Blog Feed

Posted in Cons, Goals, Informational, Research

Cyber Presentations

Posted on by Steph

So, one of my goals as I wrote before was to get better at public speaking. I worked on thos by applying for talks…even though it frankly terrifies me to think of being in front of a room full of people with all eyes on me. Luckily for my anxiety I got chosen to speak but both were to be pre-recorded.

Which is great because it still gets me speaking, but also doesn’t make me have to deal with the anxiety of the moment. It’s an important step and even an confidence boost to have my presentations be accepted. And even just being accepted and being able to add, Presenter @ so and so conference to my CV/Resume and speak on it in interviews has been helpful.

So, my advise this Saturday for someone trying to expand their cyber presence:

  • Make an effort to attend some conferences
  • If your interested apply to call for papers, you never know when something that seems interesting to you might be interesting to others
  • Its’s ok to have fears, we sll have them, but we cant let them control what we accomplish in life

Posted in CTF, Informational, Profiles, Simple Malware Analysis, Vulnerabilities

Jobs in Cyber: Vulnerability Researcher

Posted on by Steph
Hand with black nail polish holding a magnifying glass – Pexel

Stumbled on this job during a recent job search. This had never been on my radar as a possible field of interest, but after interviewing and learning about the position I was intrigued.

A vulnerability researcher basically investigate, identify, and study vulnerabilities and exploits in software and/or systems. Sometimes this can be independently, but often it is part of an enterprise or in conjunction with continuous monitoring services.

Possible Skills Needed:

  • Scripting knowledge
  • Decompiler knowledge
  • Malware Analysis
  • Communication (verbal and written)
  • Methodical approach to research
  • Analytical mind
  • Scanners such as Nessus
Posted in Informational

Sick

Posted on by Steph

I’m currently sick. My throat is raw, but I’m working on my presentation for Blacks in Cybersecurity Village @ Defcon. Hopefully with enough tea, honey, and ginger I’ll be able to record this video without my voice breaking like a pubescent teen boy.

Posted in Current Events, Informational, Research, Topic

Privacy in the Digital Age:

Posted on by Steph

Roe v. Wade

Again, had a post planned and instead news caused a different post.

Even before the Supreme Court officially struck down the Roe v. Wade decision and sent reproductive health issues back to the states there were stirrings questioning how incoming changes might effect health apps and data collection.

Living in today’s world people might not worry about how much of their information is readily collected or available. Perhaps, they’ve resigned themselves to the fact that they can’t stop their data being collected. There has been very little headway made in crafting some type of national privacy law, so it makes one feel like this is just inevitable, online privacy is your own concern.

For months before today reading through Twitter brought calls for women to remove period tracking apps and be more cognizant of how their data might be collected and in the future possibly subpoenaed as proof of some ‘reproductive crime’..

“Democrat lawmakers along with privacy advocates are now growing worried prosecutors in these anti-abortion states will use subpoenas to demand tech companies help them identify which users have visited an abortion provider.” -Michael Kan, PCMag.

I would definitely consider myself a privacy advocate. I think the majority of infosec people are concerned about privacy to some degree. It’s concerning that it really took something so dramatic to bring this conversation about data collection back to the foreground.

It can be proposed that perhaps we all just became too complacent in many ways…

How all this unfolds and develops is something to keep a definite eye on.

Posted in Cons, Covid, Goals, What I've Used

@CyberjutsuCon 3.0 – 2022

Posted on by Steph

My First Post Covid Con

I’m currently sitting in the basement of a coferemce center, because my battery need a recharge. It’s not quiet, and people a near, but I’m sitting alone and just kinda soaking it all in.

I’m at Cyberjutsu Con which has the distinction of being my first ‘post’ Covid conference as well as my first conference as a speaker (albeit my presentation was pre-recorded and presented online).

Can I just say: Join the professional groups!! They are here for the community and networking everyone says we should be doing. I can definitely appreciate the Cyberjutsu folks for being down-to-earth and pretty chill. Everyone is helping everyone and the talks have been excellent.

I’m glad that they chose my talk and hopefully people are digging it.

Now let me get on my second presentation for this conference season….1 hint, via Las Vegas…..

Posted in Informational, InfoSec History, Research, Vulnerabilities

There is no Safe Haven: Mac Attacks

Posted on by Steph

I was all set to write about an interesting job in infosec today and then I woke up and saw reports of a new attack: ‘Pacman’, being leveraged against Apple computers. This report got me thinking about a conversation I saw on Social media where a connection was asking about what laptop to buy. One of this person’s friends mentioned getting an Apple because they are ‘safer’ than Windows machines and ‘antivurs wasn’t needed’ (no one but us tech geeks recommend Linux it wasnt even in the running). I recall thinking that laypeople are just really unaware that Apple systems are getting targeted at higher rates in recent years . So here we are talking about Mac Attacks.

