October 17, 2017

Cyber Security Degree

What Would Be Great To Do Next…

Technology

A couple weeks ago I spoke to the UAT graduating class and in that message I referred to the implications of living in and building upon the current world landscape. Specifically I pointed to the accomplishment of creating a universal access to the Internet and computing resources that is now deeply woven into our daily lives. This was the great and admirable work of the previous generation. And while there is still plenty (lifetimes) of work left to be done in this area, we have breathing room to ask the question – What is next? When I think about what…

Read More

Can We Understand Massive Security Data?

Security software and technology are evolving rapidly, allowing security systems to collect and correlate more data about the inner workings of our network and computing systems, than ever before. But nearly no progress has been made in areas relevant to data visualization; which are key to allowing users to comprehend the vast amount of data collected. This puts at risk our ability to understand the key information required to make important decisions related to protecting our data assets. To put this simply, we’re using cutting edge technology to collect security data that we aren’t truly able to fully understand. Without…

Read More

DEF CON 23

DEF CON 2015

DEF CON is one of the oldest and largest continuously running hacker conventions around. UAT is making yet another appearance at DEF CON to connect with alumni as well as many like minded technology-driven individuals. Originally started in 1993 by The Dark Tangent, DEF CON is a unique experience for each con-goer. Virtually all events at DEF CON were conceived by the attendees. Some people play capture the flag 24×7, while many people never touch a computer at DEF CON. Some people see every speech they can, while others miss all speeches. Other activities include contests, movie marathons, scavenger hunts, sleep deprivation, lock picking,…

Read More

Black Hat 2015

Black Hat 2015

Black Hat is the most technical and relevant global information security event series in the world. For more than 16 years, Black Hat has provided attendees with the very latest in information security research, development, and trends in a strictly vendor-neutral environment. These high-profile global events and Trainings are driven by the needs of the security community, striving to bring together the best minds in the industry. Black Hat inspires professionals at all career levels, encouraging growth and collaboration among academia, world-class researchers, and leaders in the public and private sectors. From its inception in 1997, Black Hat has grown…

Read More

Innovation Isn’t Just A Student Project

Network Security

One of the issues I face when trying to ensure my students are getting the best education in security, is innovation. UAT was founded on the concepts of continued growth, development, and innovation. Within the realm of Network Security, that can be difficult. Students often find themselves relegated to creating new documentation, unless they’re programmers (a much smaller number of the student population). How does a student innovate, or even prove innovation? It can be subjective to the individual reviewing the idea. For example, the students may not be entirely aware of what’s in industry; so how can they be…

Read More

Hacking: A Career Or A Lifestyle?

Cyber Security Cave

Your success within information security is ultimately tied to your own dedication to the topic. In other words, if you’re not hacking in your free time, you’re not living up to your potential. In an odd twist, what you do in your free time really DOES impact your success in your work time. Let’s look at it this way. A student attends University in a effort to create a career they will hopefully enjoy, and benefit from. And it’s true, a University degree does offer tremendous value, even in the field of information security. But, in truth, Universities are often…

Read More

Be a Cynic

I typically try to be open-minded, and give people the benefit of the doubt. Seriously, I could be wrong, right? I get that. But when it comes to companies that have been hacked, and I’m listening to the story I’m being spoon-fed by their PR department; I’m a cynic. I imagine I always will be, actually. This comes up because of the recent JP Morgan Chase hack, where a purported 76 million households have had their information compromised. The story starts to fall apart each time the company says anything else about the incident, and how widespread the impact is…

Read More

New Methods of Attack?

Back in the late 90’s, we saw methodologies of exploitation that relied heavily upon poor programming practices within core services on computers. One example of that is the FTP PASV vulnerability, which allowed a hacker to dump the password hashes for all users contained in the /etc/shadow file, simply by following a series of steps, and causing a segmentation fault. The resulting “core” file would contain a full memory dump of the system, including the shadow file, if it had recently been pulled into memory. As time progressed, hackers became obsessed with other methods of attack, such as buffer and heap…

Read More

12 Network Security “White Hat” Hackers You Should Know

White Hat Hackers

The White Hat Heroes that walk among us are the cyber security experts who are looking for trouble. “White Hat” network security researchers are considered ethical hackers whose discoveries and inventions protect and defend against the underground “Black Hat” hackers. Thank you Network World for getting the word out that there are more than one kind of hacker out there. Robert “RSnake” Hansen Greg Hoglund Dan Kaminsky Zane Lackey Marc Maiffret Charlie Miller HD Moore Joanna Rutkowska Sherri Sparks Joe Stewart Christopher Tarnovsky Dino Dao Zovi Read more in this NetworkWorld article. To learn how to become a “white hat” hacker, go…

Read More

Norman: An ‘Antivirus on a Cable’

Norman AntiVirus

Sometimes you wanna go.. Where everybody knows your name and they’re always glad you came. You wanna be where you can see, the troubles are all the same. you wanna be where everybody knows your name! Norm! For the low cost of $50 K – Norm will be your friend! Norm – A standalone in-band scanning terminal for incoming and outgoing data to the downstream industrial control system. Norm fills the anti-virus SCADA gap that were not apart of the original optimistic industrial control system designs. Read more about my friend Norm.   Link to this post!Related PostsVolunteers Needed For…

Read More