Emergent Cybersecurity Risks Presented by Drones

Emergent Cybersecurity Risks Presented by Drones

Drones are emerging as one of the best way of delivering parcels and goods. Military use drones to do dangerous manned missions that are risk for anyone to go. They are also used to do researches as they can travel to habitats where human life cannot survive. Drones are also known as unmanned aerial vehicles (UAVs). They are automated and use GPS (Global Positioning system) and GLONASS (Global Navigation Satellite System) to move to where they are sent. With the increase in use of drones (unmanned aerial vehicles), vulnerability and susceptibility of drones to attacks has increased and hence cybersecurity … Read more

Cyber Incident Analysis

Cyber Incident Analysis

With the advancement in technology, cybersecurity incidents have increased both in oftenness and sophistication. Practically every second somewhere in the world someone is trying to infiltrate or rather hack a particular computer system. A cybersecurity incident can be defined as an act of malice whose intention is to compromise or disrupt either the physical or electronic security perimeter of a critical cyber asset. Cybersecurity incidents may be grouped into social incidents, misuse incidents, hacking incidents, and malware attacks. Cyber-attacks may target things such as domain name systems, network infrastructure, and websites or even applications. Due to the increased cases of … Read more

Get AWS Certified on the Cheap!

Get AWS Certified on the Cheap!

The AWS Cloud Architect certification has recently topped the list of the most valuable IT certifications to hold. Given this, there is a flood of IT professionals who are working on getting this certification under their belt so that they can add it to their resume in the hopes of a nice pay increase! https://cyberexperts.com/aws_cloud_architect_tops_the_latest_salary_survey/ I am working toward earning this prestigious certification. I wanted to find a study program that would prepare me well. Since I work with dozens of folks who already have this and other AWS certifications, I figured that I should ask the experts! Getting AWS … Read more

Why you failed the CISSP exam and how to make sure you pass on the next try!

Why you failed the CISSP exam and how to make sure you pass on the next try!

If you work in the cybersecurity field, then you know that there are only four types of people: People who passed the CISSP exam People who are studying for the CISSP exam People who failed the CISSP exam People who are too fearful of taking the exam Having the CISSP certification is a must if you want to work in particular high-paying and highly rewarding environments. The CISSP exam is a gate. Those that have made it through that gate are often considered the elite in the cybersecurity field. Even if you passed the CISSP exam, likely, you did not … Read more

Your home wireless network is likely not very secure

Your home wireless network is likely not very secure

Most of us don’t think about hackers spying on our home internet activity and searching through our home computer files. In fact, most of us believe that our home lives are not interesting enough for hackers to waste their time trying to crack into our systems. But what if it does not take much time at all? What if you knew that your home wireless network could be easily compromised? What if you new that it was so easy to hack your home network that the teenager next door can do it in 5 minutes or less using software that … Read more

cissp

CISSP Adapative Exam – What to expect.

The vast majority of current CISSPs took their test in the old format. The test was a grueling 250 question test in which nearly 85% of the testers would take the entire allotted 6 hour exam time. But the exam was modernized at the end of 2017 The CISSP exam is now a “Smart Exam.” Beginning in December of 2017, the CISSP exam was changed to an adaptive format. The official name for this is Computerized Adaptive Exam (CAT). The CISSP is one of the first certification exams to move to this new platform. But the rest will soon follow. … Read more

Kevin Mitnick - The Most Infamous Hacker of All Time

Kevin Mitnick – The Most Infamous Hacker of All Time

The art of hacking has been in development for many years. The heyday of hacking was before the Internet even existed. There are amazing and exciting stories about hackers who hacked for notoriety, money, street cred, and just for personal accomplishment. Before the Internet, there were still many targets for hackers. Hackers reverse engineered casino games like slot machines. Hackers used social engineering and phone systems not only to have access to free long-distance calls but for financial gain. It was during this pre-Internet era that the number one most infamous hacker on our list crafted and honed his skills: … Read more

How to pass the CCNA Exam

How to pass the CCNA Exam

If you stumbled upon this article, then you are most likely familiar with what the CCNA exam is. It is a vendor-specific exam that covers the basics of networking. CCNA stands for Cisco Certified Network Associate. There are now multiple flavors of CCNA exams, including CCNA Security, CCNA Cloud, CCNA Data Center, and many others. Before all of the new flavors of CCNA were introduced, there was the original: CCNA Routing and Switching.  This test was an extremely comprehensive test that covered both basic and advanced topics. At some point the folks at Cisco decided to give the option of … Read more

