Cybersecurity

How to Pivot into a Cybersecurity Career

Image credit: Jefferson Santos

If you are interested in pivoting into a cybersecurity career, there are a few steps you can take to prepare. First, it is important to understand the basics of computer technology and networks. You should have a good understanding of how computers work, and be familiar with different operating systems and network architectures. You can gain this knowledge through online courses, books, or by taking classes at a local college or university.

It is also important to gain hands-on experience with cybersecurity tools and technologies. This can be done through internships, part-time jobs, or by participating in online cybersecurity challenges and competitions. These experiences will not only help you learn more about cybersecurity, but they will also help you develop the practical skills and expertise needed to succeed in this field.

In addition to gaining technical knowledge and hands-on experience, it is also important to develop your problem-solving skills. Cybersecurity professionals are often called upon to identify and resolve complex technical issues, so having strong problem-solving skills is essential.

Overall, the key to preparing for a career in cybersecurity is to gain a strong foundation in computer technology and networks, develop hands-on experience with cybersecurity tools and technologies, and hone your problem-solving skills. With dedication and hard work, you can successfully pivot into a career in cybersecurity.

(This article was written by ChatGPT, an Artificial Intelligence chat bot! Learn more about it here!)

What is the OWASP Top Ten?

The OWASP Top 10 is a list of critical security vulnerabilities for web applications.  OWASP stands for the Open Web Application Security Project, which is a nonprofit foundation dedicated to improving the security of software.  The OWASP Top Ten list is updated every several years to reflect the changing cybersecurity landscape and to direct focus onto the most important current security issues.  The OWASP Top Ten for 2021 is as follows:

  • A01:2021-Broken Access Control allows an attacker to gain access to user accounts. The attacker in this context can function as a user or even an administrator of the system. This can be secured by ensuring that all accounts use the principle of least privilege and unused accounts are disabled immediately.

  • A02:2021-Cryptographic Failures occur when important stored or transmitted data is compromised. This vulnerability is also known as “Sensitive Data Exposure.” This can be improved by properly encrypting data at rest as well as data in transit.

  • A03:2021-Injection, or more specifically “Code Injection,” occurs when invalid data is sent by an attacker into a web application in order to make the app do something it was not designed to do. Writing secure code that is resistant to input fuzzing can help secure against this type of vulnerability.

  • A04:2021-Insecure Design is a generic term for web application vulnerabilities that are related to design flaws. Improvements in this category require the use of threat modeling, secure design patterns and principles, and reference architectures.

  • A05:2021-Security Misconfiguration describes design or configuration weaknesses that are the result of errors or shortcomings. Proper development and quality assurance testing will help secure against misconfigurations.

  • A06:2021-Vulnerable and Outdated Components relates to devices with known vulnerabilities that need to be patched. If a device or piece of software cannot be patched, it should be removed or replaced with a more secure option.

  • A07:2021-Identification and Authentication Failures leads to compromised passwords, keywords, and sessions which can translate to stolen user identity. This can be secured through proper user authentication and session management, as well as user education regarding password hygiene.

  • A08:2021-Software and Data Integrity Failures can occur when software updates or critical data is used without verifying integrity. This can be improved through hashing techniques to verify data accuracy and integrity.

  • A09:2021-Security Logging and Monitoring Failures are common when logging is not performed frequently and consistently. This type of failure can result in data exfiltration and other attacks.

  • A10:2021-Server-Side Request Forgery happens when a web application fetches a remote resource without validation, which can give an attacker access to critical data regardless of firewalls or other defensive tools. Proper validation is required to protect against this threat.

For more information about each vulnerability and how to defend against these attacks, check out the OWASP Top Ten website.  Thanks for reading - check out my YouTube channel for more!

https://owasp.org/www-project-top-ten/

Get Started in I.T. with TryHackMe Pre-Security

Click on the image to visit TryHackMe.com and create an account!

Click on the image to visit TryHackMe.com and create an account!

TryHackMe is a cybersecurity learning platform used by over 500,000 people. In July of 2021, TryHackMe released a new training module called “Pre-Security.” This learning path is great for anyone getting started in I.T., offering interactive lessons with questions to test your knowledge as you learn.

