August 22, 2017

Cyber Security Degree

Innovation Isn’t Just A Student Project

Network Security

One of the issues I face when trying to ensure my students are getting the best education in security, is innovation. UAT was founded on the concepts of continued growth, development, and innovation. Within the realm of Network Security, that can be difficult. Students often find themselves relegated to creating new documentation, unless they’re programmers (a much smaller number of the student population). How does a student innovate, or even prove innovation? It can be subjective to the individual reviewing the idea. For example, the students may not be entirely aware of what’s in industry; so how can they be…



Read More

Hacking: A Career Or A Lifestyle?

Cyber Security Cave

Your success within information security is ultimately tied to your own dedication to the topic. In other words, if you’re not hacking in your free time, you’re not living up to your potential. In an odd twist, what you do in your free time really DOES impact your success in your work time. Let’s look at it this way. A student attends University in a effort to create a career they will hopefully enjoy, and benefit from. And it’s true, a University degree does offer tremendous value, even in the field of information security. But, in truth, Universities are often…



Read More

Be a Cynic

I typically try to be open-minded, and give people the benefit of the doubt. Seriously, I could be wrong, right? I get that. But when it comes to companies that have been hacked, and I’m listening to the story I’m being spoon-fed by their PR department; I’m a cynic. I imagine I always will be, actually. This comes up because of the recent JP Morgan Chase hack, where a purported 76 million households have had their information compromised. The story starts to fall apart each time the company says anything else about the incident, and how widespread the impact is…



Read More

New Methods of Attack?

Back in the late 90’s, we saw methodologies of exploitation that relied heavily upon poor programming practices within core services on computers. One example of that is the FTP PASV vulnerability, which allowed a hacker to dump the password hashes for all users contained in the /etc/shadow file, simply by following a series of steps, and causing a segmentation fault. The resulting “core” file would contain a full memory dump of the system, including the shadow file, if it had recently been pulled into memory. As time progressed, hackers became obsessed with other methods of attack, such as buffer and heap…



Read More

12 Network Security “White Hat” Hackers You Should Know

White Hat Hackers

The White Hat Heroes that walk among us are the cyber security experts who are looking for trouble. “White Hat” network security researchers are considered ethical hackers whose discoveries and inventions protect and defend against the underground “Black Hat” hackers. Thank you Network World for getting the word out that there are more than one kind of hacker out there. Robert “RSnake” Hansen Greg Hoglund Dan Kaminsky Zane Lackey Marc Maiffret Charlie Miller HD Moore Joanna Rutkowska Sherri Sparks Joe Stewart Christopher Tarnovsky Dino Dao Zovi Read more in this NetworkWorld article. To learn how to become a “white hat” hacker, go…



Read More

Norman: An ‘Antivirus on a Cable’

Norman AntiVirus

Sometimes you wanna go.. Where everybody knows your name and they’re always glad you came. You wanna be where you can see, the troubles are all the same. you wanna be where everybody knows your name! Norm! For the low cost of $50 K – Norm will be your friend! Norm – A standalone in-band scanning terminal for incoming and outgoing data to the downstream industrial control system. Norm fills the anti-virus SCADA gap that were not apart of the original optimistic industrial control system designs. Read more about my friend Norm.   Link to this post!Related PostsCyber Security Students…



Read More

CISPA – Cyber Intelligence Sharing and Protection Act of 2011 as of April 16, 2012

CISPA

There is still much controversy surrounding CISPA. Below is the link to the house bill that is being threatened to be vetoed by President Obama. The bill is aimed to sharing “Cyber Threat Information”. Defining the “Cyber Threat Information” is aimed at unauthorized access and malicious intentions. http://docs.house.gov/billsthisweek/20120423/CPRT-112-HPRT-RU00-HR3523.pdf ‘‘(2) CYBER THREAT INFORMATION — The term ‘cyber threat information’ means information directly pertaining to a vulnerability of, or threat to, a system or network of a government or private entity, including information pertaining to the protection of a system or network from— ‘‘(A) efforts to degrade, disrupt, or destroy such system…



Read More