Decisions – Build A Security Ninja

Current Events, Informational, Research, Topic

Privacy in the Digital Age:

Posted on June 25, 2022June 25, 2022 by Steph

Roe v. Wade

Again, had a post planned and instead news caused a different post.

Even before the Supreme Court officially struck down the Roe v. Wade decision and sent reproductive health issues back to the states there were stirrings questioning how incoming changes might effect health apps and data collection.

Living in today’s world people might not worry about how much of their information is readily collected or available. Perhaps, they’ve resigned themselves to the fact that they can’t stop their data being collected. There has been very little headway made in crafting some type of national privacy law, so it makes one feel like this is just inevitable, online privacy is your own concern.

For months before today reading through Twitter brought calls for women to remove period tracking apps and be more cognizant of how their data might be collected and in the future possibly subpoenaed as proof of some ‘reproductive crime’..

“Democrat lawmakers along with privacy advocates are now growing worried prosecutors in these anti-abortion states will use subpoenas to demand tech companies help them identify which users have visited an abortion provider.” -Michael Kan, PCMag.

I would definitely consider myself a privacy advocate. I think the majority of infosec people are concerned about privacy to some degree. It’s concerning that it really took something so dramatic to bring this conversation about data collection back to the foreground.

It can be proposed that perhaps we all just became too complacent in many ways…

How all this unfolds and develops is something to keep a definite eye on.

Informational, InfoSec History, Research, Vulnerabilities

There is no Safe Haven: Mac Attacks

Posted on June 11, 2022 by Steph

I was all set to write about an interesting job in infosec today and then I woke up and saw reports of a new attack: ‘Pacman’, being leveraged against Apple computers. This report got me thinking about a conversation I saw on Social media where a connection was asking about what laptop to buy. One of this person’s friends mentioned getting an Apple because they are ‘safer’ than Windows machines and ‘antivurs wasn’t needed’ (no one but us tech geeks recommend Linux it wasnt even in the running). I recall thinking that laypeople are just really unaware that Apple systems are getting targeted at higher rates in recent years . So here we are talking about Mac Attacks.

As a disclaimer I’ve got no real dog in whatever battle exists between OSes. As a tech-head I have systems that run Windows, MacOS, and several flavors of Linux. The job isn’t to safeguard a specific type of system it’s to safeguard them all.

We can say, oh MacOS and Linux OS distros have less know vulnerabilities or are attacked less often, but to say that one or the other doesn’t have any or doesn’t get attacked is untrue. All systems are opened to be attacked.

Some Recent Apple Malware:

Pacman
Silver Sparrow
XLoader
GoSearch22
Thiefquest

A more in depth look at some Apple vulnerabilities and malware can be found here or here.

I will always advocate for user to protect themselves. Defense in depth isn’t just for enterprises it also means that users shouldn’t assume that the systems are just inherently ‘safe’. When people say security is everyone’s business I can support that because your end security should be your business which includes setting precautions to overlap where initial software and hardware might fall short.

Informational, Labs, Simple Malware Analysis

Build a Lab with Me (#1)

Posted on May 7, 2022May 8, 2022 by Steph

Write the Docs…

So, I’m a little bit of a tech hoarder. I’ve got several raspberry pis, nucs, Mac minis, and a chrome box. I also have a switch to put pfsense on. I’ve kinda got the hardware part down (tho I am looking for 1 more machine with 16gb or ram to complete my vision).

This being said I have a few things I want out of my lab environment:

Malware Analysis machine
Security Onion Analyst machine
Cyber Threat Intelligence Machine
Possible Forensic Analysis Station

Also want to have a pihole

I also know I want to mess around with Docker and Python although these don’t need their own environments the other three kinda do. This is especially true for malware Analysis machine which needs to be isolated as much as possible to prevent infection of other systems.

The above is the draft documentation I cooked up to kinda of mimic inventory management. I also think if I’m going to have stationary ip addresses that this should be documented as well. I started having this info written out, but have also entered it into note-taking software. This is my attempt to be meticulous and intentional in this endeavor.

Uncategorized

CYSA+ – Backtracking to CS0-001

Posted on August 17, 2020August 17, 2020 by Steph

Since I failed the beta of CYSA+ CSO-002 by such a narrow margin (10pts), I’m going to take CSO-001 before it is retired.

My plan is to review my test report and then study the areas I faltered in. I make a packet of flashcards and focus my brief study to these areas.

I just feel like I’ll regret not attempting to complete the current test with how close I came to passing the beta.

Uncategorized

Charting a Path (or Not…)

Posted on January 12, 2020 by Steph

(Late because I took CYSA + Beta on Thursday 1/09) [Fingers-Crossed]

I think people direct people to “find what they love and do it…” They say that as if doing that is just the easiest thing, but sometimes it isn’t. For example the number of things I thought I really wanted to do and then finally realized I wasn’t suited for or I really wasn’t as interested in are too numerous to list here.
I will admit that it is important to find the things that you are most interested in because it makes you want to learn more about it. Although, there is often things that one has to learn in order to move forward or change careers or what have you, it’s also important to kind of focus in one the things that really interest you and learn about them.

For me, Digital Forensics and Penetration Testing is one of the subsets of Cybersecurity that really interests me. I may have to learn to do SIEM investigations and log analysis for work, but learning these things isn’t a passion project for me, it’s a means to an ends. These things are still interesting , but when I learn them it’s not the same sense of pride or what have you as I feel when I uncover something or even when doing a CTF.

I 100% am not set on what exactly what I will be doing in 5 or 10 years. Because my path has diverged so often and in such varied ways I try not to make solid plans, but rather have an outline of things I would like to learn or do. Whether that would work for others isn’t for me to say. I just know that I tried to rigid planning thing and that didn’t work for me at all. The unplanned plan does work.

My best advice would be to learn, to be open to learning and always be researching shifts and changes and developments and then just to absorb the things that interest you the most and see where these things might take you.

One Great Site for seeing what careers might be available to research:
https://www.cyberseek.org/pathway.html

M	T	W	T	F	S	S
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30	31