News: NetSecNow v2.0!

https://youtu.be/EUldAl4LQV0

zscaler - Fake it till you make it?

So on the twitter sphere today, I saw a post about this website; http://securitypreview.zscaler.com/ which is supposed to be some "in the cloud" network security company, I guess? And their free check up script is supposed to do an "Automated Audit" on your system, via the web browser. I know right, silly to even type this, but that's the claim.

Well apparently some of us professionals in the know tried it out. And no matter your OS, Device, Browser, etc, we noticed that every single time on ANYTHING, this scan would tell you that you are Vulnerable to the "zbot Virus", which oddly enough, their company name also starts with a "z" as in "ZScaler" Twitter @zscaler. Coincidence? I think not. Scareware, I think yes.

Just imagine for a second, if you will, some overly zealous CEO of some small-medium corporation coming across this advertisement. He figures, sure, why not, I'll run a free scan! I'll show those over priced infosec companies, HA!

He then sees he's vulnerable to some erroneous "zbot" virus. "OH NO!" he exclaims, and promptly follows the companies call to action to sign up for their "service". Sigh.. we've all been saying this for years, this was bound to happen. but what Mr CEO Doesn't realize -- and it's our jobs to educate them on this -- is that Network Security auditing and/or Penetration Testing involves (should always) thinking outside the box. There is absolutely no "canned" or out of the box magic protection software/technology. It's not possible, and everyone who thinks that is just another foolish sheep.

Anyway, I know exactly nothing else about the above mentioned company, however, I do know that what they are doing is an underhanded, shady practice no different from any other traditional scareware tactics.

By the way, as I mentioned, it doesnt matter the platform you're on, they tell you that you are vulnerable to the zbot virus. I googled the zbot virus, and the only systems it can infect is

Trojan

Systems Affected:

Windows 2000, Windows 7, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows Server 2008, Windows Vista, Windows XP

Notice it doesn't say anything about Linux/Unix or android, mac, etc. Yet on all of those devices, it said I was vulnerable.

Reference

-AfterBurn

Updated 8-24-15

Hey Guys,

Just wanted to post an update as to what I am currently up to. First, I see Kali Linux 2.0 is out and that's exciting! I went ahead and ordered a new (to me) laptop, and that should be to me by the 29th. First thing will be installing Kali Linux 2.0. In reading the docs for Kali 2.0, I realized that there are some scripts I can write to certainly save some time, and make stuff easier for the Kali Community, to which I will do as soon as I install it. So keep an eye out for that.

I am searching through my old backups looking for data from the www.learnnetsec.com website. UGH, it may not be as easy as I thought to get the site back and going. But, that said, I want to make it bigger, better, more content, more hacker challenges, forums, learning portals, etc. So until then, this site is serving as the backup. Please subscribe to it. For now, the domain www.learnnetsec.com is forwarded to this one, until I get this resolved. 

I am very active on twitter again, so check me out there @LearnNetSec 

I am very excited to be back and at it again guys, honestly. I have found new software to edit videos on Linux, and of course its open source! So good bye windows! Once and for all! 

Stay Tuned, 

- AfterBurn

OpenVas PDF bug fixed

Hey Guys,

As you know some time ago, I reported a bug to the Kali Linux dev team to make them aware of the PDF export problem with openvas and greenbone security assistant webui. I just got an email that they resolved it.

Have a read here: https://bugs.kali.org/view.php?id=430

-AfterBurn

Triumphant Return

Hey Guys!

I hope everyone is well. It's been awhile since I put any content out. I apologize. But, certainly I'm looking to get things back on track within the next few weeks. It's going to take some time to get back up and running. Unfortunately, due to Having to move, I no longer have all of my equipment up and running, and at this time, no space to have my full lab back up. But, I'll still be making videos soon. Ordering a new laptop soon.

I still do my best to answer questions via YouTube, and I'm so very grateful for our channels growth, 17,950 SUBSCRIBERS! That's awesome!

After the new laptop is purchased, I will do my best to get the old website back up and going as well.

Truthfully, I'm very excited to get this project going again. So for the time being, this will be the current website for news, tips, tricks, etc.

Oh, also, Facebook flagged me for using a fake name and locked my account, so the Facebook page for netsecnow is locked. I'm working on that too, but we will probably be forced to open something else up.

Stay tuned,

AfterBurn