Tuesday, December 15, 2015

Crypto lock virus. Can we get a handle on this already?



Someone really needs to get on this and get a fix for it. The government came out and said “pay them,” really? Really? What is up with that, let’s just open the doorway for these cyber criminals to deploy this everywhere.  The fact that there is no way to recover any of the data is unacceptable, and I think that the AV companies, security firms, the Government and the OS developers need to collaborate on this to stop it in its tracks. 

Of course there is always the conspiracy idea that it is our government using this as a way to fund themselves, or some other group or organization. Whatever it may be, the end is the same…FIX IT!! 















http://www.tech-ii.com/cryptolocker-virus-still-going-strong/

Monday, August 3, 2015

Windows 10: Where do I begin?



So last week Microsoft released Windows 10 to the world, for free; “for free?!” you might say, “what is the catch?” you may ask. No one but Microsoft really knows the agenda behind the true reasons for the free release, and the motivating factor for the upgrade in this new way it was presented. Many have theories, from they want to be nice, too they are secret operatives working with the government to steal your personal data. Whatever their reason let us review the new operating system released, the dos, the don'ts; the whys and what the F*#$ is that?

1.       The Review
The Windows seems to be running smother and cleaner, at least on my devices. It would seem that Microsoft has come up with what Linux had Mac has done for years and given you resources. The setback appears to be all the added features that take this advantage away. There seems to be a lot of running process that should be off by default. Some features added that would be better to be on if the user wants. It would also appear that to turn these off it is a bit of a runaround. But Microsoft will be Microsoft, I truly didn’t expect anything else.
I see Windows 10 as a better product then the last 3 OS’s and it is about time. It has an updated view with all of our favorite features. Whatever you think of Windows, in any shape or form, this new OS is by far a win for Microsoft. Let us not forget though that it is still early and Microsoft could still sour the milk. 

2.       The Reform

Windows 10,as stated before, has some features that tend to decrease productivity and resource power. It is my suggestion that you go the following links as to how to turn these off:


If you Google hard enough you can find a fix, or workaround for anything, these were a few I found that work great. Why any of these are on by default in the world we live in today I will never understand. They are making it easier and easier to hack a system, and exploit vulnerabilities. Although Microsoft will claim that the security risks are not to be a concern as they will not allow your personal info or data to compromised, it has been said that these issues can help a hacker create an easy Man in the middle attack, so beware.

3.       The Finale
As with any OS put out it will take time for everyone to get on board, I am in the belief that this Windows 10 will be good, I just hope that they can stay up with it for ten years. So before you do anything make sure you know what you are getting, make sure you know how to get rid of what you don’t want; and as always “Don’t Trust Anyone, or Anything!”

Saturday, February 7, 2015

Cybrary.it



Cybrary.it is a new site dedicated to online training on topics for Information Technolgy specilists. thier mission is to provide the very best content for the best price ever; Free! They provide Recommended Additional Study Material for each class as well.

The more interesting part is that you can pay for lab time, this is great if you don't have the resources at your disposal to test and put into practice the lessons you learn.

I have take many of these courses and it has elevated my knowledge and understanding of the topics, and elevated my standing in my employers, and clients, view.

Here is a list of the courses I have completed:

http://www.cybrary.it/course/cryptography/
Here is a short course about a really advanced topic. It was quick but full of very important information. I was able to get a taste of the topic and I look forward to diving deeper into Cryptography. The lab portions were really helpful, i wish the course was longer.

http://www.cybrary.it/course/post-exploitation-hacking/
Another Totally awesome course!! an earlier course i took went great into this, i was happy to take a further look at this topic. I think that this is important and was well deserved to have a course all for itself. i would like to see a course totally about footprinting that i believe is also an important part.

http://www.cybrary.it/course/ethical-hacking/
This was totally awesome course, full of well provided information. Hacking is good, but we want to be nice guys about it. There is a lot of interest in ethical hacking and a lot of courses, most are very expensive and not nearly as in depth as this one.

http://www.cybrary.it/course/advanced-penetration-testing/
Another very good Course, would recommend it to all. a good course for those who have a good grip on the previous course. the way the class was laid out was simple to follow and easy to understand.

http://www.cybrary.it/course/computer-hacking-forensics-analyst
Simply remarkable the amount of content, cant wait for the next course i take. Forensics is one of those topics when i would look into it board the crap out of me. This course however changed that view and gave me a knew respect for the topic.

http://www.cybrary.it/course/comptia-casp/
i wanted to take a quicky course and found it to be very helpful on my path to IT security training. So i probably should have taken the security + first, but luckily the SME was easy to understand and presented in a way that could make anyone learn.

http://www.cybrary.it/course/cissp/
Good for anyone wanting to understand the job of  keeping companies secure and following policy. I liked that the SME used current real life scenarios to get her points across, I couldn't believe how many large companies neglect security, and made me think on my own company's policies and our clients as well. I talked greatly with my boss on this topic, he seemed generally insterested in what i had learned.

http://www.cybrary.it/course/itil/
Good Foundational Course! I finally got to take the ITIL course; i wanted to take this for a long time but to find a good course, with a Subject Matter Expert that knew their stuff and could teach well was a difficult task until Cybrary.it. I am soo excited that i have found this site, and have recommended it to everyone i know.




