Tag: cybersecurity topics

Posted in Informational, Learning Woes, What I've Used

Broke the Microsoft Curse

Posted on by Steph

Or Passing AZ-900

Last Friday I sat for an passed Microsoft’s Azure Fundamentals (AZ-900) certification test. During my hiatus I had sat for an failed Microsoft’s Security Analyst (SC-200) test.

To be honest I really wasn’t prepared for SC-200. I breezed through the Microsoft Learn coursework and didn’t really study the material. Although I had hands-on with their security tools I’d never used Kusto Query Language. I kinda wanted a feel for how Microsoft tests were comparatively speaking.

Failing SC-200 wasn’t a big hit because I was aware of my shortcomings.

Still to me, Microsoft Cert Tests are trickier and have section blocks that limited the ability to go back and change answers, which I wasn’t prepared for the first time taking one of their exams, but was ready for taking the Fundamental exam.

This is exam is basically theoretical and based on understanding Azure on a high level and the using the cloud as a whole.

I would recommend using the following to test prep:

  • Microsoft Learn for AZ-900 (free Microsoft course)
  • Jim Cheshire book (pictured below)
  • I microsoft also has ‘Virtual Training Days’ which can help.
Jim Cheshire – “Microsoft Azure Fundamentals Exam Ref AZ-900”

Now to get more hands on with Azure!!

Posted in Informational, Labs, Simple Malware Analysis

Build a Lab with Me (#1)

Posted on by Steph

Write the Docs…

So, I’m a little bit of a tech hoarder.  I’ve got several raspberry pis, nucs, Mac minis, and a chrome box. I also have a switch to put pfsense on.  I’ve kinda got the hardware part down (tho I am looking for 1 more machine with 16gb or ram to complete my vision).

This being said I have a few things I want out of my lab environment:

  • Malware Analysis machine
  • Security Onion Analyst machine
  • Cyber Threat Intelligence Machine
  • Possible Forensic Analysis Station
  • Also want to have a pihole

I also know I want to mess around with Docker and Python although these don’t need their own environments the other three kinda do. This is especially true for malware Analysis machine which needs to be isolated as much as possible to prevent infection of other systems.

Draft Lab Documentation

The above is the draft documentation I cooked up to kinda of mimic inventory management. I also think if I’m going to have stationary ip addresses that this should be documented as well. I started having this info written out, but have also entered it into note-taking software. This is my attempt to be meticulous and intentional in this endeavor.

Posted in Informational, Simple Malware Analysis

Bazar Call Emails: More than a Scam

Posted on by Steph

This week I learned about Bazar Call /Bazarloader Malware. I had never heard of this malware campaign. Even when it was explained to me I didn’t think that it would have a high success rate, but doing more research it is really successful.

The whole cycle starts with an email one that often talks about the end of a free subscription or being charged for a renewal or the like. This email might not have any links or attachments, but will have a number for the recipient to call.

<sidebar: I’d always thought these types of emails had 1 purpose and that was to scam recipients by getting them to call and then getting them to divulge credit card information or other personal information…my viewpoint was limited .>

When the recipient calls to cancel or dispute the precieved charges they are directed by the ‘call center’ to a website and this website downloads bazarloader malware which can be a carrier for other malicious code like Trojans or Ransomware.

https://unit42.paloaltonetworks.com/bazarloader-malware/

So, I learned something new this week. I’m always amped when I learn something and I usually want to learn more about it. So, I’m doing more deep diving on Bazarloader and to see if there are other similar campaigns.

This whole thing also reinforced thinking outside the box when it comes to attacks. Often times, the simplest objective isn’t the true objective. Why hook a little phish when a marlin is out there like encrypting and ransoming an entire enterprise?

Also long story short, whether it’s a credit card scam or something more malicious, like this: don’t call random numbers in emails.

More readings on Bazar Call:

Posted in Using, What I've Used

The Road BACK to FreeCodeCamp

Posted on by Steph

and why I’m even going back….

I’m. A very big advocate of first using the free stuff.  If there are free offerings when learning by all means access them.  When I first started to explore my interests in information technology I started with web page design.  One of the biggest contributors to my learning was definitely FreeCodeCamp.

FreeCideCamp assisted in me teaching myself HTML, CSS, and Javascript.  I also began to code Python with the community’s assistance. I did 100 days of code twice with some influence from their curriculum. 

This is also where I first found out about BlackGirlsCode, but I digress…

Once my career in infosec and graduate school really started rolling I really strayed away from FreeCodeCamp–though I still kept and eye on the community/site.  I still advise people to check them out when they’re starting to learn coding, especially since their offering have really grown.

So, now years and two degrees later I find myself back on FreeCodeCamp working through their Data curriculum because data is fun. To be in infotech and infosec is to commit yourself to lifelong learning and discovering things that interest you and maybe how those interests might inform your work. That’s really what made me stroll on back to freecodecamp, because like I said use the free resources before you open your wallet so you can discern between what might be a mild interesting topic or an avenue for career pivot.

Posted in Informational, Topic

Phishing

Posted on by Steph

Spam, Scams, and Being Targeted…

Regardless of whether you are the CEO of a Fortune 500 or a blue-collar worker with hundreds in the bank there is a price on your personal identifiable information (PII). The cost of your information can range from the amount of money you currently have in an account, the amount of credit extended on a card, or the usability of your credentials in escalated attacks. That’s not fear-mongering, it’s a fact. Information is a commodity and either yours and/or the information you hold is worth something. Thankfully, phishing emails can be easily combated with just an increase in situational awareness and following simple rules for emails.

  • This means looking at the sender of emails; including matching the sender name and the sender’s email address.
  • Being wary of all links and attachments. If the attachment is from a stranger or not expected from the sender err on the side of caution and don’t download it without verifying the sender (not through email).
  • Assume links are suspicious. This is just the easiest way to avoid misdirection. If you need to check something out for an account don’t use the email links instead go directly to the site via the browser by typing it in.
References
More Examples of PHishing Emails
Glossary
  1. Phishing – crafted, usually mass-sent emails used to try and garner information from the targets. These are usually not a well crafted, can be automated. Also a broad term that encompasses: spear-phishing and whaling.
  2. Spear-phishing- An email attack which is targeted to certain people, persons, or groups. These emails will be more well crafted and will try to use public available information to craft the message.
  3. Whaling-An even more targeted attack than spear-phishing which casts an even smaller “net” targeting CEOs, COOS, and other upper management accounts.
  4. Social Engineering- Broad term for attacking the “human” element of organizations. This type of attack uses human nature to try and get information or gain access. Phishing falls under social engineering as an attack type.
  5. Situational Awareness- Practicing calm in the moment in order to analyze environmentally what is occurring.
  6. Spoof[ing]- Imitation; pretending or portraying to be an entity in which they are not.