Ask A Question: New Feature Of This Blog

Hey everybody. I added a new section to this blog for asking questions (see the menu section Ask A Question). This will help organize the various types of questions I see and hopefully morph into a wiki type page you can search for answers. I’ll moderate questions to remove SPAM so anything is game as long as it makes sense for this blog.

AskAQuestion1 Ask A Question: New Feature Of This Blog

 

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Free FSU Online Security Classes : Offensive Computer Security

FSUCS1 Free FSU Online Security Classes : Offensive Computer Security

The Computer Science department at Florida State University is offering free computer security class lectures. You can find the entire CIS4930 and CIS5930 courses online HERE. These are the Spring 2014 classes so the content is pretty current. There are 26 lessons ranging from lock picking to launching attacks with Metasploit. Videos include lecture slides to download. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Detecting Malware With ThreatGRID Overview

threatgridlogo Detecting Malware With ThreatGRID Overview

Cisco acquired the leader for identifying day zero threats ThreatGRID around may of 2014. ThreatGRID’s statement The First Unified Malware Analysis and Threat Intelligence Solution sounds like a mouthful however represents its purpose of going beyond what most “sandbox” technologies accomplish in this market space. What is also interesting is this technology is being moved into other Cisco security offerings now that they are part of Cisco’s breach detection strategy. Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (1 vote cast)

Identity Services Engine ISE 1.3 Out Now – First Look

ISE13 Identity Services Engine ISE 1.3 Out Now   First Look

Cisco just released the latest version of ISE aka Identity Services Engine version 1.3 on Oct 31st. ISE is Cisco’s flagship access control technology (more on ISE found HERE and how to build a Lab found HERE). In summary, ISE can tell you who and what is on the network, provision the proper access and even remediate devices that are out of expected security posture. You can find the formal release notes for ISE 1.3 HERE.

ISE 1.3’s main new features revolve around providing enhanced guest services such as simplifying the process to on-board new mobile devices. There are  other improvements I’ll cover in this post as well. Lets take a look at the new 1.3 version of ISE.  Continue reading

VN:F [1.9.22_1171]
Rating: 4.5/5 (2 votes cast)

End-of-Sale and End-of-Life Announcement for the Cisco Intrusion Prevention System

end of sale End of Sale and End of Life Announcement for the Cisco Intrusion Prevention System

Cisco announced the End-of-Sale date for their traditional Intrusion Detection and Prevention product line. You can find a link to the announcement HERE, which includes a list of affected products. Here is the formal announcement as well as suggested replacement technology.

The formal announcement states

Cisco announces the end-of-sale and end-of life dates for the Cisco Intrusion Prevention System. The last day to order the affected product(s) is April 26, 2015. Customers with active service contracts will continue to receive support from the Cisco Technical Assistance Center (TAC) as shown in Table 1 of the EoL bulletin. Table 1 describes the end-of-life milestones, definitions, and dates for the affected product(s). Table 2 lists the product part numbers affected by this announcement. For customers with active and paid service and support contracts, support will be available under the terms and conditions of customers’ service contract.Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (1 vote cast)

SSL broken, again, in POODLE attack

Peter Bright provided a fantastic writeup on the recent POODLE aka”Padding Oracle On Downgraded Legacy Encryption” attack that could be as he states “the final nail in SSLv3’s coffin”. You can find the original post HERE via the arstechnica.com website. 

Poodle SSL broken, again, in POODLE attack

From the researchers that brought you BEAST and CRIME comes another attack against Secure Sockets Layer (SSL), one of the protocols that’s used to secure Internet traffic from eavesdroppers both government and criminal.

Calling the new attack POODLE—that’s “Padding Oracle On Downgraded Legacy Encryption”—the attack allows a man-in-the-middle, such as a malicious Wi-Fi hotspot or a compromised ISP, to extract data from secure HTTP connections. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Recon-ng – advanced reconnaissance framework

Starting recon ng 1024x621 Recon ng – advanced reconnaissance frameworkMy buddy Aamir Lakhani wrote about a cool reconnaissance tool called recon-ng. This tool can automate researching a target using multiple sources. The original post can be found HERE

Reconnaissance techniques are the one of the first steps penetration testers practice when learning how to exploit systems for vulnerabilities. Traditional reconnaissance techniques are used to gather intelligence, define scope, and identifying weaknesses. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Payment Card Industry PCI Security Best Practices

PCI 1 Payment Card Industry PCI Security Best PracticesMany industries rely on revenue generated by sales and if credit is used, Payment Card Industry (PCI) compliance is mandated. This includes all industries that process, store or transmit credit card information. Like any compliancy standard, this is the minimal level of real security and should not be considered the goal to protect sensitive data. All compliance mandates that matter must go through various review and audit processes that take time and cause the results to be dated compared to the speed of new attacks you should expect against your network. This means meeting mandates such as PCI should just be part of your overall security strategy. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Computer Viruses Facts and Statistics

The people at toptenreviews provided a interesting infographic about facts and statistics on computer viruses. They break up where they tend to come from as well as the most common infections. There is also a brief blurb on conficker since its the most prolific virus to date. The original can be found HERE. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)