AWS Cloud Architect Tops the Latest Salary Survey

AWS Cloud Architect Tops the Latest Salary Survey

Amazon Web Services (AWS) is the most significant player in the cloud, holding an astonishing 45% of the industry market share. Given this, there is a huge demand for experts in AWS cloud experts. The latest Salary Survey from CertMag.com proves that AWS professionals can make substantial salaries. The AWS Certified Solutions Architect certification is the most lucrative certification today. The average salary for holders of this certification is $146,960. People in the IT industry are rushing to prepare for the AWS Solutions Architect test. I know a few people in my circle that are studying for this test right … Read more

IAM vs IAT Certifications

IAM vs IAT Certifications

There is often some confusion about the difference between IAM and IAT certifications. Many times these terms are confused and interchanged. Both IAM and IAT were established by the Dept. of Defense in 2004. These are qualification standards meant to ensure that the Dept. of Defense IT systems are staffed with technical and management personnel who meet a certain standard of technical expertise. IAT stands for Information Assurance Technical. The IAT certification levels are achieved by passing specific exams and having certain work experiences that meet particular requirements. These requirements are focused on technical knowledge and are geared toward technical … Read more

AI and Facial Recognition will improve society

AI and Facial Recognition will improve society

There has been a lot of speculation on how the combination of artificial intelligence and facial recognition will affect the future.  This speculation focuses on how this technology will be intrusive of our privacy rights. It sounds scary It sounds a bit scary when you first think about it.  Anytime you are at an event, a mall, or even within a city, the cameras are watching.  When you combine these cameras with facial recognition, the whole context changes.  Government and even businesses will know who you are and where you are. Think about walking into a store.  The computers will … Read more

The Marriott  Hack - This is What will Happen Next.

The Marriott Hack – This is What will Happen Next.

Personal information from about 500,000,000 people who made reservations at a Starwood hotel was stolen by hackers.  These hotels include Sheraton, Aloft, W Hotels, and Westin Hotels.  Marriott acquired the Starwood Group back in 2016, but the compromise started way back in 2014 before the acquisition took place. Hackers had full access for four years This means that the hackers had plenty of time to learn, gather data, and exploit that data.  The hackers had access to everything in the system and used the Starwood system as their playground for four years. A data loss protection (DLP) system was in … Read more

Data Limitation Laws?

Data Limitation Laws?

It is usually not a good idea for lawmakers to get involved in cybersecurity beyond a certain point.  The reason for this is that lawmakers do not have an understanding of the technology that they are legislating. Case in point:  Australia is quickly enacting legislation that will require companies like Apple and Facebook to provide a way for law enforcement to read encrypted data.  This sounds nice on the surface because law enforcement can go after the bad guys easier.  But this law will be a boon for hackers because the encryption will be less secure.  There will be a … Read more

Cybersecurity Career Transition

How to Transition to a Cyber Security Career at Any Age

Are you thinking about doing a mid-career transition to a cybersecurity position? It is a great field to join.  There are currently millions of unfilled cybersecurity jobs in the US and countless more around the world.  There are not enough qualified applicants to fill these jobs. Because qualified applicants are limited, the salaries for cybersecurity jobs are on the rise.  It is common for cybersecurity positions to pay more than six figures to folks who have some strategic IT certifications and just a few years of experience. In your 30s, 40s, or 50s? It is never too late to get … Read more

Passwords Suck and Will Go Away - Here's How

Passwords Suck and Will Go Away – Here’s How

Why Passwords Suck Usernames and Passwords are not secure by nature.  Usernames and Passwords are controls that rely on “Something you know.”  Knowledge is easily transferable, and therefore, passwords are not secure. No amount of security training will eliminate or overcome human nature.  It is human nature to make passwords we can easily remember.  Passwords that are easy for us to remember are also easy for people to guess.  Passwords are also used over and over again on multiple accounts – bank accounts, email accounts, work accounts, etc. Worse yet, passwords our often openly shared among trusted individuals like family … Read more

Are Dark Web Scans Effective?

Are Dark Web Scans Effective?

