August 24, 2017

Computer Science Student Ups His Personal Security With YubiKey

YubiKey

There are “hackers” at any college but especially at UAT, where some of the best Network Security, Technology Forensics, Network Engineering and Information Assurance students in the state receive their education. That’s why Advancing Computer Science student Christopher Peterson decided to get secure with his logins. He uses a product called YubiKey, which looks like a small thumb drive that you plug into your computer and it generates a unique, 44-digit, single-use passcode that provides a second line of security for your logins, beyond a username and password. “I started using it because I was going to college and their…

DEF CON 24

DEFCON Hacking Conference

DEF CON is one of the oldest and largest continuously running hacker conventions, which seems to continue growing each year. UAT will make its usual rounds at DEF CON to connect with alumni as well as many like minded technology-driven individuals. Originally started in 1993 by The Dark Tangent, DEF CON is a unique experience for each con-goer. All events at DEF CON were conceived by the attendees. Some people play capture the flag the entire time, while many people never touch a computer at DEF CON. Some people see every speech they can, while others miss all the talks….

2016 Black Hat Briefings Conference

Black Hat

UAT Cyber Security students will return to Black Hat in a few weeks to serve as paid volunteers assisting with various activities at the conference such as network set up, security, event organization and tear down. Year after year, UAT students are fortunate to have an opportunity because no other technology colleges are granted this privilege. Black Hat is the most technical and relevant global information security event series in the world. For 17 years, Black Hat has provided attendees with the very latest in information security research, development, and trends in a strictly vendor-neutral environment. These high-profile global events and Trainings are…

UAT Network Security Experts Featured in Ransomware Story

Ransomware interview with Fox10 Phoenix and UAT Provost Dave Bolman

What is ransomware and how should one handle it? In the UAT Cyber Warfare Range, Provost Dr. Dave Bolman and ‎Network Security‬ Professor Al Kelly comment on ‪ransomware‬ and how to handle the threat in a FOX 10 Phoenix interview with special assignment reporters Kristy Siefkin and Tishin Donkersley.  Ransomware – a type of malware that can be covertly installed on a computer without the knowledge of the user which restricts access to the infected computer system and demands that the user pay a ransom to the malware operators to remove the restriction.  The topic of ransomware is frequently discussed in the news…

Can We Understand Massive Security Data?

Security software and technology are evolving rapidly, allowing security systems to collect and correlate more data about the inner workings of our network and computing systems, than ever before. But nearly no progress has been made in areas relevant to data visualization; which are key to allowing users to comprehend the vast amount of data collected. This puts at risk our ability to understand the key information required to make important decisions related to protecting our data assets. To put this simply, we’re using cutting edge technology to collect security data that we aren’t truly able to fully understand. Without…

DEF CON 23

DEF CON 2015

DEF CON is one of the oldest and largest continuously running hacker conventions around. UAT is making yet another appearance at DEF CON to connect with alumni as well as many like minded technology-driven individuals. Originally started in 1993 by The Dark Tangent, DEF CON is a unique experience for each con-goer. Virtually all events at DEF CON were conceived by the attendees. Some people play capture the flag 24×7, while many people never touch a computer at DEF CON. Some people see every speech they can, while others miss all speeches. Other activities include contests, movie marathons, scavenger hunts, sleep deprivation, lock picking,…

Innovation Isn’t Just A Student Project

Network Security

One of the issues I face when trying to ensure my students are getting the best education in security, is innovation. UAT was founded on the concepts of continued growth, development, and innovation. Within the realm of Network Security, that can be difficult. Students often find themselves relegated to creating new documentation, unless they’re programmers (a much smaller number of the student population). How does a student innovate, or even prove innovation? It can be subjective to the individual reviewing the idea. For example, the students may not be entirely aware of what’s in industry; so how can they be…

Hacking: A Career Or A Lifestyle?

Cyber Security Cave

Your success within information security is ultimately tied to your own dedication to the topic. In other words, if you’re not hacking in your free time, you’re not living up to your potential. In an odd twist, what you do in your free time really DOES impact your success in your work time. Let’s look at it this way. A student attends University in a effort to create a career they will hopefully enjoy, and benefit from. And it’s true, a University degree does offer tremendous value, even in the field of information security. But, in truth, Universities are often…

Be a Cynic

I typically try to be open-minded, and give people the benefit of the doubt. Seriously, I could be wrong, right? I get that. But when it comes to companies that have been hacked, and I’m listening to the story I’m being spoon-fed by their PR department; I’m a cynic. I imagine I always will be, actually. This comes up because of the recent JP Morgan Chase hack, where a purported 76 million households have had their information compromised. The story starts to fall apart each time the company says anything else about the incident, and how widespread the impact is…

New Methods of Attack?

Back in the late 90’s, we saw methodologies of exploitation that relied heavily upon poor programming practices within core services on computers. One example of that is the FTP PASV vulnerability, which allowed a hacker to dump the password hashes for all users contained in the /etc/shadow file, simply by following a series of steps, and causing a segmentation fault. The resulting “core” file would contain a full memory dump of the system, including the shadow file, if it had recently been pulled into memory. As time progressed, hackers became obsessed with other methods of attack, such as buffer and heap…