Open App ID: Cisco commits to open source and application identification

bart os Open App ID: Cisco commits to open source and application identification

My buddy Aamir wrote a summary of the open source announcement by Cisco at RSA last week (original post can be found HERE). Cisco also announced integrating FireAMP with Cisco email, web and cloud security products. FireAMP gives Cisco products the ability to detect infected files by searching for known hashes, sandboxing unknown files and other detection means. More on the FireAMP capabilities can be found HERE. Another source for these announcements is on the Network World blog found HERE Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

2014 UPDATE: Web Security Offerings From Cisco: Comparing the Latest Cisco CX Firewall to Cisco Web Security Appliance

update 2014 UPDATE: Web Security Offerings From Cisco: Comparing the Latest Cisco CX Firewall to Cisco Web Security Appliance

I wrote a post comparing Cisco’s Next Generation Firewall known as ASA CX vs. Cisco’s Web Security Appliance / Proxy known as WSA HERE. Here is a update to that post as requested by some readers.

In summary, the WSA is a security appliance that can act as a proxy focusing on network bound traffic such as port 80, 443 and 21. The ASA CX is an all ports and protocol firewall with reputation and IPS security (IPS being added in October 2013). Both solutions can provide reputation based security meaning stopping the attacker (more on this concept can be found HERE), Integrate with authentication systems such as Active Directory, can view HTTPS via decryption, application visibly with policy enforcement (IE identify and block Farmsville within Facebook) and detection of threats however detection methods are slightly different (one uses a combination of AV / malware engines while the other uses IPS).  Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Stopping Both Attackers and Attacks – The Future of Network Security

image1 Stopping Both Attackers and Attacks – The Future of Network Security

The future of security must reach beyond the capability of an appliance. There are too many attack vectors that are continuously changing to detect with a silo solution. It basically comes down to this …. there are only so many signatures that can be checked against as well as behavior algorithms that can be put in place before you must let traffic pass. Odds are, a malicious attacker will eventually bypass detection based on the fact that there are hackers out there with a rack of all the latest vendor IPS, Firewalls, etc. in a lab designed to test how effective a piece of malware is against any enterprise security solution. So in a nutshell, you will only be able to stop the majority of attacks launched against your network. Something will eventually get through. This means detecting and preventing can’t be your only security strategy. Continue reading

VN:F [1.9.22_1171]
Rating: 4.0/5 (1 vote cast)

Comparing ASA Management: Internal vs. External Cisco Prime Security Manager Overview

management Comparing ASA Management: Internal vs. External Cisco Prime Security Manager Overview

Management of security devices is a critical function for maintaining the best performance and being aware of security related events. Cisco has released their second generation of ASA, which includes new management options. This post will cover the new management interface and compare it to the previous options. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Chained Exploits compromise valuable Twitter account

Aamir Lakhani from drchaos.com wrote a good article on how chaining together social engineering tactics compromised a highly visible twitter account. The original post can be found HERE

Who can we trust? It’s a tough question. We think we can trust our friends, co-workers, mentors, and colleagues because they are people we see and interact with often as frequently as we do with our family members. Unfortunately, there is risk in trusting others, particularly when those we trust have privileged access to our accounts and sensitive information. When our trust and exposure extends to those who we work with, and incorporates intimate knowledge of our business concerns, corporate cultural developments, and technology secrets, we must face the reality of insider threats. Unlike external attackers, those we consider to be on the inside of our trust circles do not need to hunt for valuable information, nor do they need to exploit strong perimeter defenses; insiders already know what is valuable and where it is stored.

FTDCircle Chained Exploits compromise valuable Twitter account Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Cool Penetration Testing Application: Cobalt Strike

CBStrike Cool Penetration Testing Application: Cobalt Strike

If you are familiar with penetration tools, then you should know Metasploit. For those that love GUIs, there is a fantastic open source GUI management for Metasploit known as Armitage (found HERE). The same developers of Armitage created a more advanced penetration testing package for a $2,500 annual cost. The tool is called cobalt Strike (CS) and can be downloaded at www.advancedpentest.com for a 21day trail. They also have a 4-hour lab that lets you try out the core cobalt Strike features. It is worth spending the time to  test the tool and get some lab time even though the lab itself is is pretty easy. Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (1 vote cast)

How to Protect Children When Using Mobile Devices And The Internet

Katrin Deres is a passionate blogger, and works in a marketing team at a mobile tracking company. For more information visit mSpy. Here is a guest post with some of my input covering how to protect mobile devices used by children and young adults. 

kids smartphone How to Protect Children When Using Mobile Devices And The Internet

Smartphones have revolutionized the way we live and are an important tool that most of us depend on daily. With that being said, a smartphone in the hands of a responsible adult is very different from allowing children access to them. Giving smart devices to children without considering its impact can spell big trouble for parents! Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Dont Just Click Any Link – Avoiding Phishing, Social Engineering And Other Attacks

shark Dont Just Click Any Link   Avoiding Phishing, Social Engineering And Other Attacks

I’ve said this many times before … the Internet is full of bad things. Of those bad things, one of the most common threats is Phishing attacks. Wiki defines phishing as “the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication”. The majority of successful phishing attacks clone popular social networking sources and provide hyperlinks with the hope a target will click the link without questioning the authenticity of the source.

I wrote a post about what to look for regarding fraud email and craiglist sales HERE and 2 example craiglist cons HERE. The concepts are generally the same regarding identifying phishing attackers however in some cases, the attack will be a clone of a real message or website, which makes it very difficult to detect. Best practices is THINK BEFORE YOU CLICK! Here are some examples why this is important. Continue reading

VN:F [1.9.22_1171]
Rating: 4.0/5 (1 vote cast)