As a disclaimer I’ve got no real dog in whatever battle exists between OSes. As a tech-head I have systems that run Windows, MacOS, and several flavors of Linux. The job isn’t to safeguard a specific type of system it’s to safeguard them all.

We can say, oh MacOS and Linux OS distros have less know vulnerabilities or are attacked less often, but to say that one or the other doesn’t have any or doesn’t get attacked is untrue. All systems are opened to be attacked.

Some Recent Apple Malware:

  • Pacman
  • Silver Sparrow
  • XLoader
  • GoSearch22
  • Thiefquest

A more in depth look at some Apple vulnerabilities and malware can be found here or here.

I will always advocate for user to protect themselves. Defense in depth isn’t just for enterprises it also means that users shouldn’t assume that the systems are just inherently ‘safe’. When people say security is everyone’s business I can support that because your end security should be your business which includes setting precautions to overlap where initial software and hardware might fall short.

Posted in Cons, Goals

GOALLLLLLLLLSSSSSS!!!!

Posted on by Steph

So, one of my goals was to try to network more and kind of work on my personal brand as well as contribute to the infosec community.

I always said I don’t in any regard want to be famous, but I do want my name to be well thought of and regarded. Luke I want my name to be synonymous with efficient, high-quality work. You can’t really have that type of regard and not attend conferences.

So, my plan is to hit at least 2, but maybe 3 ir 4 infosec conferences this year. I’d been to Hacker Halted before, but not for a couple years.

Another goal is that I want to get more comfortable with speaking in public. I’m like super introverted and public speaking has always been my kryptonite, but I can’t allow something that seems so simple be so debilitating.

That being said I’m presenting (although in both cases prerecorded) at 2 conferences this summer, so yay me!

More to come in an after blog….

Posted in Flashback Friday, Informational, InfoSec History

Case Study: Maroochy Shire

Posted on by Steph

Problem

In 2001, a former contractor who still had access to the system, compromised the industrial control system (ICS). This compromised causes the sewage to flood the town and watershed.

This would become the first widely recognized attack on and industrial system.

“Marine life died, the creek water turned black and the stench was unbearable for residents,” said Janelle Bryant of the Australian Environmental Protection Agency in The Register

Cohen, Gary, 2021

Solution

  • Focus on possible Insider Threats
  • Offboarding procedures
  • Emphasize separation of duties
  • Airgap operational technology from information technology.
Posted in Informational, Labs, What I've Used

Splunk Core Certified User – Study Guide

Posted on by Steph

I would advise anyone who wants to learn to use Splunk to actually use Splunk. They offer a really thorough fundamentals class for free and you fan set up a Splunk environment fairly easy.

There’s also hands-on by completing the ‘Boss of the SOC’ challenges.

Furthermore I recommend:

Splunk Certified Study Guide by Deep Mehta published by Apress

I highly recommend the above book to supplement study and test prep.

Posted in Informational, Learning Woes, What I've Used

Broke the Microsoft Curse

Posted on by Steph

Or Passing AZ-900

Last Friday I sat for an passed Microsoft’s Azure Fundamentals (AZ-900) certification test. During my hiatus I had sat for an failed Microsoft’s Security Analyst (SC-200) test.

To be honest I really wasn’t prepared for SC-200. I breezed through the Microsoft Learn coursework and didn’t really study the material. Although I had hands-on with their security tools I’d never used Kusto Query Language. I kinda wanted a feel for how Microsoft tests were comparatively speaking.

Failing SC-200 wasn’t a big hit because I was aware of my shortcomings.

Still to me, Microsoft Cert Tests are trickier and have section blocks that limited the ability to go back and change answers, which I wasn’t prepared for the first time taking one of their exams, but was ready for taking the Fundamental exam.

This is exam is basically theoretical and based on understanding Azure on a high level and the using the cloud as a whole.

I would recommend using the following to test prep:

  • Microsoft Learn for AZ-900 (free Microsoft course)
  • Jim Cheshire book (pictured below)
  • I microsoft also has ‘Virtual Training Days’ which can help.
Jim Cheshire – “Microsoft Azure Fundamentals Exam Ref AZ-900”

Now to get more hands on with Azure!!