Penetration Testing

I recently had the opportunity to meet with a few aspiring cybersecurity students and talk to them about the virtues of IDSes, IPSes, Firewalls, Honey Pots, and compensating controls. It was a blast, and it’s clear that the future is in good hands with these professionals at the wheel. After my little talk, I told them about a tool that would help them learn how to hack WiFi even if they didn’t have equipment. I had gotten the knowledge from Black Hill’s Security Blog. I asked if any of the students had heard of Black Hills, and they said. “No”. I responded that Black Hills was one of my favorite blogs that came across my RSS feed. I saw some puzzled looks. ...

Log4j It was December 9, 2021. I was working as a Vulnerability Management Consultant working for X-Force Red. Suddenly, it was all hands on deck. A new vulnerability had hit the scene and it was EXPLOSIVE. Log4j was a little logging library that java used and it was in EVERYTHING. All of our clients had it and they were worried. We spent weeks working with each of our POC’s (Point of Contact) and helping them identify their vulnerable machines. ...