Reflecting on National Cybersecurity Awareness Month 2023: A Call for Continued Vigilance

/
October is recognized as Cyber Security Awareness Month and as…

Comprehensive Guide to CISSP: A Review of “CISSP All-in-One Exam Guide, Ninth Edition” by Shon Harris and Fernando Maymi

/
"CISSP All-in-One Exam Guide, Ninth Edition" by Shon Harris and Fernando Maymi has long been considered a go-to reference for CISSP aspirants. In this comprehensive review, we will explore the book's content chapter by chapter.

Basic Linux Commands

/
List of Basic Linux Commands

Top 5 Open Source Vulnerability Security Scanning Tools

/
Nmap: Nmap is a powerful open source network exploration…

The Benefits of Sock Puppets in Open-Source Intelligence (OSINT)

/
A Sock Puppet is fake persona, or an alternative online identity used to collect and investigate open-source information on a target.

The Open-Source Intelligence (OSINT) Cycle

/
Open-source intelligence, or OSINT, refers to the process of collecting information from public and legal data sources to serve a specific function. Some open sources components might include social media, videos, blogs, news, and the web (surface, Deep and Dark Web). 

Benefits of STEM Summer Camps

/
STEM summer camps can make summer learning fun and exciting by teaching kids about science, technology, engineering, and math.  The camps can give children an opportunity to continue learning more about a concept they were introduced to during the school year or event explore different STEM concepts they may not learn about in their classrooms.

U.S. Can Expect to see more Ransomware Attacks

/
In the cybersecurity space, there are many things we do not all agree on, but one thing I have noticed in the past year is that we all agree that the U.S. can expect to see more ransomware attacks as the nation recover from recent attacks which included the District of Columbia Police Department, The Colonial Pipeline and now the JBS meat plant. These will continue to increase, especially in the state, local environment, as well as in the critical infrastructure and manufacturing space. There are two main reasons for this trend: 1. Organizations are not implementing the basic security controls thus allowing attackers to take advantage of easy attack vectors. A major of the critical infrastructure in the U.S. are operated by private organizations with very little IT and security regulations. 2. Many organizations are frequently deciding to pay the ransom after they have been attacked. Security researchers and law enforcement often recommend organizations not to pay the ransoms, but when stakeholders and the media are applying pressure, organizational leader must do what is best for the organization. This validates the ransomware industry and their frequency and tactics become more sophisticated. This recent attack seems to have a Russian’s group fingerprint associated to it just like the pipeline event. Many security researchers, law enforcement officials and politicians are recommending in conjunction to increasing regulations on U.S. based organizations, the U.S. must also impose sanctions against countries that allow these types of activities to occur inside their borders.

Bad Ending for Washington, D.C.’s Metropolitan Police Department (MPD) after a Ransomware Attack

/
A group of ransomware hackers known as “Babuk” leaked internal police files from the Washington, D.C. Metropolitan Police Department (MPD).  The information was stolen in late April. 

Colonial Pipeline Ransomware Attack

/
One of the nation's largest fuel pipelines has been forced to shut down after being affected by a ransomware cyberattack.  Ransomware is a form of malware that encrypts a victim's files. The attacker then demands a ransom from the victim to restore access to the data upon payment.