A coworker of mine, Tom Cross, was featured on CBS Atlanta regarding a case where a newscast member had her credit card information stolen. An interesting aspect of this situation is the criminals obtained the card number while the victim was in another city holding the authentic card. It is undetermined how the criminals stole the card number to create the duplicate but the motive clear … purchase giftcards until the credit card account becomes locked. Continue reading
Controlling who and what access your network is a critical element to keep your resources safe from malicious threats. Network Admission Control (NAC) solutions like the Cisco Identity Services Engine (ISE) can police who and what is permitted network access as well as enforce policy for those devices. Examples would be permitting an administrator with a government furnished Windows 7 laptop access to VLAN 10, which holds internal servers, while provisioning a marketing professional’s iPad with VLAN 20 access, which is limited to Internet and email through the use of ACLs. Continue reading
Great post by Aamir Lakhani on breaking WPA2_PSK. The original can be found HERE
WPA2-PSK may not be as safe as you think. There are a few attacks against WAP2-PSK. One of the most common attacks is against WPA2 is exploiting a weak passphrase.
Below you will find a few easy steps on how to break WPA2 with a weak passphrase.
Breaking the wireless Lab Home Network: Continue reading
There are documentaries popping up that showcase outrageous claims such as the government hiding captured mermaids or encounters with aliens. I’ve heard friends and coworkers talk about such things around the water cooler believing the stories are real based on fake videos and actors posing as specialists. Movies like The Blair Witch Project and The Forth Kind present fictional stories as documentaries, however most people figured out they are not real based on being available at major movie theaters. Some documentaries have been seen on TV networks displaying “A Speculative Documentary”, which doesn’t clearly translate to fictional footage. Continue reading
BackTrack is a digital forensics and penetration testing arsenal used by many security professionals and malicious hackers. The last release of BackTrack was 5r3 and many expected a new release sometime in 2013. The creators of BackTrack decided to start from the ground up building a full-fledged operating system and release a next generation penetration distribution rather than updating the existing live CD release. The creators note “Kali Linux is a more mature, secure and enterprise-ready version of BackTrack Linux”. Continue reading
Great find and post by Aamir Lakhani. Check out the original HERE
If you are using Kali Linux and trying to use it in a VM environment as a guest operating system on VMware, you may run into some issues. It is recommended that you install VM Tools for VMware on Kali Linux.
This guide will help you install VM Tools on any installation of Kali Linux (including 64-bit ISOs). It will also allow you to use Kali Linux in VMware ESXi environments.
The first thing you need to do on Kali Linux is prep the system for VM Tools. You do so by issuing the following commands: Continue reading
Aamir Lakhani wrote a overview of how to perform a ssl strip attack. The original post can be found HERE
Before beginning the lab, make sure you have Backtrack 5 R3 VM imported into VMWare Player/Workstation/Server/Fusion, or what ever Virtual machine environment you have chosen to utilize.
The following is an excerpt from the VMWare “Getting started with VMWare Player” VMWare Player 4.0 user guide. Continue reading