Cisco recently released Identity Services Engine (ISE) 1.4 (official release notes can be found HERE). For those unfamiliar with ISE, it is Cisco’s flagship network access control solution. This provides features such as device profiling, advanced guest access, BYOD, posture enforcement, and so much more for all LAN, VPN and Wireless devices. This post will provide a overview of the new features and how I upgraded my ISE 1.3 lab to the latest version. Continue reading
The use of smartphones is the best way to stay in touch with your loved ones. And with the upsurge in the development of the instant messaging apps such as WhatsApp, Viber and a lot more have completely knocked out the traditional text messaging trend and have taken over the world of messaging. Even though there’s always a doubt with hacking of these apps; hacking WhatsApp has been confirmed as the easiest deal for an amateur hacker. Continue reading
There has been a lot of questions around the new AnyConnect licensing introduced with the AnyConnect 4.0 release. In summary, the older version of AnyConnect had many license options (TOO MANY!). So Cisco has consolidated these into two options, which are Plus and Apex. Below is a comparison of how the AnyConnect 3.1 compares to AnyConnect 4.0. Hope it helps! Continue reading
The latest 2015 Verizon Breach Investigation Report (VBIR) is now out and can be downloaded HERE. For those that have not seen these reports, they survey a number of customers and gather information about different types of breaches. It is a trend based report but great data to get an idea of which types of attacks are being seen by different types of businesses. Continue reading
I’ve posted about Ransomware such as Cryptolocker and Cryptowall (cyrptowall 2.0 HERE / Cryptowall 3.0 HERE). The idea behind Ransomware is malware ends up on a user’s system and encrypts all data on the hard drive. The malware informs the user that all data is encrypted and asks for a sum of money for the key to unencrypt the data. There typically is a time frame that the user can pay before the key is destroyed and all data is lost. There have been many variations of this threat and one recent version seen in the wild is TeslaCrypt. I have heard crazy stories such as people getting a phone call and the people claim to be Microsoft helpdesk however really attackers tricking people to install cryptolocker (learn more about this HERE).
Boston, MA – May 4, 2015 – Rapid7, a leading provider of security data and analytics software and services, announced today that it has acquired NT OBJECTives (NTO), the web and mobile application security testing company, expanding Rapid7’s Threat Exposure Management offering to further meet the needs of modern business infrastructures. NTO’s application security testing solution – trusted by many Fortune 500 companies – analyzes web applications for security vulnerabilities and maximizes organizations’ ability to effectively reduce IT security risk. Rapid7 is offering this technology under the name Rapid7 AppSpider, available immediately to customers. Continue reading
My buddy Aamir Lakhani wrote a interesting post on the latest update of OpenVAS 8.0. This is a very useful vulnerability scanner available in Kali Linux. The original post can be found HERE.
Vulnerability scanning is a crucial phase of a penetration test and having an updated vulnerability scanner in your security toolkit can often make a real difference by helping you discover overlooked vulnerable items. For this reason, we’ve manually packaged the latest and newly released OpenVAS 8.0 tool and libraries for Kali Linux. Although nothing major has changed in this release in terms of running the vulnerability scanner, we wanted to give a quick overview on how to get it up and running. Continue reading
Today Cisco announced the full integration of Application Centric Infrastructure (ACI) embedded security with the threat detection of FirePOWER Next Generation Intrusion Prevention System (NGIPS), providing automated threat protection to combat emerging datacenter security threats. Combining best of breed FirePOWER NGIPS with ACI, customers are now able to build highly secure infrastructure with fine-grained control (including application level security), visibility and centralized automation all the way from infrastructure to the application level. In addition, customers benefit from lower total cost of ownership including infrastructure and management costs as well as costs associated with security breaches. Cisco also announced that ACI is now validated by independent auditors for deployment in PCI compliant networks, which can help reduce the scope of a PCI audit and lower audit costs and time.