Cybersecurity – General

There is a time for subtly evaluating a target, spotting a potential vulnerability, and quietly exploiting it to accomplish a goal.  There are also times when it is fun to swing the big meat axe to obliterate obstacles with overwhelming force.  This is part 5 of my Journey of Learning, if you ...

Hi again, welcome back!  This series is about the things I am learning on my way to the OSCP exam.  This is part 4, and if you would like to see the previous posts, you can do that here.  In my last post, I said that I was going to be writing about kernel exploits next.  Kernel exploits are ...

Welcome to the third installment of my Journey of Learning.  This series is a look into my studying and preparation for the OSCP exam.  If you missed the previous story, you can catch up here.  The ContentOverload application I am building to explore some of the exam topics has some new ...

It’s important to evaluate your security posture and identify areas that need improvement, but a successful security assessment does not happen on accident. Have you ever wondered what goes into planning a security assessment? There is no “one-size-fits-all” security assessment strategy. ...

Welcome to my journey of learning.  This series is about my preparation for the OSCP exam.  More specifically this series is about how I use the things I am learning for my CTF hobby in my role on the Data Analytics team here at Set Solutions.  If you would like to know more about how this got ...

Vulnerabilities are a fact of life. It’s an imperfect world. There is simply no way to avoid them. Fortunately, vulnerabilities can be detected, and resolved or mitigated to remove or limit the risk they present. The goal is not to try and achieve a world with zero vulnerabilities—the goal is ...

I have spent a lot of time around security professionals, but I am not sure that I would consider myself one of them. Maybe a better way to say that is that I am a not traditional security professional.  In a field as diverse as information security, maybe the idea of a traditional security ...

There are many vectors for an attacker to penetrate an organization. The method of taking advantage of vulnerabilities in an environment is one of the common vectors for an attacker. I have had an opportunity to work with some of the vulnerability assessment tools; they are not listed in any ...

Geek Alert Before you read further into this first blog post of my two-part series, be warned that I am about to make analogies comparing Web API security to the epic fantasy trilogy The Lord of the Rings by J.R.R. Tolkien. Yes, I am unapologetically going full geek in this short series. One ...

Background If you work in Information Security, Technology, or even if you are just a person who stays up to date with recent news headlines, you probably already know about the “Sunburst” hacking fiasco that came to light at the end of December 2020.  I use the term “fiasco” ...