Priveon Labs Security Blog

Cisco NAC 4.8 New Feature Overview

Zach Brewer — Fri, 13 Aug 2010 13:20:22 +0000

As Larry posted previously, NAC 4.8 was released on 07/08/2010. This entry will highlight a few of the enhancements and changes added in NAC release 4.8.New ReportsReporting features in NAC 4.8 have been greatly enhanced including:- new dash…

Original post.

Priveon Labs Publishes New White Paper: Using Application Whitelisting to Prevent Real-World Threats

Zach Brewer — Tue, 03 Aug 2010 18:11:30 +0000

August 3rd, 2010 - Priveon Labs publishes new Bit9 Parity document. Using a real-world attack scenario in a controlled lab environment, a new Priveon Labs white paper demonstrates successful Bit9 Parity threat mitigation. The white paper can be view…

Original post.

Cisco NAC 4.8 Now Available

Larry Boggis — Wed, 28 Jul 2010 13:59:53 +0000

Cisco has announced the immediate availability of Network Admission Control (NAC) Release 4.8.0. This latest software release contains many new enhancements including:Support for Cisco NME-NAC PlatformsAdministrator Access RestrictionOut-of-Band…

Original post.

Application Whitelisting and MS Authenticode

Zach Brewer — Wed, 23 Jun 2010 19:19:11 +0000

F-Secure has recently reported of "…tens of thousands of malware samples that have been signed (with MS Authenticode)."MS Authenticode uses digital signatures (code signing) to authenticate software and inform the user of the fact that the software w…

Original post.

Extend MetaSploit Meterpreter Ruby to Allow Direct Windows API Calls (Railgun)

Zach Brewer — Mon, 14 Jun 2010 15:58:08 +0000

An interesting MetaSploit extension was recently posted to the MetaSploit mailing list. Railgun is an extension that allows for direct access to the Windows API (any existing or uploaded DLL on the target system) through Meterpreter. Railgun knows arou…

Original post.