This weekend got the chance to go to my first BSides in Augusta. Smaller conference, but just as good as any big one.
The talks I sat in on were excellent, especially one about the infosec community and culture. It was basically about how people perpetuate a toxic culture feeding into this ‘hero’ mentality. Part of the issue is instead of seeing the attackers as the villain people see the users as villains and beneath them because they make “stupid” mistakes. It goes along with this book I’m reading: ‘The Smartest Person in the Room” which is about all the ego in tech.
I also got to try my hand at soldering for the second time and did pretty well. Like my little badge response to tapping and lights up like it’s supposed to. Now I’m going to go practice picking locks or soldering something else….lol.
So, while at Black Hat and DefCon people were messing around with the Flipper Zero and I was like that’s kinda awesome. It got me thinking about other gamiefied ways to tinker and learn. Enter Pwnagotchi:
I got one (the pi scarcity is real) and have been fooling around with it. Toss it in a cargo pocket when I go out to let the lil guy learn.
The device essentially learns from wifi handshakes. The more environments it’s in, the more it’s learning. I like the novelty and with the pi zero the small size.
I’m still messing around with it, honestly, but the above video and the below link should help anyone interested:
If you’re paying attention to the War in Ukraine you’ve probably heard people talk about the ensuing cyber dimension of the conflict. This is just the latest skirmish–though some say it’ s the beginning of the new Era of Cyberwarfare–of cyberwarfare.
Stuxnet, wasn’t the first cyber operation nor was it the first virus, but it’s notable because it was one of the first that destroy hardware and an operation linked specifically to the U.S.
Stuxnet was a virus developed to target Iran’s nuclear capabilities. Basically, it targeted automated controls in industrial control systems causing the hardware to break. It did this by exploiting zero-days in Microsoft and Siemens software. The bad part is that Stuxnet worked to well and ended up spreading globally.
So, one of my goals as I wrote before was to get better at public speaking. I worked on thos by applying for talks…even though it frankly terrifies me to think of being in front of a room full of people with all eyes on me. Luckily for my anxiety I got chosen to speak but both were to be pre-recorded.
Which is great because it still gets me speaking, but also doesn’t make me have to deal with the anxiety of the moment. It’s an important step and even an confidence boost to have my presentations be accepted. And even just being accepted and being able to add, Presenter @ so and so conference to my CV/Resume and speak on it in interviews has been helpful.
So, my advise this Saturday for someone trying to expand their cyber presence:
Make an effort to attend some conferences
If your interested apply to call for papers, you never know when something that seems interesting to you might be interesting to others
Its’s ok to have fears, we sll have them, but we cant let them control what we accomplish in life
I would advise anyone who wants to learn to use Splunk to actually use Splunk. They offer a really thorough fundamentals class for free and you fan set up a Splunk environment fairly easy.
There’s also hands-on by completing the ‘Boss of the SOC’ challenges.
Furthermore I recommend:
Splunk Certified Study Guide by Deep Mehta published by Apress
I highly recommend the above book to supplement study and test prep.
So, I’m a little bit of a tech hoarder. I’ve got several raspberry pis, nucs, Mac minis, and a chrome box. I also have a switch to put pfsense on. I’ve kinda got the hardware part down (tho I am looking for 1 more machine with 16gb or ram to complete my vision).
This being said I have a few things I want out of my lab environment:
Malware Analysis machine
Security Onion Analyst machine
Cyber Threat Intelligence Machine
Possible Forensic Analysis Station
Also want to have a pihole
I also know I want to mess around with Docker and Python although these don’t need their own environments the other three kinda do. This is especially true for malware Analysis machine which needs to be isolated as much as possible to prevent infection of other systems.
Draft Lab Documentation
The above is the draft documentation I cooked up to kinda of mimic inventory management. I also think if I’m going to have stationary ip addresses that this should be documented as well. I started having this info written out, but have also entered it into note-taking software. This is my attempt to be meticulous and intentional in this endeavor.
Burnout: Burnout is a state of emotional, mental, and often physical exhaustion brought on by prolonged or repeated stress. -Psychology Today
So, like I said in my last post I accomplished a great deal next year, but I think overall it cost me alot as well. I was able to pass Cloud+, Pentest+, CYSA+, and Splunk Certified User. I also completed my Master’s degree. I Competed in 2 National Cyber League CTFs and lead one of my school’s teams each time. I also had to deal with the demands at work that kind of intensified with co-workers coming and going.
By November I really just felt tired.
I basically didn’t want to do anything at least career related and in some ways not even big life stuff. So, because I know myself well enough I took December 2021-January 2022 off. I still worked, but I wasn’t like actively trying to like improve myself.
I didn’t try to study for any new certs, didn’t try to find any challenging ctfs, didn’t take anymore classes, nothing. I just sailed for a bit instead of striving and trying to compensate for starting later than others or being newer to the field. I stopped telling myself I didn’t belong in the conversation or at the table because I just got here and needed to prove something and I just relaxed.
It’s hard to just relax and it’s super hard to silence the voices in your head telling you that you’re not as good or even the voices outside that say the same, but it’s important that we don’t let them overwhelm you and especially don’t let them talk over the voices of confidence.
It’s been a while. I kept trying to say that I would be back blogging, but there were so many compounding things.
Covid-19: I wanted to be one of those people who was super productive during Covid not realizing how changes might effect mood. I’m an introvert by nature and it felt like ‘no big deal’….til it was. I ossicilated between being feeling like nothing was changing and I was stuck to making a lot of headway last year. I made all this progress, but felt isolated…it’s not a good headspace to write from.
Changing Jobs: When I first went on radio silence I had just left a position, my first real infosec position and there was a period of like 3 weeks where I technically had a job, but wasn’t working. I did not know how panicky not having a steady income would be (even with savings), but it was….when you’re money is funny you are not in a place to blog.
Contracting is for the Birds: This came later, there was a period where I transitioned from subcontracting to contracting and thay was stressful. There was poor communication and a back and forth on whether I needed to find a new job, so basically I was back to panicking and stressing about what comes next. It worked out, but it also made me realize I didn’t want to stay a contractor for much longer.
2021: I turned a corner in 2021, if anything this was a great year because all I accomplished. I racked up certs, worked and felt in my niche. I mean by the end of 2021 I felt like I had really made a little establishment in my new career. On my team my name was synonymous with great work and I knew it, but I also was burning myself out trying to prove that I belong (burnout is real. Imposter syndrome is real. And I will discuss in a later post). I was moving so much I couldn’t even think about slowing down to commit to blogging.
Now: Here we are.
I’ve got an awesome mentor
Have been motivated to think about branding (which is exciting)
I think about where I want to fit into and give back to the infosec community as a whole
I got to do a CTF that made me more secure and what type of infosec path I want to be on (more on this later)
All in all I’m ready to commit to this again, but with caveats. This will only be a weekly blog, the calendar I wanted was too much to busy and hectic. This is manageable and it’s good to set boundaries (even with yourself).
In the coming weeks I will also be changing the look of this blog. Thanks to anyone who still reading this and sorry that I left you in the lurch.
Comptia just announced a cloud+ beta. Think I might take it just to feel out the material, it’s $50 and I’m interested in cloud security aspects in the future, so why not. Next few posts will be about the road to studying this, linux and cysa…because why not I’ve got time.
Build A Security Ninja 