search
top
Currently Browsing: Information Security

Earning the Microsoft 365 Threat Protection CCP Badge

I am super honored to say that I am now officially part of the Microsoft 365 Threat Protection Customer Connection Program as a Community Member!

You can view the official badge & details here -> https://www.credly.com/badges/b6a58efe-386f-43c6-a056-2e1defbf45a6/public_url

I have been extremely fortunate to be able to help drive many of Microsoft’s security tools and roadmaps. For those members that are part of the M365 Threat Protection CCP group. They get a chance to contribute heavily to provide feedback on Microsoft Security products. In the end, it helps enhance the security roadmap that Microsoft plans out. Some of the technologies we get to help drive forward and further enhance are listed below.

For example:

READ MORE OF THIS POST

Passing the GCFA exam

Recently, I challenged the GIAC/SANS GCFA exam. And I am excited to say I passed and have obtained the GCFA certificate!

This was one of the more detailed courses I had taken in awhile. The IR and Threat hunting sections were not as new to me. However, the memory and forensics section were very deep and detailed. Normally, most organizations will contract out major forensic type of work to 3rd party external partners. So, the forensics section was something I do not work on as often. But I found learning and getting the knowledge of various ways malware can hide in memory, or how to detect Time stomping attacks from malware was extremely fun and exciting to learn. Feeling incredibly grateful to learn about all these new attack techniques and detection mechanisms.

Prepping for the exam

I highly advise everyone take the SANS FOR 508 course. You can read my review of it here -> https://www.stealthbay.com/review-of-sans-for-508/

The course will prepare you for the exam and cover topics and tools that you will be tested on. There is a lot of material to learn in the course. So, dedicate a good amount of time towards learning the course material and all the concepts. The class itself was amazing especially when you get into Memory Analysis, File system analysis and the Anti-forensics sections.

Read more of this post

InfoSec-Jobs.com – A rare Cyber Security job listings site

I wanted to post about a very cool one-of-a-kind cyber security job listing website. If you are looking into getting a job specializing in cyber security, you are in luck!  One of my friends has created a website dedicated towards connecting like minded cyber security professionals and hiring managers.

What is InfoSec-Jobs.com?

It is a highly focused website listing out only cyber security positions. You can check out the website here: https://infosec-jobs.com/

It has listings that only consist of security focused and related jobs or positions. If you are a hiring manager, it is a great place that allows you to post your current open positions if you are looking for some talented cyber security professionals.

The website also does not sell your personal information, CV/Resume details to any other parties, and no external trackers are used on the site. The website is built to protect every user’s personal information.

It is a rare website, as most other IT job related websites showcase various IT positions. There are none that really focus just on cyber security positions. So this is a new rare gem to check out and bookmark!

Read More Of This Post

Review of SANS FOR 508 & Winning the CTF Coin

So, just before the end of a remarkably interesting and odd 2020 year. I decided to go ahead and take the FOR 508 class on Advanced Incident Response, Threat Hunting, and Digital Forensics. I felt this was a course that could really benefit security practitioners for understanding best practices & methods related to IR. As well as, learning new techniques for threat hunting in a large enterprise environment. I decided to put up a post listing our what you can plan to learn from this course should you decide to take it.

Winning the Coin

One of the coolest parts of the class is Day 6 (more details listed later). You get a chance to join into teams and compete in a class APT Threat group challenge. The team that wins the CTF gets an award in the sign of a special course specific SANS Coin. On top of that, SANS will add your name to the Community DFIR Coin holders list! It is a great achievement, and I have to say the challenge was very realistic and fun to tackle.

Read More Of This Post

Domain Registry Scam by giv.com

There has been a domain scam particularly in Canada that has been going on for quite awhile. When I was introduced to it taking place and being a person, they also tried to target. I decided it would be best to expose how they try to scam people so that people do not fall prey to them. I have heard stories of people falling for this scam. This post is for the ones that end up landing on this blog post for more info.

Why is this important

Personally, reading all the comments and posts online about these scammers. I feel the right thing to do is to create some awareness, so more people do not fall prey to the scam. There are many innocent victims, who may fall for this scam due to the lack of cyber security awareness. So, lets go out there and educate people and let them know about this scam. Hopefully, it can at least prevent a few people from falling prey to this scam.

What did they do

This organization is sending thousands of letters on an ongoing basis to people. These mailed letters show up at your home or offices and make it seem like it is an urgent matter to address right away. The letter will state a domain name you own, the expiry date of the domain, a section to paste your credit card number, and an envelope the mail the form back.

Read more Of This Post

« Previous Entries

top