The Dark Web is Anonymous The dark web is a scary place.  It is a network of websites teeming with illegal activity.  It is a secret place where visitors protect their identity by using techniques to keep identifying information (Like their IP address) hidden. There are several methods that people use to keep themselves anonymous when accessing the dark web.  You need to use the TOR browser to access the dark web. What can be Found on the Dark Web? As far as illegal stuff – you name it, and it can be found on the dark web.  Related to … Read more

pmp vs cissp

PMP vs CISSP

How does the PMP exam compare to the CISSP exam? When someone asked me that question, I thought it was rather odd.  How can you compare the PMP to the CISSP?  These are two completely different tests on two completely different subjects.  The PMP exam covers project management while the CISSP exam covers cybersecurity. But then I thought about it. The question is valid.  I expect that many people may be considering both the PMP and the CISSP.  Both of these certifications are considered the top certification in their respective fields.  So, this question deserves some thought. The value of … Read more

Hardware Encryption

Why Hardware Encryption is Not Secure

Hardware Encryption is not Secure A Little History… In the past, it was assumed that hardware encryption is far more secure than software encryption.  Many people, including security experts, still believe this to be true.  And in the past, it was true. But recent history has proven that hardware encryption is highly vulnerable.  The widely published recently discovered hardware encryption vulnerabilities include Spectre and Meltdown.  Both Spectre and Meltdown exploit flaws in processors. Our good friend Steve Gibson has also outlined severe security vulnerabilities in a hardware-encrypted solid-state drive (SSDs).  Every SSD that researchers have examined has been found to … Read more

Murder By Hacking

Murder by Hacking

When Hackers Kill Hackers have already – perhaps many times- have contributed to death by hacking into secure systems and releasing information.  This information has lead to the loss of life in many different ways, including suicide and murder. But hacking has now evolved to the point that cybercriminals can use computers to negatively affect and damage the physical world, including the murder of individuals and groups. Hackers have the power of mass-murder in their hands right now. Using malware to affect the physical environment is nothing new.  One of the most famous cases is the Stuxnet virus that was … Read more

What is Persian Stalker?

What is Persian Stalker?

Persian Stalker is targeting Iranian social media accounts. The “group” has been around since 2017, and they have been observed targeting social media accounts.  Specifically, this group focuses on gaining access and control of Instagram and Telegram accounts. Telegram is a popular service with about 40 million users.  Telegram is a communication app that has been used to organize protesters in Iran.  Of course, the Iranian government is not a fan of this service.  The Iranian government has actively requested that certain services and channels be shut down.  As far as we know, the Iranian government has not engaged in … Read more

More data shows that Americans are lackadaisical about security.

More data shows that Americans are lackadaisical about security.

A new research report Published by cybersecurity specialists, BestVPN.com, shows the state of online privacy in the United States. BestVPN surveyed 1,000 U.S. consumers to comprehend the state of online privacy in 2018. The report reveals a significant knowledge gap and suggests that, despite their fears, US citizens are not protecting themselves against the ever-growing amount of cyber-threats. In light of the 2018 information breaches and revelations, consumers were asked to detail their cyber hygiene habits. There is a significant distrust of social media platforms; 45% of consumers report feeling uncomfortable about using platforms that track and sell their information. … Read more

North Korean Cryptocurrency Scam Efforts - Marine Chain

North Korean Cryptocurrency Scam Efforts – Marine Chain

Experts think that the infamous North Korean hacker group Lazarus accounts for targeted strikes against five cryptocurrency exchanges. North Korea’s burgeoning cyber military seems to have especially honed its assault abilities to attack cryptocurrency-related organizations. In the face of mounting and crippling international sanctions, Pyongyang’s many hacker groups have adopted cryptocurrency-focused malicious attempts as an effective way of generating income to the reclusive country. Security specialists at Group-IB consider that the infamous North Korean Hacker group Lazarus accounts for targeting strikes against five cryptocurrency exchanges. According To security researchers in Recorded Future, even as Pyongyang’s ruling elite have gotten better … Read more

Hackers are Unstoppable?

Hackers are Unstoppable?

According to research by Kaspersky Lab, 86% of Cybersecurity professionals think that hackers are not stoppable and will eventually succeed at compromising the systems that the cyber pros are hired to protect. In my opinion, this awareness of the seriousness of the threat is admirable.  Such an attitude should keep us all on high alert. On the other hand, the view may also become a self-fulfilling prophecy. The most significant risks come from two groups:  criminal gangs and insider threats. Criminal gangs of hackers are generally motivated by financial gain. These types of breaches happen every day. Most of these … Read more

The Bloomberg article about Supermicro Supply Chain Hardware Hack

The Bloomberg article about Supermicro Supply Chain Hardware Hack

Everyone is talking about the Bloomberg Businessweek’s volatile report alleging that Chinese spies had implanted surveillance chips in the motherboards of computer servers. The report is not standing up to the smell test.  As president Trump would say – This is fake news. Apple, Amazon, and the other involved parties delivered strong denials.  If these companies saw any potential truth in the article they would have not issued such strong denials.  For one thing – if there was any truth in the article then each of these companies would have a high liability for misleading the public with the denials. … Read more