So far this year I took part in two very different CTFs. Each one exposed me to different learning opportunities and challenges. This was especially welcome during this pandemic! And I found with so many folks being stuck at home, online participation was both easier and more rewarding. The first was a Open SOC CTF… Continue reading Pandemic Capture The Flags
Cyber-crime is a growing concern for businesses of every size, but especially for small businesses. This is because small businesses have information attackers want, but often don't have the security infrastructure to defend against or respond to incidents. According to the FBI Internet Crime report, the cost of cyber-crime was $2.7 Billion dollars in 2018, with Business Email Compromise (BEC) incurring the highest costs.
Wireless security protocols like WEP, WPA and WPA2 ensure that only authorized parties connect to your wireless network, and that your traffic is encrypted. However, all three work differently, and provide different levels of security.
The NIST Cyber Security Framework proves guidance for organizations looking to assess and improve their ability to prevent, detect and respond to cyber attacks. It
When you first start learning a language, there are a lot of concepts to learn! By far, the best way to learn is through doing. As such, I often find myself learning something new when I hit a roadblock with my code, such as not knowing how or if I can add a certain feature.… Continue reading Python : Writing & Importing A Module
[April 27th 2019] Recently, I volunteered to be part of the team to set up the wifi network for a local conference. I had a great time, but it was certainly stressful with several last minute changes! The venue ultimately ended up being changed, so the original network diagram was scrapped. That said, it wasn't… Continue reading Volunteer Wifi Setup
The information age is grand! Anyone with an internet capable device and a connection can learn whatever they want if they know where to look. However, information overload is easier than ever. In the interest of sharing, and not losing, information about some fascinating community resources I put together this small list of pulications and… Continue reading Hacker Publications : A small listicle
Bsides SLC was 2/21 & 2/22 this year, and luckily although I couldn't participate as much as I wanted to, I was able to make it to the last few hours yesterday! If you aren't familiar, Bsides is a DIY, grassroots security con which is really well described here http://www.securitybsides.com/w/page/12194138/BSides . Bsides has a reputation… Continue reading BSidesSLC 2019
Collegiate cyberdefense competitions evaluate teams through several different metrics. While technical skills and concepts like incident response take center stage, soft skills and business knowledge are also tested. Business injects in particular, tend to test general knowledge, understanding of business policy, ability to communicate and influence non-technical superiors without technobabble and so on. In keeping… Continue reading Collegiate Cyberdefense Competition Injects Part 1 : Introduction to Business Injects
First things first, what is sqlmap? It's a open source penetration testing tool for automating the process of finding SQL injection flaws and taking over databases. I won't get into the full capabilities here, but you can learn more at [http://sqlmap.org/]* The following is really just a combination of my notes, and an extra credit… Continue reading Toying with SQLmap