Raytheon, a major American defense contractor just announced they will be acquiring Websense for 1.9 billion dollars. You can find more on the announcement from reuters.com HERE or from the bloomberg.com post HERE. Below is from the bloomberg post.
Raytheon Co. agreed to acquire Websense Inc. from private-equity firm Vista Equity Partners LLC for $1.9 billion and plans to combine it with its cyber-products unit, people with knowledge of the matter said. Continue reading →
Some people are starting to freak out about Leap Second like it is the next Y2K, which is strange. Just like Y2K, there is a fear that systems will crash due to time adjustments. The reality of it is yes, some systems will need to be patched or adjusted, but there is no reason to stock up on water and prepare for dooms day. Manufactures just dealt with this in June 2012 and will be prepared again this June. For those not familiar with Leap Second, this will be the 26th adjustment since 1972. For more information, check out an article on wired.com HERE.
Cisco published a Leap Second page HERE showing which products could be impacted by Leap Second and what is being offered to prepare prior to June 30th. This page will continue to update as we approach June so check out which products you own and how they may be impacted. Continue reading →
My buddy Aamir Lakahani wrote a cool post on how to create exploits with Metasploit. The original post can be found HERE.
Metasploit has the ability to create an executable payload. This can be extremely useful if you can get a target machine to run the executable. Attackers often use social engineering, phishing, and other attacks to get a victim to run a payload. If attackers can get their a victim to run a payload, there is no reason for an attacker to find and exploit vulnerable software.Continue reading →
Yahoo just posted a great article on the new Cisco Advanced Malware Protection Capabilities and Incident Response Services found HERE. In Summary, the day zero detection option available on multiple Cisco security products known as AMP added more ThreatGRID capabilities. One ThreatGRID feature example is having the ability to submit identified low prevalent files for dynamic malware analysis (IE if a file seems funny, submit it to cisco to evaluate it for threats). This can help surface previously undetected and targeted threats that were only seen by a small number of users. There are also end point indicators of compromises (iocs) that provide deeper levels of investigation on lesser known advanced threats specific to applications in a customer’s environment.
The Incident Response Services span infrastructure breach preparedness assessments, security operations readiness assessments and breach communications assessments among others. Here is the article from Yahoo covering the details. Continue reading →
Check Point announced they will be acquiring Lacoon Mobile Security. You can find Check Point’s formal announcement HERE. In summary, the dollar amount wasn’t announced but estimated to be a 80-100 million dollar acquisition and the second Isreal based company acquired by Check Point. Lacoon offers a solution that protection mobile users from zero-day attacks, remote takeovers of apps, data theft and attempts to harm user data. So in summary, its a smartphone play.
I have posted about Lancope’s StealthWatch product line in the past. You can find a basic overview covering StealthWatch and ISE HERE. How to setup a StealthWatch lab can be found HERE. In summary, the Lancope StealthWatch solution uses NetFlow to turn general network equipment such as routers, switches, data center virtual switching, wireless access points, etc into sensor points for security and network performance. Think of it as turning general network gear into a IDS with some IPS capabilities. Most modern network equipment supports NetFlow so its something you probably have but not harvesting for threat intelligence.
For those familiar with StealthWatch, you have seen the java based interface to carve into data. One major new innovation with the product line is a web based GUI. This post will give a brief demo of the new GUI interface. Continue reading →
Cisco just announced the intent to acquire Embrane (see the Cisco blog HERE or Embrane announcement HERE). This will enhance efforts Cisco has invested in its Application Centric Infrastructure (ACI) project (more found HERE) by adding the ability to centrally manage network services on a per-application basis very quickly. Embrane is able to provide application-centric network services such as firewalls, VPNs, load balancers and SSL off engines making a nice fit into the Cisco catalog.
(DDoS) attacks have been around for a while but still a major problem today. Fossbytes.com just published a post covering how Github is being slammed by a massive DDoS attack from China. The original post can be found HERE. Thefastcompany.com also posted about the attack still happening against GitHub HERE.