What Does “Pre-Security” Cover?

These sections are available in the “Pre-Security” learning path.

These sections are available in the “Pre-Security” learning path.

After a brief introduction, the learning path breaks into four primary areas (as seen in the screenshot above). The first category, Network Fundamentals, breaks down the following concepts in five rooms:

  • What is Networking?

  • Intro to LAN

  • OSI Model

  • Packets & Frames

  • Extending Your Network

The next section titled How The Web Works covers these concepts in the next four rooms:

  • DNS in Detail

  • HTTP in Detail

  • How Websites Work

  • Putting it All Together

The path continues on to focus on Linux Fundamentals in three rooms, covering:

  • Basic commands in the terminal

  • Using SSH and interacting with the file system

  • Common utilities used in Linux

Finally, the path wraps up with two rooms focused on Windows Fundamentals, focused on:

  • Desktop, NTFS, UAC, and the Control Panel

  • System Configuration, UAC settings, Resource Monitoring, and the Windows Registry

Who is This Training For?

Here’s an example of the platform in action. This room is called “What is Networking” and is part of the “Pre-Security” path.

Here’s an example of the platform in action. This room is called “What is Networking” and is part of the “Pre-Security” path.

“This learning path will teach you the pre-requisite technical knowledge to get started in cyber security. To attack or defend any technology, you to first learn how this technology works. The Pre-Security learning path is a beginner friendly and fun way to learn the basics. Your cyber security learning journey starts here!”

- TryHackMe, Pre-Security

As stated on the website, this path is for anyone getting started in IT networking and/or security. It’s a great way to get hands-on with basic IT concepts. Sign up and try it out today!

Should You Update Your iPhone?

Keeping your iPhone updated will help keep you secure. (Photo credit: Sumudo Mohottige)

Keeping your iPhone updated will help keep you secure. (Photo credit: Sumudo Mohottige)

According to a Pew Research study from 2017, “around one-in-ten people report they never install updates to their smartphone’s apps or operating system.”

Security flaws are constantly being discovered on all kinds of devices in today’s connected world, and iPhones are no exception. Keeping devices updated is incredibly important. Here are some of the main reasons to keep your iPhone (and other devices) updated:

Patch Security Exploits

iPhones can be vulnerable to exploits. (Photo credit: Dlanor S)

iPhones can be vulnerable to exploits. (Photo credit: Dlanor S)

It is a common misconception that only Windows PCs can get viruses or other malware. While it’s true that over 78% of all attacks in 2019 were carried out against Windows systems, there are still significant risks to iOS, MacOS, Linux, and other operating systems.

One case of this was the AceDeceiver Trojan, discovered in 2016 on iOS devices in China. This malware was able to install itself on devices by exploiting a flaw in Apple’s DRM protection. Once on a device, it could install other malicious apps without any knowledge of the user.

This is just one example of malware that existed on iOS, and is a reason why users should take security updates seriously.

Limit Tracking

Apple released iOS 14.5 in April 2021, which included a feature to limit tracking by third parties. (Photo credit: Luke Chesser)

Apple released iOS 14.5 in April 2021, which included a feature to limit tracking by third parties. (Photo credit: Luke Chesser)

With the release of iOS 14.5 in April of 2021, Apple introduced a feature called App Tracking Transparency that allows users to request to opt-out of third party tracking. An example of this kind of tracking is when you search for an item in your web browser, and then suddenly start seeing advertisements for similar items in your social media. While some may find this to be a convenient way to get relevant ads, most view it as a breach of privacy.

Users can opt-out of this tracking by going to Settings > Privacy > Tracking and toggling “Allow Apps to Request to Track” off. This will stop apps from sharing advertising data with each other, and it will automatically say “no” to the apps that request to track your data in the future.

Without updating to iOS 14.5, users would not have this option!

