ITSecurity Training

Vulnerability Management – Just Do It!

by

Abilities Identify Security issues based on analysis of vulnerabilities – apply cybersecurity and privacy principles to organizational requirements Knowledge Application vulnerabilities, data backup and recovery, host/network access control mechanisms, system administration, network, and operating system hardening techniques. Skills Detecting host and network intrusions Conduct vulnerability scans and recognize vulnerabilities in security systems. Tasks Keep up … Read more

Real Story of Log4J

by

Affected Software A significant number of Java-based applications are using log4j as their logging utility and are vulnerable to this CVE. To the best of our knowledge, at least the following software may be impacted: Apache Struts Apache Solr Apache Druid Apache Flink ElasticSearch Flume Apache Dubbo Logstash Kafka Spring-Boot-starter-log4j2 So you can see that … Read more

SolarWinds Hack and CISA(Government Agency) Directive Common Theme

by

2 stories from the Hacker News: Solar Winds Hackers Targeting Government and Why everyone needs to take the latest CISA directive seriously   The Solarwinds hack from last year (the one I discussed in several stories including this one: SolarWinds hackers Hacked Multi-factor Authentication. It is sometimes instructive to review past hacks to see what … Read more

Another New Ransomware Attack – Delete Files and Hide Them

by

Yes now your files will be hidden (apparently they will be placed in a Winrar format – which is a kind of packed encrypted format). And then the original files are deleted. There are more details in the Sophos analysis a their blogpost. How about this attack?  KrebsonSecurity has an interesting story about a Nigerian … Read more

Are You On The Internet?

by

What does it mean – Am I on the Internet?  Why ask this question? I want you to think about what it actually means. So we have the Internet (Google or other search engines). Each device has an IP address. This means even your watch may have an IP address.  Your IoT devices have IP … Read more