End-of-Sale and End-of-Life Announcement for the Cisco Intrusion Prevention System

end of sale End of Sale and End of Life Announcement for the Cisco Intrusion Prevention System

Cisco announced the End-of-Sale date for their traditional Intrusion Detection and Prevention product line. You can find a link to the announcement HERE, which includes a list of affected products. Here is the formal announcement as well as suggested replacement technology.

The formal announcement states

Cisco announces the end-of-sale and end-of life dates for the Cisco Intrusion Prevention System. The last day to order the affected product(s) is April 26, 2015. Customers with active service contracts will continue to receive support from the Cisco Technical Assistance Center (TAC) as shown in Table 1 of the EoL bulletin. Table 1 describes the end-of-life milestones, definitions, and dates for the affected product(s). Table 2 lists the product part numbers affected by this announcement. For customers with active and paid service and support contracts, support will be available under the terms and conditions of customers’ service contract.Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

SSL broken, again, in POODLE attack

Peter Bright provided a fantastic writeup on the recent POODLE aka”Padding Oracle On Downgraded Legacy Encryption” attack that could be as he states “the final nail in SSLv3’s coffin”. You can find the original post HERE via the arstechnica.com website. 

Poodle SSL broken, again, in POODLE attack

From the researchers that brought you BEAST and CRIME comes another attack against Secure Sockets Layer (SSL), one of the protocols that’s used to secure Internet traffic from eavesdroppers both government and criminal.

Calling the new attack POODLE—that’s “Padding Oracle On Downgraded Legacy Encryption”—the attack allows a man-in-the-middle, such as a malicious Wi-Fi hotspot or a compromised ISP, to extract data from secure HTTP connections. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Recon-ng – advanced reconnaissance framework

Starting recon ng 1024x621 Recon ng – advanced reconnaissance frameworkMy buddy Aamir Lakhani wrote about a cool reconnaissance tool called recon-ng. This tool can automate researching a target using multiple sources. The original post can be found HERE

Reconnaissance techniques are the one of the first steps penetration testers practice when learning how to exploit systems for vulnerabilities. Traditional reconnaissance techniques are used to gather intelligence, define scope, and identifying weaknesses. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Payment Card Industry PCI Security Best Practices

PCI 1 Payment Card Industry PCI Security Best PracticesMany industries rely on revenue generated by sales and if credit is used, Payment Card Industry (PCI) compliance is mandated. This includes all industries that process, store or transmit credit card information. Like any compliancy standard, this is the minimal level of real security and should not be considered the goal to protect sensitive data. All compliance mandates that matter must go through various review and audit processes that take time and cause the results to be dated compared to the speed of new attacks you should expect against your network. This means meeting mandates such as PCI should just be part of your overall security strategy. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Computer Viruses Facts and Statistics

The people at toptenreviews provided a interesting infographic about facts and statistics on computer viruses. They break up where they tend to come from as well as the most common infections. There is also a brief blurb on conficker since its the most prolific virus to date. The original can be found HERE. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

OpenSSL Heartbleed Bug Impacting More Than Half Of The Internet

My buddy Aamir Lakhani wrote a great post covering the recently exposed security vulnerability that impacts more than half of the websites on the Internet. Its something everybody needs to be aware of. The original article can be found HEREheartbleed OpenSSL Heartbleed Bug Impacting More Than Half Of The Internet

Heartbleed is a serious vulnerability affecting OpenSSL cryptographic libraries. The Heartbleed vulnerability allows an attacker to steal information protected under normal SSL TLS conditions.

Here is what you need to know:

  • This is a very serious vulnerability.
  • It harms personal computers and everyday users. Attackers could possibly steal user information. 
  • Many popular websites, including social media, search, email, banking, and health sites are vulnerable.
  • The bug is found on most systems and has been present since 2012.
  • Most likely, attackers knew about the vulnerability, and may have been exploiting it for a long time.
  • Patching and updating systems will not protect owners from attackers who have already captured data.

Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (1 vote cast)

Next-Generation Intrusion Prevention Systems changing the game for Cyber

My buddy Aamir Lakhani wrote about how traditional security products such as Stateful firewalls and older IPS/IDS solutions are not cutting it for today’s level of threats. This post covers why the “Next-Generation” of security technology matters. The original post can be found HERE

Organizations are replacing their Stateful firewalls with Next-Generation firewalls (NGFW) and Next-Generation Intrusion Prevention systems (NGIPS).  Most traditional firewalls are nothing more than packet filters that keep track of who initiated the traffic to automatically allow response traffic back to originator. IPS vendors such as Sourcefire and McAfee (Intel Security) are rapidly adding advanced features to protect against insider threats, application vulnerabilities, mobile devices, and malware. One must wonder are the days of traditional perimeter security devices such as Stateful firewalls and single-pass IDS systems numbered?

Motivation 1024x634 Next Generation Intrusion Prevention Systems changing the game for Cyber Continue reading

VN:F [1.9.22_1171]
Rating: 4.5/5 (2 votes cast)

Stopping Both Attackers and Attacks – The Future of Network Security

image1 Stopping Both Attackers and Attacks – The Future of Network Security

The future of security must reach beyond the capability of an appliance. There are too many attack vectors that are continuously changing to detect with a silo solution. It basically comes down to this …. there are only so many signatures that can be checked against as well as behavior algorithms that can be put in place before you must let traffic pass. Odds are, a malicious attacker will eventually bypass detection based on the fact that there are hackers out there with a rack of all the latest vendor IPS, Firewalls, etc. in a lab designed to test how effective a piece of malware is against any enterprise security solution. So in a nutshell, you will only be able to stop the majority of attacks launched against your network. Something will eventually get through. This means detecting and preventing can’t be your only security strategy. Continue reading

VN:F [1.9.22_1171]
Rating: 4.5/5 (2 votes cast)