My buddy and coauthor Aamir Lakhani and I are very proud to present our second book … “Penetration Testing With Raspberry Pi“. This book can be found on Packt’s website HERE and should start being seen on most online stores such as Amazon, Barns and Noble the next few days. Continue reading
Friea Berg at Splunk wrote a nice article summarizing some of the latest highlights of how Splunk and Cisco have been teaming up to provide end to end security visibility and protection. You can find the original post HERE.
Over the past 7 years Cisco and Splunk have built a broad and multi-faceted relationship.
Internally Cisco IT, security, engineering and other teams use Splunk software every day for operational intelligence and security analytics. Cisco shared details at Splunk’s 2014 user conference in a session titled “How Cisco IT Moved from Reactive to Proactive and Even Predictive with Splunk” and Cisco’s CSIRT team commented a blog post on Security Logging in an Enterprise “… [W]e moved to Splunk from a traditional SIEM as Splunk is designed and engineered for ‘big data’ use cases.” Continue reading
There are many methods criminals will use to steal money that fall outside of normal attack channels. I was having dinner with a buddy from work and heard one of the most outrageous social engineering attack methods he recently experienced. To summarize, he had attackers call his home phone and try to get him to install malicious software. He figured out they were full of it yet went along with the scam for 20 minutes to see where they would take things. This post will cover his experience and variations of this attack seen in the wild.
Lesson learned …. don’t trust somebody just because they called you. Make sure to tell your friends and family this message. If you do some Google research, you will find many non-technical people are being tricked by this form of attack. Continue reading
The people at howtogeek.com wrote a pretty funny yet sad post about research they performed. The concept is they went to download.com and downloaded the top 10 most popular downloads onto a virtual windows system to see what would happen (they skipped a few Anti Viruses since it doesn’t make sense to install more than one but outside of that went through the list). As shown in the previous screenshot, most of the software was laced with malware pretty much killing the functionality of their test system. The ironic thing is download.com has disclaimers on their website stating they don’t post software with malware, trojans or malicious adware before during or after the installation of software being shared (shown later in the post). According to the results from the howtogeek team, this is obviously not the case. I guess those old sayings are right about nothing is free and if its too good to be true … it probably is. Continue reading
Norse is a research group that leverages hundreds of honey pots placed all over the world to collect attack data. Their claim to fame is their research goes beyond the general internet targeting “dark intelligence” meaning parts of the darknet where the bad actors live. They offer a few products that can be placed on your network as well as SAS services that work with their threat intelligence to identify attacks against your network. You can find their main website HERE.
One cool free online tool they offer is a live mapping of attack data. That data can be found at http://map.ipviking.com/ or HERE. Below is a screenshot of this tool. Its a pretty cool concept. Check it out Continue reading
My buddy Aamir Lakhani from dcchaos.com put together a list of the best cyber security talks of 2014. The rankings and opinions are purely his own. Some of these were based on technical knowledge, others were entertaining, and lastly some of these are a shout out to my friends and colleagues. You can find the original post HERE.
I see a lot of hesitation from administrators when having a conversation about cloud based security. People seem to be uneasy with the idea of having anything security related managed outside of their company walls. Some administrators express concerns that there is a potential weakness opening up a connection from their inside network to the cloud (even though it is encrypted) while others feel uneasy about having people outside their staff accessing equipment for maintenance or other purposes. I’ve also had the question “what happens if a client sharing a security device in the cloud gets compromised? Will that impact our business”? (I’ve never heard of this happening and there are hundreds of cloud offerings available today). These are just a few concerns that gives cloud based security a bad reputation before it is evaluated for its true potential.
Cloud Security should be looked at as a method of outsourcing security. Why would you want to do this? There are many benefits and for some situations such as locations spread across the world, cloud is the only feasible answer. Here are some of the top benefits of going cloud based security. Continue reading
My buddy Aamir Lakhani wrote a good post on how to enable SSH on Kali Linux. He also has other tips for using Kali Linux found on his blog www.drchaos.com. Below is the post however you can find the original HERE.
Kali Linux does not come with SSH enabled. SSH is the preferred method of remote management for most Linux based systems. Secure Shell (SSH) is a cryptographic network protocol for secure data communication, remote command-line login, remote command execution, and other secure network services between two networked computers. It connects, via a secure channel over an insecure network, a server and a client running SSH server and SSH client programs. Continue reading