An Interview with Armitage and Cobalt Strike developer Raphael Mudge
Armitage is a free GUI add-on to Metasploit while Cobalt Strike is penetration-testing software focused on threat emulation.
To learn more about the Armitage and Cobalt Strike products you can visit the links below:
- Armitage – http://www.fastandeasyhacking.com
- Cobalt Strike – http://www.advancedpentest.com
If you have used or tried Armitage and/or Cobalt Strike, please share your experiences with us below
About Raphael:
Raphael Mudge is the founder of Strategic Cyber LLC, a Veteran-owned business that creates software for red teams. Raphael created Armitage for Metasploit®, Cortana, and Cobalt Strike. His work made the cover of the Linux Journal, was seen on the Fox sitcom Breaking In, and is used by security professionals all over the world. Raphael speaks and writes on security topics and provides red team support to many Cyber Defense competitions across the country.
Windows 8 to get first ‘critical’ security update
Windows 8, available publicly for two weeks now, is getting its first security update Nov. 13. It includes three critical updates; Windows 8 RT, for Microsoft’s Surface tablet, has one critical update.
The vulnerabilities could allow a hacker to execute malicious code remotely on systems that aren’t protected. You can learn more here. You can make sure you get the updates by setting your computer to automatically accept updates from Microsoft.
There will be other updates too, for other versions of Windows, including Windows 7, Vista and XP, as well as for Internet Explorer.
Meanwhile, security firm Bitdefender said Friday in its own testing that Windows 8, using Microsoft’s own Windows Defender anti-malware protection, was “prone to infection” by 15 percent of the 100 malware “families most used by cyber criminals this year.”
Read more at NBCNews.com
Israel’s HLS 2012 Event Highlights Cyber Security Innovations
An interesting article Posted by Tamir Eshel from Defense-Update.com
The Cyber Security panel taking place in Tel-Aviv this week at the HLS 2012 event is attracting considerable interest on the backdrop of the recent revelations of massive Iranian cyber attacks crippling the networks of Aramco Oil Company in Saudi Arabia. It was one of the most destructive attacks ever on a single company, erasing three quarters of the company’s hard disk drives. The panel addresses the vulnerability of organizations and infrastructures to such attacks, both are regularly targeted by hackers, cyber criminals and terrorists. While the attack on Aramco was directed at its computer network, companies and organizations are also vulnerable to terror attacks against their infrastructure; such attacks have the potential to inflict physical damage just like any other terror attack – creating explosions, hazardous material spills, create flooding or traffic accidents, all that by using untraceable, yet highly effective cyber attacks.
Read the rest at Defense-Update.com
WP Database Backup Plugin : Backup WordPress To Google Drive
For the security of the blog, frequent and automatic backups of WordPress files and database is very important. Previously I had told you about WordPress database backup plugin that backup WordPress database to Dropbox automatically. Similarly, after the launch of Google drive (dropbox alternative cloud storage) it has got a new extension in the WordPress repository.
Read more here
Security BSides Delaware 2012: The Recap
For a 3rd year by popular demand and by all accounts Security BSides Delaware 2012 was a great success. The event occurred on Friday Nov 9th and Saturday Nov 10th at Wilmington University’s New Castle Campus. 
The list of impressive speakers at the event included Jim Gilsinn (@jimgilsinn) with his talk about “Cyber Security for the Industrial Environment: An Intro to ISA/IEC 62443”, “Hacking the Male and Female OS (Men are from Windows, Women are from Linux)” by Valerie Thomas (@hacktress09) and “PHP Website Security, Attack Analysis, & Mitigations” by @grecs.
In addition to talks, Security BSides Delaware also had some interesting workshops such as “Armitage and Cobalt Strike Penetration Testing Lab” by Raphael Mudge, “Social Engineering Basics and Beyond” by Valerie Thomas (@hacktress09) and a very popular “Metasploit Class” by Chris Godoy of @Rapid7
For the full list of talks and workshop look here – http://bit.ly/BDE2012Schedule
The staff of BSides Delaware was well prepared, professional and helpful and if you’d like to stay updated with them, you can do so at @BSidesDE on Twitter.
And thanks to the Security BSides Delaware Sponsors, such as @securicon, @Rapid7, @TenableSecurity and @DigitalTrustLLC to name a few. As stated by a BSides Staffer… “Without them, this would not be possible.”
Embarrassing to say, this was my first BSides, even though I heard a lot about them over the years. I enjoyed the venue and would definitely return to Security BSides Delaware next year.
For pictures and video of the Security BSides Delaware 2012 event, checkout the SecurityOrb.com Facebook page – http://www.facebook.com/pages/SecurityOrb/179512605403259?sk=app_2309869772
Also, follow us on Twitter at @SecurityOrb
If you attended Security BSides Delaware, please share your experiences and your thoughts about the event.
Security Zone 2012 – Latin America’s premier InfoSec event in Cali, Colombia
The Muro Group International is proud to organize Latin America’s premier information security event, Security Zone 2012 – December 3 through December 7, 2012. Bringing together the world’s top security experts, academics, and technology companies to present their new tricks of the trade and have fun in the sunny and beautiful city of Cali, Colombia.
Security Zone will be offering a wealth of presentations on all of the most critical issues in the security field right now. You will have the opportunity to speak with these experts directly, ask questions, and learn how to better protect your company from security threats.
Please visit www.securityzone.co for more information on the event. In addition, do not miss the exciting tourist package we are offering.
