. Our system takes these estimate changes into account and delivers a clear, actionable rating model.
The Zacks Rank system, which ranges from #1 (Strong Buy) to #5 (Strong Sell), has an impressive outside-audited track record of outperformance, with #1 stocks generating an average annual return of +25% since 1988. Over the past month, the Zacks Consensus EPS estimate has moved 0.03% higher. Cisco Systems is currently sporting a Zacks Rank of #3 (Hold).
Looking at its valuation, Cisco Systems is holding a Forward P/E ratio of 13.13. This valuation marks a discount compared to its industry's average Forward P/E of 14.8.
Investors should also note that CSCO has a PEG ratio of 2.02 right now. This popular metric is similar to the widely-known P/E ratio, with the difference being that the PEG ratio also takes into account the company's expected earnings growth rate. The Computer - Networking industry currently had an average PEG ratio of 2.02 as of yesterday's close.
The Computer - Networking industry is part of the Computer and Technology sector. This group has a Zacks Industry Rank of 100, putting it in the top 40% of all 250+ industries.
The Zacks Industry Rank gauges the strength of our individual industry groups by measuring the average Zacks Rank of the individual stocks within the groups. Our research shows that the top 50% rated industries outperform the bottom half by a factor of 2 to 1.
Make sure to utilize Zacks.com to follow all of these stock-moving metrics, and more, in the coming trading sessions.
Want the latest recommendations from Zacks Investment Research? Today, you can get 7 Best Stocks for the Next 30 Days. Click to get this free report
Cisco Systems, Inc. (CSCO) : Free Stock Analysis Report
To read this article on Zacks.com click here.