Cybrary.it has divided the courses into three paths:
  • Systems Administration
    • CompTIA A+ – An introduction to computer hardware, software and security implementation, maintenance and support. This is the class to begin with, if you have no experience in IT at all.
    • CompTIA Linux+ – Take an in-depth look at administration in the open source operating system leader, Linux.
    • Microsoft Office 365 Web Content Management: SharePoint – Learn how to administer the leading organizational collaboration software on the market today, SharePoint.
    • Virtualization Management – Virtualization is driving Information Technology to new heights. Go deep into how to deploy, implement, manage and maintain the industry’s leading VM platforms.
    • Microsoft Certified Solutions Associate (MCSA) – This class helps you to master Microsoft’s most current Server environment and helps you achieve one of the top certifications in Systems Administration.
    • Project Management Professional (coming soon)
  • Network Administration
  • Cyber Security
    • CompTIA Security+ – In this class you will gain a stable foundation of Cyber Security and Information Assurance as well as prepare for the security industry’s most sought after entry level certification.
    • Cryptography – Learn how to secure data communications through the use of cryptographic messaging and practices.
    • Ethical Hacking and Penetration Testing – Learn the fundamentals of hacking and penetration testing. Think like a hacker, so that you can stop them from intruding into your systems. This class will help prepare you for the industries most sought after certification, EC-Council’s CEH.
    • Computer and Hacking Forensics – In order to catch cyber criminals, you have to learn how to retrace their steps and correctly acquire and document the evidence. Also prepare for the industry leading CHFI certification from the EC-Council.
    • CompTIA Advanced Security Practitioner (CASP) – This advanced certification covers deep topics that span across both Cyber Security as well as Information Assurance.
    • Certified Information Systems Security Professional (CISSP) – The leading certification for Information Assurance management personnel. This course is both very deep, and very broad. Be ready to study hard!
    • Post Exploitation – Learn what to do to maintain your presence and to gather intelligence after you have exploited the target system.
    • Social Engineering and Manipulation – Take a look inside the form, function and flow of a highly skilled social engineering cyber-attack. Learn to protect the human element.
    • Python for Security Professionals – Learn the commands and functions that every aspiring cyber security professional must know from Python. This isn’t a full programming course, but rather a course designed for non-coders who are developing their career in security.
    • Metasploit – An in-depth look inside the Metasploit Framework intended to show you how to use it to its full potential.
    • Malware Analysis and Reverse Engineering – An introduction to reverse engineering malware. This class is for experienced Cyber Security professionals, generally at least two to three years in the field is preferred.
    • Advanced Penetration Testing by Georgia Weidman – This class is for advanced Cyber Security professionals. You will learn in depth, hands-on, advanced hacking techniques to help you target and penetrate almost any highly secured environment.
Cybrary.it says on their site they are"The world’s first free and open, online IT and Cyber Security training platform. We believe IT and Cyber Security learning should be free and open."



Wednesday, January 28, 2015

Checklist for Starting a HackLab


1.    Examples of who your Hackerspace might be for
Computer hackers
Hardware hackers
Food hackers
Metalwork hackers
Chem hackers
Textile hackers
Multimedia hackers
UAV hackers
2.    Here’s an example of physical needs you may have on your list:
220 power
Running water
Ventilation
Concrete floor
Natural light
Darkroom and darkroom supplies (have your photo hacker make a list)
Air conditioned room for servers
Area for physical hack projects
Sound proof room for audio/video recording/editing
24/7 Access
Spray paint booth
Place to put a car lift
3.    Examples of where your Hackerspace can be:
A mixed use commercial space
A garage
An art studio
A rental space you can (legally!) customize
An industrial warehouse
A storefront location downtown
4.    Get this stuff organized so you can get hacking:
Making a floor plan
Painting the walls
Making cleanup rules
Internet/wifi
Moving in desks
Implementing a safety program
Setting up an alarm system
Setting up the website and social media (Twitter/FB/Flickr/YouTube/UStream)
Installing proper wiring, ventilation
Fixing stuff in the space (bathroom, windows, etc.)