With Rapid7's acquisition of the Open Source Pentest tool Metasploit Framework (http://www.metasploit.com)last week. I can't help but as the question; What will happen to it? The folks at Rapid7 assure that the tool will remain free, and will likely improve due to the internal collaboration. I think that they are wanting to find away to creep up on Core Impact (http://www.coresecurity.com), the incredible, but expensive automated pentesting tool. Metasploit has served as a great free option for those who care to spend the time.
What's next; time will only tell...
Tuesday, October 27, 2009
Wednesday, October 21, 2009
Protect access to your log files. Time and time again, I've conducted penetration test and have gained access to authentication logs on some box along the way. Often times, somewhere in the numerous entries, you'll find someone who has mistakenly entered their password as their username.
Take that user/password gain access to other systems. There is no telling where it can take you.
Tuesday, October 20, 2009
Saturday, April 4, 2009
This week was all about Confiker. I'm actually pretty appreciative of the attention this worm commanded. The best of both worlds for Information Security practitioners; widespread publicity grabbing the attention of company executives, sysadmins, and the average Joe, but not actually bring down the universe. But what now, nobody knows. What I do know is this event educated many people who otherwise had no idea of the implications of unpatched systems, lack of antivirus and the power of worms and Botnets. Hopefully everyone will be more prepared for whats next.
Saturday, February 28, 2009
As promised here is my next post already. Couldn't have been 30 minutes ago when I promised that I would keep them coming. This post involves cell phone phishing scams. lately I've received text messages from what appears to be USE Credit Union.
The text message alerts the recipient of Unauthorized Identity Access then directs them to visit a fraudulent website which requires entry of credit/debit card information. Text book lack of an SSL Connection,privacy warnings displayed in the browser,etc.
Viewing the source of the page revealed a well comment application for customized credit card theft...
This time it was phishing next time could easily be a targeted attack with malicious code dropping a back door.
I've got to post more often.. It was never my intention to do a post a year, LoL. Its been an interesting year and I have encountered many new exciting challenges in my career in Information Security. I have added the interest & responsibilities of managing enterprise level security to my daily concerns. Just a year ago, exploits, malware, firewall rule sets and IPS tunning dominated my duties. Now I've added Metrics, Dashboards, Average Loss Expectancies, Risk Assessments and regulatory requirements. I guess I'll count it as gaining maturity as a security professional. With that said, there is no excuse... Not only do I need to post more often, it now seems to be psychological necessity..
More to come
More to come