A Trojan malware attack is a type of malicious code or software that disguises itself as a legitimate program or file to trick users into executing it. Once executed, the Trojan can perform various harmful actions on the infected system or network, such as stealing data, deleting files, or installing other malware. There are different types of Trojan malware attacks, depending on their purpose and behavior. Two common types are:
* Rootkit: A rootkit is a type of Trojan that hides itself and other malware from detection and removal by antivirus software or system tools. A rootkit can modify the operating system or the firmware of the device to gain persistent and privileged access to the system. A rootkit can also intercept and manipulate system calls, network traffic, or user input to conceal its activities or redirect them to malicious servers.
* Backdoor: A backdoor is a type of Trojan that creates a secret or unauthorized access point to the infected system or network. A backdoor can allow an attacker to remotely control the system, execute commands, upload or download files, or monitor the system activity. A backdoor can also be used to install other malware or launch further attacks on other systems or networks.
References:
* [Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0], Module 1: Malware Threats, Lesson 1: Identifying Malware Threats, Topic: Trojan Horse
* What is a Trojan? Is it a virus or is it malware? - Norton
* Trojan Horse Examples (2024): The 6 Worst Attacks Ever - SoftwareLab

Explanation Explanation Security Intelligence Sources ... Custom Block lists or feeds (or objects or groups) Block specific IP addresses, URLs, or domain names using a manually-created list or feed (for IP addresses, you can also use network objects or groups.) For example, if you become aware of malicious sites or addresses that are not yet blocked by a feed, add these sites to a custom Security Intelligence list and add this custom list to the Block list in the Security Intelligence tab of your access control policy. Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-configguide-v623/security_intelligence_blacklisting.html Explanation Security Intelligence Sources
...
Custom Block lists or feeds (or objects or groups)
Block specific IP addresses, URLs, or domain names using a manually-created list or feed (for IP addresses, you can also use network objects or groups.) For example, if you become aware of malicious sites or addresses that are not yet blocked by a feed, add these sites to a custom Security Intelligence list and add this custom list to the Block list in the Security Intelligence tab of your access control policy.
Explanation Explanation Security Intelligence Sources ... Custom Block lists or feeds (or objects or groups) Block specific IP addresses, URLs, or domain names using a manually-created list or feed (for IP addresses, you can also use network objects or groups.) For example, if you become aware of malicious sites or addresses that are not yet blocked by a feed, add these sites to a custom Security Intelligence list and add this custom list to the Block list in the Security Intelligence tab of your access control policy. Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-configguide-v623/security_intelligence_blacklisting.html

The Southbound API is used to communicate between Controllers and network devices.

Unlike the traditional software life cycle, the CI/CD implementation process gives a weekly or daily update instead of monthly or quarterly. The fun part is customers won't even realize the update is in their applications, as they happen on the fly.
Unlike the traditional software life cycle, the CI/CD implementation process gives a weekly or daily update instead of monthly or quarterly. The fun part is customers won't even realize the update is in their applications, as they happen on the fly.
Reference:
Unlike the traditional software life cycle, the CI/CD implementation process gives a weekly or daily update instead of monthly or quarterly. The fun part is customers won't even realize the update is in their applications, as they happen on the fly.

The target in a phishing attack is the endpoint, which is the device or system that the user interacts with, such as a computer, smartphone, or tablet. Phishing attacks aim to steal or damage sensitive data by deceiving people into revealing personal information like passwords and credit card numbers, or clicking on malicious links or attachments that can install malware on the endpoint. Phishing attacks can be delivered through various channels, such as email, phone, or text message, but they all rely on social engineering techniques to manipulate the user's trust and curiosity. By compromising the endpoint, attackers can gain access to the user's accounts, files, network, or other resources. Therefore, endpoint security is essential to prevent phishing attacks and protect the user's data and identity. References:
* What Is a Phishing Attack? Definition and Types - Cisco
* 8 types of phishing attacks and how to identify them
* What Is Phishing? | Microsoft Security
* Phishing | What Is Phishing?