556 Forensics: Answers through intelligence

Class: Penetrations and Remediations

Source: Software Freedom School I will be conducting a class for the Software Freedom School on July 11. The class will take place at Denhac. Here are the details about the class: Class: Penetrations and Remediations Date: July 11, 2015, 11AM – 4PM Location: Denhac, 700 Kalamath St, Denver, CO 80204 [ Google Maps ] See the post at SFS: The pastRead the rest of this page »

VulnHub – TopHatSec – FartKnocker – Vulnerable Distribution

It’s been a little while since I posted, so I figured I would do a write-up of completing the TopHatSec – FartKnocker vulnerable distro (VulnHub) today. This was a relatively easy challenge, but it was really fun, using some of my IR analyst skills to analyze pcaps and so on. I would rate this as being a very easy/beginner level challenge,Read the rest of this page »

Scary new healthcare breach statistics

Source: DarkReading Interesting new statistics out today about some scary new healthcare breach statistics. It has now been determined that breaches are now responsible for more damages than employee error. So, while I understand, many might laugh at this statistic, but in all actuality, it is a very scary statistic. All things being said, people make mistakes, in fact, theyRead the rest of this page »

Packt Publishing – Giving free books away, again

Packt Publishing “Free Learning” is giving away books, from yesterday, April 30th – May 17th. Make sure you check Packt Publishing daily and get a copy of a free book.

TrueAbility: Linux Showdown 9 – Arena Challenge

Source: Linux Showdown 9: Arena Challenge | TrueAbility So, admittedly, I did terribly awful at the Linux Showdown 8 at TrueAbility. It wasn’t an area, where my linux expertise has taken me in the past; so I simply gave up after 10 minutes of staring at my screen, with the challenge, looking so lonely up there, without me adding anyRead the rest of this page »

Review: Malware Investigator (iLEEP, FBI tool for investigating malware)

So, several months ago, I wrote about a tool that the FBI was going to make available for members of InfraGard, called Malware Investigator. This tool was set to provide members of law enforcement, and InfraGard to provide analysis on submitted malware. I said that I would provide a detailed write-up, regarding how useful the tool is, and how itRead the rest of this page »

Review: Cyborg Hawk Linux 1.1

I downloaded a copy of Cyborg Hawk Linux 1.1 several weeks ago, and unfortunately didn’t get around to actually installing it, and using it until today. My very first impressions were about how “beautiful” the desktop; but that is about where the beauty ends. So, on to my use of it: There are a bunch of tools on there, aRead the rest of this page »

Is AES-256 Vulnerable?

Source:  The Conversation and InfoWorld Happened across a couple articles today, that I found interesting, is AES-256 vulnerable to attack? After reading the articles (IANAM – I am not a mathematician), it seems like the answer is no, for now. Should we be worried? – I don’t think so, we are constantly working on new encryption algorithms, and to sayRead the rest of this page »

Poking the Bear – Running a SSH Honeypot

Decided I would set up a SSH honeypot, for a bunch of reasons, and not only to poke the bear. If you’re not familiar with what a ssh honeypot is, it is a “virtual” environment setup to replicate a ssh server, and once in, it replicates the basic look and feel of a server you would ssh into. In myRead the rest of this page »

Why we should care about encryption

Source: TED I use encryption in nearly aspect of my life. Some uses are more effective than others, admittedly, however, there is encryption everywhere. For an example: My Android phone is encrypted My computer’s partitions are LUKS encrypted The website you’re reading this on, is encrypted Encryption is an integral part of life, in assuring both security and integrity ofRead the rest of this page »

Mike has over 15 years experience in the Information Technology profession. His leadership, advanced technical skills, and knowledge in information security and digital forensic analysis has helped him to excel as an expert in security compliance.