Hackers Access IRS Accounts of Approximately 100,000 Tax Payers

irs-hacked
The Internal Revenue Service (IRS) said that hackers accessed the personal information of approximately 100,000 tax payers in what the agency is calling a “sophisticated” attack. You can find the IRS’s official message about the breach HERE. The IRS said that criminals managed to access data such as Social Security numbers, dates of birth and street addresses from an outside source, allowing them to clear a multi-step authentication process to gain access to its “Get Transcript” online app.

Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Fortinet Announces Agreement to Acquire Meru Networks

Fortinet_out-660x330

Fortinet just announced they will be acquiring Meru Networks to boost its wireless business. The official announcement can be found HERE as well as seen below.

SUNNYVALE, Calif – May 27, 2015 – Fortinet (NASDAQ: FTNT), the global leader in high-performance cyber security solutions, and Meru Networks (NASDAQ:MERU), a leader in intelligent Wi-Fi networking, today announced a definitive agreement for Fortinet to acquire Meru. The acquisition is synergistic with Fortinet’s secure wireless vision and enterprise growth focus, broadens the company’s solutions portfolio, and expands its opportunity to uniquely address the $5B global enterprise Wi-Fi market with integrated and intelligent secure wireless solutions. Leading the trend to provide broad security for wired and wireless networks and devices, Fortinet also announced today a new FortiGuard mobile security subscription service to protect mobile devices and applications across the enterprise. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Logjam Encryption Flaw Threatens Secure Communications On Web

Logjam Encryption Flaw

Jai Vijayan from darkreading.com wrote a great article covering the Logjam Encryption Flaw. The original post can be found HERE.

Most major browsers, websites that support export ciphers impacted

More than 80,000 of the top 1 million HTTPS domains on the Internet are vulnerable to a bug in the basic design of the Transport Layer Security (TLS) protocol that is used to encrypt communications between browser clients and web servers. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Identity Services Engine 1.4 Out Now – What is new and upgrade procedure

unnamed

Cisco recently released Identity Services Engine (ISE) 1.4 (official release notes can be found HERE). For those unfamiliar with ISE, it is Cisco’s flagship network access control solution. This provides features such as device profiling, advanced guest access, BYOD, posture enforcement, and so much more for all LAN, VPN and Wireless devices. This post will provide a overview of the new features and how I upgraded my ISE 1.3 lab to the latest version. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

WhatsApp Security Issues

WhatsApp-SpyingKerrie Mccune from spyengage.com wrote a guest post about her thoughts on known WhatsApp Security Issues. 

The use of smartphones is the best way to stay in touch with your loved ones. And with the upsurge in the development of the instant messaging apps such as WhatsApp, Viber and a lot more have completely knocked out the traditional text messaging trend and have taken over the world of messaging. Even though there’s always a doubt with hacking of these apps; hacking WhatsApp has been confirmed as the easiest deal for an amateur hacker. Continue reading

VN:F [1.9.22_1171]
Rating: 4.0/5 (2 votes cast)

Comparing AnyConnect 3.1 to 4.0 and New AnyConnect 4.1 Now Available

anyconnect123

There has been a lot of questions around the new AnyConnect licensing introduced with the AnyConnect 4.0 release. In summary, the older version of AnyConnect had many license options (TOO MANY!). So Cisco has consolidated these into two options, which are Plus and Apex. Below is a comparison of how the AnyConnect 3.1 compares to AnyConnect 4.0. Hope it helps! Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (1 vote cast)

2015 Verizon Breach Investigation Report (VBIR) Out Now – First Look

verizonreport1

The latest 2015 Verizon Breach Investigation Report (VBIR) is now out and can be downloaded HERE. For those that have not seen these reports, they survey a number of customers and gather information about different types of breaches. It is a trend based report but great data to get an idea of which types of attacks are being seen by different types of businesses. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Threat Spotlight: TeslaCrypt – Decrypt It Yourself

teslacrypt-payment-options-100573479-large.idge_

I’ve posted about Ransomware such as Cryptolocker and Cryptowall (cyrptowall 2.0 HERE / Cryptowall 3.0 HERE). The idea behind Ransomware is malware ends up on a user’s system and encrypts all data on the hard drive. The malware informs the user that all data is encrypted and asks for a sum of money for the key to unencrypt the data. There typically is a time frame that the user can pay before the key is destroyed and all data is lost. There have been many variations of this threat and one recent version seen in the wild is TeslaCrypt. I have heard crazy stories such as people getting a phone call and the people claim to be Microsoft helpdesk however really attackers tricking people to install cryptolocker (learn more about this HERE).

Cisco’s security team Talos wrote a great post on how to decrypt aka save your data from the TelsaCrypt ransomware. The original post can be found HEREContinue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (1 vote cast)