cybersecurity

  • PicoCTF

    What is PicoCTF? picoCTF is a free computer security education program with original content built on a capture-the-flag framework created by security and privacy experts at Carnegie Mellon University. It has training available for those who want to learn more about computer security. I just signed up today and followed along with this youtube to

    read more

  • Kali Linux

    Disclosure: I used ChatGPT to assist in writing parts of this post. I like paying with it to see how it does. Really impressed so far! What is Kali Linux? Kali Linux is a Debian-based Linux distribution designed for digital forensics and penetration testing. It is a popular choice for ethical hackers and cybersecurity professionals

    read more

  • List of Hacker Movies

    I posted about a list of hacker movies back in October. Today I looked up the book on amazon, and its $10 for the kindle addition. I did a little more digging and I found the entire list published on Cybercrime Magazine for free. It includes links and a PDF download. Great fun resource to

    read more

  • How To Get Started in Information Security

    Great videocast on how to get started in cybersecurity. I love this kind of information.

    read more

  • How I Earned my Certified in Cybersecurity Certificate for Free

    In my company, someone posted about (ISC)2 giving away certifications. (ISC)2 is the same company that provides the CISSP and other certifications that are well-recognized by companies throughout the world. This One Million Certified in Cybersecurity initiative started at the end of August 2022 with a press release on their website. I was intrigued and

    read more

  • Access Controls

    Discretionary Access Control (DAC) – A certain amount of access control is left to the discretion of the object’s owner, or anyone else who is authorized to control the object’s access. The owner can determine who should have access rights to an object and what those rights should be. Mandatory Access Control (MAC) – Access

    read more

  • Risk Treatment

    Risk Treatment is making decisions about the best actions to take regarding the identified and prioritized risk. There are four types outlined below: I’m posting this because it is a concept that I have in the past been confused on. For example, mitigation and transference can be confused in the following way. If someone buys

    read more

  • Books about cybercrime

    A guardian article was recently published covering the top 10 cybercrime books. What they didn’t do is rank them with any third-party data. Below I’m putting those 10 books plus another with their goodreads rankings (0-5 being the best), to help me, and maybe you, choose the right book to start reading first. Book Rating

    read more

  • Cybersecurity Articles | Week of October 24, 2022

    TechCrunch, Inside TheTruthSpy, the Stalkerware network spying on thousands by Zach Whittaker (Oct 26) | A database containing about 360,000 unique android devices exposed. TechCrunch, Hive Ransomware gang leaks data stolen during Tata Power cyberattack by Carly Page, Jagmeet Singh (Oct 25) | Tata Power, which serves more than 12 million customers through its distributors,

    read more

  • Great Recent Articles

    Nature: Why scientists are turning to Rust by Jeffrey M. Perkel (Dec 11, 2020) Why this is interesting. RUST is seen as more secure than other older programming languages. The Trade Secrets Network: Struggles with Insider Risk Program Stakeholders by Stacey Champagne (Sep 9) Bleeping Computer: Web browser app mode can be abused to make

    read more