Month: March 2018
10 Security Frameworks Every Cybersecurity Analyst Should Know
There are a number of frameworks that you'll need to know in order to familiarize your organization or agency with a range of leading guidelines and best practices to accomplish a necessary protection level from cyber incidents. Here are 10 security frameworks every cybersecurity analyst should know. 1. NIST Special Publication 800-53The "NIST," or the ...
PenTest Edition: Assessing WEP, WPS, WPA, and WPA2 Wi-Fi Networks with the “Fern Wi-Fi Cracker” Tool
Here's a fun assessment you can perform on your home network. I'm running Kali Linux 2018.1 in a virtual machine using VMware Workstation Player. My wireless network adapter is an Alfa AWUS036NHA with a 9dBi omni-directional antenna. Penetration testers may use the Fern Wi-Fi cracker as a security auditing tool to test the security of ...
Identifying Network-Related Symptoms of Cyberattacks
Let's assume you have the architecture of your network already established, but you'd like to able to detect any signs of malicious traffic traversing in and out of your network. One of the things your might want to consider is placing sensors in strategic locations of your network. Intrusion Detection Systems (IDSs) and Intrusion Prevention ...
DoS and DDoS Attacks: How They’re Executed, Detected, and Prevented
A DoS and a DDoS...What's the difference? A "Denial of Service," or "DoS" attack, is a category of advanced cyberattack in which a single malicious user denies legitimate users access to a service by blocking or exhausting the resources of a victim system. The DoS is commonly carried out through some form of flooding mechanism, ...
Covert Channels: How Insiders Abuse TCP/IP to Create Covert Channels
The TCP/IP protocol suite, our conceptual model we use to explain the way in which data travels across a network, contains a myriad of communication protocols. The TCP/IP protocol suite generically refers to two main protocols: TCP and UDP, but there are many other protocols, some of which can be abused to create covert channels. ...
The Cybersecurity Man 