For the past several weeks, this blog has served as a means of fulfilling an academic requirement, and as a means of personal learning and growth. Primarily, I wrote about current events and topics that I found of interest that needed more researching or understanding. The majority of these posts were focused on security issuesContinue reading “Week Ten – Final Blog Post- Analysis”
Tag Archives: Cybersecurity
Week Nine – System Hardening: Administrative Controls and Residual Risk
When cybersecurity professionals consider residual risk, oftentimes the immediate thought is directed towards physical or technical controls. While these areas often have the most risk to analyze and mitigate, administrative controls should not be dismissed as having little risk involved. Arguably, administrative controls, as primarily dealing with the human element, may have some of theContinue reading “Week Nine – System Hardening: Administrative Controls and Residual Risk”
Week Eight – Uncommon Languages as a Security Bypass
Typical organizational security measures include signature, or even context recognition to identify malware inside the network. Attackers, forever creative, have begun to utilize less common languages to either write their malware, or for use as a file dropper to write the malware to the disk or into memory. There are several reasons why an attackerContinue reading “Week Eight – Uncommon Languages as a Security Bypass”
Week Seven – Cyber Security Regulation
Regulations are often a love-hate relationship in most industries. However they have been shown to have a positive impact in new or changing markets, especially those that fail to improve at a pace necessary for protection of growth of the industry. Cybersecurity is no exception. On July 20th, the Transportation Security Administration with the helpContinue reading “Week Seven – Cyber Security Regulation”
Week Six – The Importance of System Relevance
As humans we naturally age, and as expected so do information systems, software, techniques and their associated networks. This system aging can become a problem for organizations who neglect to dedicate enough resources to advancing their systems and keeping them up to date. This is even more important due to the rapid pace in whichContinue reading “Week Six – The Importance of System Relevance”
Week Five – Trusted Platform Module
Microsoft has recently announced their push for TPMs to be mandatory with the next iteration of Windows 11. So what are TPMs? A TPM, or trusted platform module, is an integrated chip or an add-on module for the system motherboard. This chip adds hardware-level security to the system. They can be used to encrypt diskContinue reading “Week Five – Trusted Platform Module”
Week Four – Remote Code Execution
Remote code execution is a method of attack whereby the attacker is able to send commands to the remote computer which then executes those commands. In most cases, these remote code executions are malicious in nature and are not authorized by the system owner. Remote code execution is generally the second attack on a systemContinue reading “Week Four – Remote Code Execution”
Week 2 -DNS Sinkholes
While researching the use of honeypots, I came across the term sinkholes. One of the best ways to increase understanding of any subject is to examine various components with which they are associated. So, what are DNS sinkholes? How are they implemented and what are their uses? In order to answer this question, we mustContinue reading “Week 2 -DNS Sinkholes”
Week 1 Blog Entry – System Hardening Guidelines
Hysolate has come out with some system hardening guidelines for 2021. Many of these may seem to be basic information, but we still see the results of missing basic security measures implemented well. These basic guidelines are effectively a small checklist that include: Automatically applying OS updates Removing or disabling non-essential services, software, drivers, fileContinue reading “Week 1 Blog Entry – System Hardening Guidelines”
Cybersecurity In Action 