Clearing the Perimeter for your CISO – John Powers Episode 3

We’ve been following the comedic “Meet John Powers – CISO” series from Tripwire. And they hit the ball out of park with their latest and last video, “The Spy Who Logged Me“. 

This one is my favorite by far.

I loved the line, “I was in ROTC I want to show you something real quick” – Classic!
I truly laughed out loud at the ending.

Great acting, perfect video!

Check it out!

How to Become a Psychic CISO

Does John Powers have some sort of psychic connection to the spiritual realm?

Probably not, but he relies on a great security solution that provides him with unrivaled visibility into activity on his organization’s IT systems. That’s not channeling spirits from the netherworld, that’s simply having the right people, skills and solutions to be confident.

Our friends at Tripwire have released the second video in the hilarious “John Powers Supernatural CISO” series. This time John’s coworkers think his uncanny knowledge of the system network is coming from the spirit realm.

For more information, astral project over to the John Power’s site, or for live readings check out their Twitter feed.

Securing your Network with Alien “Powers”

Have you ever wished for some supernatural powers to secure your organization? Perhaps longing for some extraterrestrial abilities to defend your sensitive data, or hoped to get help from outer space to get you through that compliance project?

Meet John Powers, the CISO so good at securing his network that co-worker Clint knows that there is something else going on.

Something out of this world…

Great video from our friends at Tripwire. A lot of companies, especially in the IT world, overlook one very important feature – HUMOR!

Anonymous government sources are predicting additional encounters later this summer. Check out the John Powers webpage for the latest intelligence, and track his every move with other true believers on Twitter.

Nice job guys!

Social Engineering Toolkit v4.1.1 “Gangnam Style” Released

David Kennedy and the Trusted Sec crew have recently released yet another update to the very impressive Social Engineering Toolkit.

SET v4.1.1 codenamed, “Gangnam Style”:

This version has a number of new enhancements including the ability to natively use Apache with the multiattack combining the Java Applet Attack and the Credential Harvester. Traditionally speaking, the credential harvester attack could only be used by the native SET HTTP server. We recently developed a php hook that gets copied over to the web root along with the standard Java Applet attack. If the Java Applet fails, the backup for credential harvester can be used. In addition, a number of stability updates were given to the standard Credential Harvester attack.

The harvester now supports multi-threading for faster response times when hitting the website. All-in-all this release adds a ton of new functionality and features. In addition to these changes, the Metasploit Meterpreter ALLPORTS payload is now supported through the PyInjector and ShellCode Injection techniques for the Java Applet. Lastly, we’ve added a new Java Applet that has been redesigned and heavily obfuscated. Enjoy!”

SET is one of our favorite computer security tools here at CyberArms.I can not think of an easier to use tool that allows you to check the security of your network against social engineering attacks.

We are just so grateful that David Kennedy and his team spend so much time tweaking and updating it.

Nice job guys!