New Features

Keep your iPhone updated to take advantage of the latest features. (Photo credit: Bagus Hernawan)

Keep your iPhone updated to take advantage of the latest features. (Photo credit: Bagus Hernawan)

Hardware is not the only way that manufacturers release new features. Many new features are released as software updates. Just a few examples of new features in iOS 14.5 include:

  • Unlock Your iPhone With Apple Watch When Wearing a Mask

  • AirTags Support

  • Apple Maps Crowdsourcing for Accidents, Hazards, and Speed Checks

  • Dual-SIM 5G Support

  • New Emoji Characters

  • Expanded Game Controller Support

Conclusion

Yes, users should keep iOS devices updated. The added security, privacy, and access to new features are compelling reasons to take these updates seriously.

Thanks for reading!

How to Safely Store Bitcoin

Keep your cryptocurrencies safe and secure! (Photo credit: André François McKenzie)

Keep your cryptocurrencies safe and secure! (Photo credit: André François McKenzie)

The rise of Bitcoin and other crypto has created more reasons for owners to understand proper security of these currencies. Users can lose money due to hardware failure, loss of keys, and theft. Here are some of the best ways to store cryptocurrencies such as Bitcoin:

Hot Wallet

A “hot wallet” is internet-connected, making it more convenient but also more vulnerable. (Photo credit: Dmitry Demidko)

A “hot wallet” is internet-connected, making it more convenient but also more vulnerable. (Photo credit: Dmitry Demidko)

A “hot wallet” is the easiest way to store cryptocurrencies. Similar to a checking account, a hot wallet is a fast way to access and transfer funds. One important consideration is that hot wallets, also know as exchange wallets, are not insured by the FDIC or any other entity. In other words, if that organization was to be hacked and your coins were stolen, there would be nothing to bail you out. While a hot wallet is useful for making exchanges, it should not be used for holding large amounts of cryptocurrencies. Instead, those larger amounts should be transferred to the next option:

Cold Wallet

A “cold wallet” is safer because it is stored offline. (Photo credit: Erin McKenna)

A “cold wallet” is safer because it is stored offline. (Photo credit: Erin McKenna)

A “cold wallet” is the safest way to store Bitcoin and other digital currencies. Also known as hardware wallets, these wallets are stored offline and are therefore less susceptible to hacking. One of the safest ways to store an offline wallet is by printing it off and making a “paper wallet.” This includes a public and private key that can be used to verify your identity and access the coins. Another way to store a wallet offline is by using a USB drive to hold the public and private keys. The risk in this situation would be the loss or damage to these physical devices/paper.

Physical Coins

Physical coins are another popular way to store Bitcoin. (Photo credit: Dmitry Demidko)

Physical coins are another popular way to store Bitcoin. (Photo credit: Dmitry Demidko)

There are premium services available that will create and ship physical coins to you, with a tamper-proof sticker that indicate the value of the coin. This is more expensive that the free methods mentioned above, but it represents a unique way to hold a digital currency.

Other Considerations

Bitcoin Considerations.jpg

Here are some other things to consider when storing digital currencies:

  • Keep your wallet backed up to protect yourself from hardware failures. Store the backup separately from the computer with a good password.

  • Keep your Bitcoin/crypto software updated to keep it secure.

  • Consider using multiple signatures for transactions to increase security from theft.

  • Read as much as you can about the topic. Search for articles and learn about the currency you are investing in and how to keep it safe!

Thanks for reading!

Introduction to RangeForce

The RangeForce logo

The RangeForce logo

RangeForce describes itself as “the world’s most comprehensive cybersecurity training and cyber skills assessment program.” They use virtual machines and step-by-step training to guide you through practice labs on introductory topics such as VIM, regex, and Docker, as well as advanced topics like password cracking and packet capture forensics. With over 20 modules covering various topics, there is a lot of material available for learners of any experience level. Best of all, the training is provided at no cost through the Free Community Edition. Here is a quick walkthrough to get you started:

Create an Account

The account sign-up page for RangeForce Free Community Edition

The account sign-up page for RangeForce Free Community Edition

The account sign-up process is simple but might take some time. Fill out the form on the RangeForce website and click submit. You will then receive an email notifying you that it could take up to two business days to receive access to an account because each registration is processed individually. You will probably receive account access within 12-24 hours. You will then need to verify your email address and finish the setup process.

Check Out the Dashboard

The RangeForce dashboard

The RangeForce dashboard

Once you have finished creating your account, you will be greeted with the RangeForce dashboard. This hub shows your current rank on the leaderboard, how many modules you have completed, and the progress of your individually set goals.

