Cisco Validated Designs For PCI DSS 3.0, HIPAA and FISMA

compliance Cisco Validated Designs For PCI DSS 3.0, HIPAA and FISMA

There are many reasons people invest in security. The best reason is having the desire to avoid being breached however sometimes wanting the best security doesn’t justify the investment. Many decision makers have to juggle improving the infrastructure, investing in the latest flashy technology such as high end video, etc. along with keeping things secure. Usually the flashy stuff outshines security until something with teeth forces the focus back on security. A prime example is meeting mandated regulatory compliance. Being out of compliant to many regulations could mean pricy fines as well as possibly litigation actions. This is good news for the IT guy that wants to get his security budget requests placed at the top of the stack.

To help meet regulatory compliance, Cisco has released validated design guides for general security as well as specific market verticals FOUND HERE. Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (1 vote cast)

Sweet Orange Web Exploit Kit

orange Sweet Orange Web Exploit Kit

Aamir Lakhani wrote a very interesting article on a malware exploitation kit known as Sweet Orange. It is becoming very popular in underground markets and possibly the next Black Hole. The original article can be found HERE

Sweet Orange is a popular exploit kit making it rounds as one of the latest and most popular exploit kits. It can affect the latest Windows operating systems, including Windows 8.1 and Windows 7. It can also exploit newer versions of Internet Explorer, Firefox, and Google Chrome. According to Webroot, “What’s particularly interesting about the Sweet Orange web malware exploitation kit is that just like the Black Hole exploit kit, its authors are doing their best to ensure that the security community wouldn’t be able to obtain access to the source code of the kit, in an attempt to analyze it. They’re doing this, by minimizing the advertising messages posted on invite-only cybercrime-friendly web communities, and without offering any specific details, demos or screen shots unless the potential buyer directly contacts the seller and has a decent reputation within the cybercrime ecosystem”. Continue reading

VN:F [1.9.22_1171]
Rating: 4.5/5 (2 votes cast)

Identity Services Engine ISE 1.3 Out Now – First Look

ISE13 Identity Services Engine ISE 1.3 Out Now   First Look

Cisco just released the latest version of ISE aka Identity Services Engine version 1.3 on Oct 31st. ISE is Cisco’s flagship access control technology (more on ISE found HERE and how to build a Lab found HERE). In summary, ISE can tell you who and what is on the network, provision the proper access and even remediate devices that are out of expected security posture. You can find the formal release notes for ISE 1.3 HERE.

ISE 1.3’s main new features revolve around providing enhanced guest services such as simplifying the process to on-board new mobile devices. There are  other improvements I’ll cover in this post as well. Lets take a look at the new 1.3 version of ISE.  Continue reading

VN:F [1.9.22_1171]
Rating: 4.0/5 (1 vote cast)

End-of-Sale and End-of-Life Announcement for the Cisco Intrusion Prevention System

end of sale End of Sale and End of Life Announcement for the Cisco Intrusion Prevention System

Cisco announced the End-of-Sale date for their traditional Intrusion Detection and Prevention product line. You can find a link to the announcement HERE, which includes a list of affected products. Here is the formal announcement as well as suggested replacement technology.

The formal announcement states

Cisco announces the end-of-sale and end-of life dates for the Cisco Intrusion Prevention System. The last day to order the affected product(s) is April 26, 2015. Customers with active service contracts will continue to receive support from the Cisco Technical Assistance Center (TAC) as shown in Table 1 of the EoL bulletin. Table 1 describes the end-of-life milestones, definitions, and dates for the affected product(s). Table 2 lists the product part numbers affected by this announcement. For customers with active and paid service and support contracts, support will be available under the terms and conditions of customers’ service contract.Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (1 vote cast)

SSL broken, again, in POODLE attack

Peter Bright provided a fantastic writeup on the recent POODLE aka”Padding Oracle On Downgraded Legacy Encryption” attack that could be as he states “the final nail in SSLv3’s coffin”. You can find the original post HERE via the arstechnica.com website. 

Poodle SSL broken, again, in POODLE attack

From the researchers that brought you BEAST and CRIME comes another attack against Secure Sockets Layer (SSL), one of the protocols that’s used to secure Internet traffic from eavesdroppers both government and criminal.

Calling the new attack POODLE—that’s “Padding Oracle On Downgraded Legacy Encryption”—the attack allows a man-in-the-middle, such as a malicious Wi-Fi hotspot or a compromised ISP, to extract data from secure HTTP connections. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

The Fappening: A Wake-Up Call for Cloud Users

Sarah Williams wrote a great article on my buddies blog about a recent breach in cloud security storage that exposed naked photographs of famous actors. The original post can be found at drchaos’s website HERE

The Fappening The Fappening: A Wake Up Call for Cloud Users

The Cloud storage option is fast becoming one of the most popular and effective methods of storing essential data that you definitely can’t afford to lose. From small to medium-sized business, cloud storage has helped owners save time and money in their businesses when it comes to IT.

But exactly how safe is the cloud? Though most reliable cloud service providers have cutting edge security, many IT experts say the cloud system is not entirely safe. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Raspberry Pi As A Hacking Arsenal

IMG 04731 Raspberry Pi As A Hacking Arsenal

One really cool tool that I’ve had a lot of fun playing with is the Raspberry Pi. My buddy Aamir Lakhani and I recently went under contract for our second book covering how to run Kali Linux on a Raspberry Pi to perform various penetration testing scenarios. Here is a basic overview of the Raspberry Pi used as a security tool. The book should be out early next year.

For those that haven’t heard of a Raspberry Pi, it’s a small computer that is dirt cheap and can be imaged for just about anything. Continue reading

VN:F [1.9.22_1171]
Rating: 2.7/5 (3 votes cast)

NSS Labs releases a new set of security reports for Web Application Firewalls

NssLabs NSS Labs releases a new set of security reports for Web Application FirewallsNSS Labs just released a new set of reports covering Web Application Firewalls. Those reports can be found at NSS labs website HERE. There is a cost for these reports however it is worth the investment if you are looking to purchase a new firewall. Also, Palo Alto tested poorly and due to the back and forth between both companies, NSS labs is offering the Palo Alto report for freeContinue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

How to configure an ASA with built-in Sourcefire Firepower home lab

ASASF How to configure an ASA with built in Sourcefire Firepower home labFor those following Cisco security, you probably know Cisco acquired Sourcefire last year (more found HERE). The most anticipated release has been adding Sourcefire’s flagship Firepower offering inside Cisco’s most popular firewall offering the Adaptive Security Appliance (ASA). As of September 16th, this offering is officially available. You can find data sheets, configuration guides and more on the new release HERE. This post will cover steps I used to build my ASA with Soucefire lab. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)