Posts

Week 10

One of the things we read about this week was the concept of basically cost-to-benefit analysis of risks and the mitigation techniques needed to reduce those risks. The example in the book I think was generally along the lines of “If a risk to an organization could potentially cost 10k, and the mitigation technique needed to mitigate it was greater than that, there’s little point in implementing the mitigation technique.” I think this is the kind of statement that can only exist in a capitalist society. There was a movie a while ago that went over a similar concept about like a business risk management evaluator who’s job it was to determine if the cost of a vehicle recall from something like a defective airbag (mitigating factor) was worth the risk (human life). The concept was if there were like 100k vehicles affected, and each one costs 2k to fix, and covering the cost of a lawsuit from a wrongful death charge at 1M a piece (or something like that, I don’t remember the numbers) th...
Post a Comment
Read more

Week 9

Out of all the security tools and methodologies we have talked about thus far, I think the computer forensic tools that can be used to trace the steps of an attacker are by far the coolest. Particularly, tools that allow the copying of an entire disk bit by bit including the ‘blank’ sections (which may have some ‘deleted’ data that has just been marked as able to be overwritten by the OS but not actually deleted yet) and other tools that can dump the contents of RAM to investigate fileless viruses. These types of programs always make me think of the constant cat and mouse game attackers and defenders are playing amongst themselves. Particularly, someone had the genius idea to not leave any evidence by running a malware in RAM which could not be picked up by hard drive scanners, so we started scanning RAM as well. I wonder what the mouse will do next, some predictions I have are part of the malware designed to detect these scanning tools and either deleting themselves or shutting...
Post a Comment
Read more

Week 8

This week we learned about automation concepts and technologies. One particular section I found interest in was the part on the REST API which is an API that can be built into a website that, like APIs in general, allow other websites or apps to integrate with it. The reading then goes on to talk about how the response codes that web browsers send are structured and that’s something I’ve never through about before. Codes starting with 1xx suggest its an informational message, 2xx mean success, 3xx mean a client redirection, 4xx means a client error, and 5xx means a server error. I’ve been using the internet for pretty much as long as I can remember, and have been met with more 404 and 503 errors than I can count, but am just now learning that they indicate client and server errors. One thing I don’t quite understand is how a 404 error can be considered a client error if the resource was not found on the server side. Perhaps the client is asking for a resource that doesn’t exist? ...
Post a Comment
Read more

Week 7

The more I learn about cyber security, the more thankful I become that I know this is not the field I want to/will go into. This week we talked about threat hunting which is a proactive method for securing an IT system by coming up with a hypothesis that an attacker has already gained access to the system and it’s your job to figure out how they got in and patch it out. While I completely get the concept of why something like this would be important, the only way I can imagine becoming any good at this method is by standing in the shoes of an attacking party and looking at your system through their eyes. This requires much more learning about the attacking process than I’m interested in. This type of exercise I think would be perfect for a white/gray hat hacker who loves to find vulnerabilities in systems. I am not that kind of person, and do not enjoy this process at all.
Post a Comment
Read more