Locky Ransomware – What It Is and How To Defend Against It

ransomwareThere has been a lot of chatter about a new ransomware being called Locky due to how it renames the files to .locky after encrypting the data. Darkreading posted an article HERE explaining some recent news and Sophos also did a good write up HERE. This post will talk about what Locky is and how to protect your organization from Locky as well as other ransomware. Continue reading

VN:F [1.9.22_1171]
Rating: 4.9/5 (7 votes cast)

Identity Services Engine (ISE) 2.0 First Look – Compared to 1.4

ISEI recently posted about the new release of Cisco’s flagship access control solution Identity Services Engine (ISE) 2.0 HERE. That post lists the highlights of the new features including the highly requested TACACTS+ support. I downloaded the .ova file and performed a fresh install using the virtualized version supporting up to 6,000 devices. This post provides a first look overview of the new features as well as compares ISE 2.0 to the last release 1.4. Continue reading

VN:F [1.9.22_1171]
Rating: 4.0/5 (4 votes cast)

Out Now: Security Operations Center: Building, Operating, and Maintaining your SOC

IMG_2314My book has officially published and its a few weeks early! I’m touching the first one at a conference before I received my author copies. I believe the discount code still works if you are interested in purchasing it. You must go to the Ciscopress website to use it.

Security Operations Center
Pre-Order Special: Save 35% with Discount Code SOC35

Book Price: $54.99
Sale Price: $35.74*

Buy the Book
eBook Price: $43.99
Sale Price: $28.59

VN:F [1.9.22_1171]
Rating: 2.0/5 (3 votes cast)

Cisco Press Security Operations Center – Save 35%

NewSOCBookCoverThe publisher Cisco Press is offering a Pre-Order discount code to save 35% off my new book. You can order it from the Cisco press website HERE. The book should start being available on other popular sources soon however this discount is only available through Ciscopress.com. Enjoy Continue reading

VN:F [1.9.22_1171]
Rating: 3.0/5 (2 votes cast)

LAN Turtle By Hak5 First Look – How To Setup Auto SSH + Cloud Fileshare


I have been a fan of the gadgets produced by Hak5. For example, you can find a post I wrote on the WIFI Pineapple HERE. I picked up the latest tool from Hak5 known as the LAN Turtle from DEFCON23 and have configured it to auto SSH to a server hosted in the cloud (thanks to Aamir aka DrChaos for the server). This post will cover an overview of the LAN Turtle and how to setup an auto SSH to remotely access the LAN Turtle as well as cloud folder to easily remove data from a target network. Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (2 votes cast)

Book Review: Penetration Testing With Raspberry Pi

raspberrypiBerislav Kucan from net-security.org posted a nice writeup on the book Aamir Lakahni and I wrote on penetration testing using a Raspberry Pi. The original write up can be found HERE.


Raspberry Pi is a small and portable single board computer that can be transformed into a penetration testing system. This book will show you how. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

2015 Verizon Breach Investigation Report (VBIR) Out Now – First Look


The latest 2015 Verizon Breach Investigation Report (VBIR) is now out and can be downloaded HERE. For those that have not seen these reports, they survey a number of customers and gather information about different types of breaches. It is a trend based report but great data to get an idea of which types of attacks are being seen by different types of businesses. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Installing and Troubleshooting Kali Linux On Raspberry Pi


I have been asked a handful of times about the steps to install Kali Linux on a Raspberry Pi. My buddy Aamir Lakhani and I went through the installation process a million times with different models to develop our best practices for the installation process. This post will cover a very short summary of how to install Kali Linux on a model B+ Raspberry Pi. The full details as well as many other Raspberry Pi penetration testing use cases can be found in our book HERE. Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (4 votes cast)