Mar 27, 2022
Posted in blog, certification, Featured, forensics, Information Security
Recently, I challenged the GIAC/SANS GCTI exam. And I am excited to say I passed and have obtained the GCTI certificate!!!
The concepts for this course were much newer to me. Threat modelling, researching, and building a threat intelligence tech stack was amazing to learn. Usually, a threat intel program is conducted with very established and mature security programs. So, this is an area I have not seen too many people often get into. However, Threat Intel programs are slowly becoming more common. and knowing your adversary, as well as keeping track of an adversary that could potentially be targeting you is an awesome skill set to accomplish.
FOR578: Cyber Threat Intelligence class
I had taken the full course on threat intelligence. If you want to read my review of it check this blog post out –> https://www.stealthbay.com/a-review-of-for578-cyber-threat-intelligence/
Prepping for the exam
I highly advise everyone take the FOR578: Cyber Threat Intelligence course. You can get more details from here: https://www.sans.org/cyber-security-courses/cyber-threat-intelligence/
The course will prepare you for the exam and cover topics and tools that you will be tested on. There is a lot of material to learn in the course. So, dedicate a good amount of time towards learning the course material and all the concepts. The class was a huge learning experience in the world of Threat Intelligence.
After you take the course try going back to each book and building your index. After this, it is a good time to use up practice exam 1 and see how you fair in it. Use the section at the end, which lists out which sections you were weak in and go study them some more. Take practice exam 2 and hopefully this time you see an improvement. If so, then book your final exam within the next 2-5 days and go for it. This format always has worked well for me.
Making an Index
Read More Of ThiS Post
Mar 27, 2022
Posted in blog, certification, Information Security
Why take this course?
For me Threat Intelligence has been an area of interest. Many organizations are still in the mindset and position of being very reactive. You notice something odd and investigate it further. However, not a lot of organizations are as proactive, where they go our and research threat actors/adversaries. Or building their own threat intel database that covers incidents within their own org. And, with that not just pulling in public and private threat feeds. But, also building your own indicators, and additional defensive mechanisms. This course will teach you all of that and much more!
Day 1
You will learn about actual incidents and case studies that took place. And, how CTI (Cyber Threat Intelligence) played a huge role in identifying each threat actor. There are topics just on general “what is threat intelligence”, and different threat models that can be used to develop a program. Overall, day 1 is very much a more theory and introduction type of day.
Day 2
Day 2 things start to get more fun! There is lots of learning about the kill chain life cycle, and really understanding how it functions in respect to threat intel. There are great topics on more detailed threat models, how to apply them and how to analyze various types of logs for key indicators. You also get a good grasp on networking, and forensics analysis techniques.
Read More Of This Post
Jul 26, 2021
Posted in blog, Information Security, Malware, mobile, security awareness
I have had this question come up quite a lot from people asking “hey, how would I know if my phone is hacked, it has been doing some weird things”.
So here is a list of items you should check to assess if your mobile phone might be compromised.
What might show my phone got hacked ?
Check Your Data Usage
Most mobile devices will let you check how much data each app has used up. For apps related to social media it would make sense for them to use up a lot of data. But if you have an app, you barely use, and you can see there is quite a lot of data usage on it. That might indicate that it has been running and sending/receiving data. Compromised apps, may tend to use more data since the attacker may be trying to send data over your phone to their own systems. A good way to measure this is to check your app data usage every month. So, you get to know what the average data usage if for each app you use.
Pop ups or Ads
This one is an obvious one, if you see random ads popping up out of no where. Or random windows pop up on your screen. There is a good chance your phone has malware, and/or an app was installed and could have full access to your mobile device. You should go through ALL your apps to see what you have running on your mobile device. If there is anything that you see which should not be running or installed. Remove the app and check to be sure it was removed with the app no longer showing up as running/installed.
Your Phone gets hot all the time
A phone gets very hot to touch when it’s running an app that takes up a lot of processing power. And, that makes your phone start to heat up. If this is happening to a point where your phone is always super hot to touch. Then chances are a malicious app is running all the time causing your phone to heat up. This is a good chance to view all apps running and see which one has been running the most. It could be an indicator that it is a malicious app and should be removed.
How did I get hacked ?
READ MORE OF THIS POST
Apr 5, 2017
Posted in Featured, Information Security, portfolio, Reviews
Passing the CISA exam – Certified Information Systems Auditor
So I though it would be interesting to post up a blog post about my experience challenging the the CISA exam last year in 2016.
I had started this blog a bit afterwards, and never really thought about posting my experience. But, many others have always asked about my experience taking the CISA exam ,and if there were any tips I could give them to better their chances of passing the exam. My hope is this post helps those that end up reading this and gives them a better insight on the adventure of obtaining the ISACA CISA certificate.
Preparing for the CISA exam
(more…)
My name is Harry Taheem
I am a Cyber Security Engineer.
My aim is to post things I learn or find interesting and allow others to hopefully gain some more insight. I also plan on posting general IT related issues, as I’d like 
