I posted article on Ciscopress.com about responding to Cyber threats. Here is a summary introduction of the article and the first part from it. The entire article can be read at Ciscopress.com/articles HERE.
Are you ready to take on the latest cyber threats? Research shows that many organizations are not, because they’re unprepared for what happens when common defenses fail to prevent a breach. Joseph Muniz, co-author ofSecurity Operations Center: Building, Operating, and Maintaining Your SOC, explains how to build a security strategy around the assumption that your defenses WILL fail. By implementing this approach, your organization can shorten the time of exposure when you’re compromised, limiting losses from a breach. Without this type of visibility, you probably won’t know that you’re compromised until the damage is already done.
The Cisco security research group Talos posted a interesting article based on their research on the risk of shopping online this holiday with your mobile device. If you are a Android user, you should read this! The original post can be found HERE.
The holidays are upon us and the shopping season is kicking into high gear. This year, an estimated 270 million consumers will shop online and, for the first time, more than half of them will use mobile devices to check off their holiday shopping lists. Continue reading →
Thehill.com posted about how the USA Today released documents stating hackers are breaching the Department of Energy (original post found HERE). In summary, hackers infiltrated the Department of Energy’s computer system over 150 times between 2010 and 2014. Continue reading →
Sectivenet.com posted about Hornet, a high speed alternative to TOR. The original post can be found HERE. Should be interesting to see how well this works since TOR is known to be limited with throughput speeds.
For many years until now,Tor has been the favorite option to maintain anonymity on the Internet. Tor was initially developed by the US Naval Research Lab and works based on ‘onion routing’ principles. Even though it handles over 2 Million user on its network daily comprising mostly journalists, activists, law enforcement and hackers etc ,Tor has its faults. It is often slow and frustrating because its performance is based on the number of systems that make up the network. HORNET aims to resolve this issue. Continue reading →
Cisco Systems just released the 2015 Midyear Security Report found HERE. This report provides an overview of major threats observed in the first half of 2015. There are also parts that look at future trends and offers for small, midsize and enterprise organizations. Topics on the latest threats include exploit kits, Microsoft office exploits, malware research, java exploits and so on. Its free to download. Check it out.
Cisco’s research team Talos wrote a interesting article on their research on Phishing. The original post can be found HERE. For those that don’t know what Phishing is, its the cyber attack where a malicious party pretends to be a legitimate source with the goal to trick a victim into clicking a email, accessing a website, or just giving up sensitive data. Here is the Talos article. Continue reading →
I finally received a brand new ASA5506 and thought I would share my experience along with the new FirePOWER ASDM GUI. For those that are not aware of this release or the ASA series, the history goes like this. Cisco released the VPN concentrator and PIX firewall a long time ago. Eventually those technologies were consolidated into the Adaptive Security Appliance (ASA) series of appliances. The smallest 1st generation ASA is the 5505 that has been around for a long time and designed for small offices or home networks (shown in the above picture on the right). Cisco released a new line of ASA appliances known as the X series however didn’t release a replacement for the 5505 until this past March. That replacement is the ASA5506 (the black appliance on the left). Continue reading →
My buddy Aamir Lakhani aka drchaos wrote a great post on breaking SSH, VNC and other services. The original post can be found HERE.
Hydra is a very fast and effective network login cracker. It will help you perform brute force attacks against SSH servers, VNC, and other services. When you launch Hydra it will launch the GUI in Kali, however in this tutorial we will use xHydra, which is the command line version of the tool. The command line version of the tool gives you much for flexibility in how to use the tool.