Your position on the leaderboard automatically updates as you complete each module. At the time of this writing, you can put yourself in the top 100 members by completing only 13 out of the 21 available modules!

The modules cover a wide variety of topics, including Linux execution content, Splunk, cloud security, and Metasploit. Each category lists a difficulty level of foundational, intermediate, or advanced. Try one of the foundational modules to get an idea of how the courses work.

Individual goals can be set and measured by time spent or modules completed each month or week. As you accomplish the goals you set, this section will update automatically to track your progress and reward you when you finish.

Do the Work!

A few of the available modules

A few of the available modules

The next step is to set a goal and start working on the modules! Each module includes hints and solutions if you need them. Comment below with your current goal and ranking on RangeForce!

TryHackMe - What is Splunk?

(Photo credit: Vishnu R Nair)

(Photo credit: Vishnu R Nair)

TryHackMe is a great resource for learning basic hacking concepts and getting hands-on experience! This article will show you around the “Detect Attacks Using Splunk” room from TryHackMe. “Splunk” is a product that captures and organizes data into digestible formats to help find patterns and solve problems for companies.

Begin by creating a TryHackMe account and completing the first few click-throughs, which eventually leads to this link:

Once you’ve entered the Splunk “room,” you will need to start your virtual machine. While the machine loads, you will answer some basic questions about Splunk commands. Google is your friend!

Following your quiz is an opportunity to learn about “BOTS,” which is described as a “blue-team jeopardy-esque (CTF) activity.” Learn more about that here.

Eventually, your virtual machine will load. Open the web browser and navigate to the URL listed in the instructions. This should lead you to the first exercise, with a screen that looks like this:

Splunk2.png

Our first task is to track down P01s0n1vy, who is attacking our company, Wayne Enterprises. Follow the prompts to begin to understand which IP address attacked us, and which software was used to carry out the attack. While all of the answers are more or less given to you, it is best to always click the green button to “Run the Search in a New Tab,” which helps you see exactly how Splunk works with data to find the answers.

Splunk3.png

You will then progress through a series of questions. Don’t be discouraged if you need to google some of the answers. The most important thing to remember is that as long as you are learning something, your time is well spent. Everyone starts somewhere, and TryHackMe is a great way to expose yourself to the world of hacking! Keep going and you will keep learning.

(Photo credit: Kaur Kristjan)

(Photo credit: Kaur Kristjan)

Here is a link that provides many answers if you get stuck.

Good luck, and enjoy!

What are DoS and DDoS Attacks?

What is the difference between DoS and DDoS? (Photo credit: Kevin Ku)

What is the difference between DoS and DDoS? (Photo credit: Kevin Ku)

A “Denial of Service” (DoS) attack involves disrupting a computer or network and making it unavailable to users. This can be accomplished by exploiting a vulnerability in the system. One common DoS method is to flood the network with requests to overload it, which stops legitimate requests from coming through.

A “Distributed Denial of Service” (DDoS) attack is a DoS attack that comes from multiple coordinated sources. This is often achieved by using a botnet, which is a network of private computers maliciously being controlled without consent from the owners. A botnet has strength in numbers and is able to overwhelm a target by abusing protocols such as DNS, ICMP, and Network Time Protocol.

Here are some ways to protect yourself against DoS and DDoS attacks:

  • Use a multi-level defense strategy. This could include Intrusion Prevention and Detection Systems, firewalls, VPNs, content filtering, secure backups, and more depending on the scope of your network.

  • Keep software and firmware updated on all of your network devices. Avoid using hardware that is no longer supported with security updates from the manufacturer.

  • Monitor your network traffic. Understand your baseline so you can recognize anomalies as they occur.

  • Consider implementing cloud-based technologies as a way to outsource DDoS prevention.

Denial of Service attacks normally target business and larger companies, but individuals should also practice good security habits online. This includes using a firewall, keeping your software and OS updated, and not clicking suspicious links or opening strange emails. This will help prevent your system from unknowingly becoming part of a botnet, and will keep you safer online. Stay informed, and stay vigilant!