My buddy and coauthor Aamir Lakhani and I are very proud to present our second book … “Penetration Testing With Raspberry Pi“. This book can be found on Packt’s website HERE and should start being seen on most online stores such as Amazon, Barns and Noble the next few days. Continue reading
There are many methods criminals will use to steal money that fall outside of normal attack channels. I was having dinner with a buddy from work and heard one of the most outrageous social engineering attack methods he recently experienced. To summarize, he had attackers call his home phone and try to get him to install malicious software. He figured out they were full of it yet went along with the scam for 20 minutes to see where they would take things. This post will cover his experience and variations of this attack seen in the wild.
Lesson learned …. don’t trust somebody just because they called you. Make sure to tell your friends and family this message. If you do some Google research, you will find many non-technical people are being tricked by this form of attack. Continue reading
I see a lot of hesitation from administrators when having a conversation about cloud based security. People seem to be uneasy with the idea of having anything security related managed outside of their company walls. Some administrators express concerns that there is a potential weakness opening up a connection from their inside network to the cloud (even though it is encrypted) while others feel uneasy about having people outside their staff accessing equipment for maintenance or other purposes. I’ve also had the question “what happens if a client sharing a security device in the cloud gets compromised? Will that impact our business”? (I’ve never heard of this happening and there are hundreds of cloud offerings available today). These are just a few concerns that gives cloud based security a bad reputation before it is evaluated for its true potential.
Cloud Security should be looked at as a method of outsourcing security. Why would you want to do this? There are many benefits and for some situations such as locations spread across the world, cloud is the only feasible answer. Here are some of the top benefits of going cloud based security. Continue reading
Typically I post about security topics on this blog however I want to share my experience trying to learn Mandarin. I spent the last 1-2 years trying both Rosetta Stone and later Pimsleur dedicating at least an hour a day towards learning. Both of these options offer completely different approaches to learning a language. My personal opinion is I learned a lot more from the Pimsleur approach verses Rosetta Stone based on my learning style. Here is a breakdown of my experience with each offering. Continue reading
Cisco acquired the leader for identifying day zero threats ThreatGRID around may of 2014. ThreatGRID’s statement “The First Unified Malware Analysis and Threat Intelligence Solution” sounds like a mouthful however represents its purpose of going beyond what most “sandbox” technologies accomplish in this market space. What is also interesting is this technology is being moved into other Cisco security offerings now that they are part of Cisco’s breach detection strategy. Continue reading
There are many reasons people invest in security. The best reason is having the desire to avoid being breached however sometimes wanting the best security doesn’t justify the investment. Many decision makers have to juggle improving the infrastructure, investing in the latest flashy technology such as high end video, etc. along with keeping things secure. Usually the flashy stuff outshines security until something with teeth forces the focus back on security. A prime example is meeting mandated regulatory compliance. Being out of compliant to many regulations could mean pricy fines as well as possibly litigation actions. This is good news for the IT guy that wants to get his security budget requests placed at the top of the stack.
Aamir Lakhani wrote a very interesting article on a malware exploitation kit known as Sweet Orange. It is becoming very popular in underground markets and possibly the next Black Hole. The original article can be found HERE.
Sweet Orange is a popular exploit kit making it rounds as one of the latest and most popular exploit kits. It can affect the latest Windows operating systems, including Windows 8.1 and Windows 7. It can also exploit newer versions of Internet Explorer, Firefox, and Google Chrome. According to Webroot, “What’s particularly interesting about the Sweet Orange web malware exploitation kit is that just like the Black Hole exploit kit, its authors are doing their best to ensure that the security community wouldn’t be able to obtain access to the source code of the kit, in an attempt to analyze it. They’re doing this, by minimizing the advertising messages posted on invite-only cybercrime-friendly web communities, and without offering any specific details, demos or screen shots unless the potential buyer directly contacts the seller and has a decent reputation within the cybercrime ecosystem”. Continue reading
Cisco just released the latest version of ISE aka Identity Services Engine version 1.3 on Oct 31st. ISE is Cisco’s flagship access control technology (more on ISE found HERE and how to build a Lab found HERE). In summary, ISE can tell you who and what is on the network, provision the proper access and even remediate devices that are out of expected security posture. You can find the formal release notes for ISE 1.3 HERE.
ISE 1.3’s main new features revolve around providing enhanced guest services such as simplifying the process to on-board new mobile devices. There are other improvements I’ll cover in this post as well. Lets take a look at the new 1.3 version of ISE. Continue reading