Cody Richardson

 Learning cybersecurity or any "specialty" within IT can be challenging. Whether you're a Sysadmin, Security Analyst, Network Engineer, or Database Administrator, there's a lot of learning involved. So how do you get started? And what can help you along? There are two concepts that I often find myself coming back to: Black Boxes and Elephants. Black Boxes - Focusing on What's Important When I'm learning something I frequently ask why or how. I usually have to ask (and find out) or I have trouble focusing on the actual subject I'm trying to learn. As you can imagine, this can be both a good and bad thing. Go too far down the rabbit hole? You've lost your way and have become distracted. Be inquisitive and learn some of the details behind new concepts? Now you have a deeper understanding of a topic. This is where Black Boxes come in. Try to recognize when you've strayed too far from the original path, mark it for later reading, and let that area func

Overview Most personal computers and many organizations running Linux servers utilize password-based authentication. This is what most of us are used to -- you enter a username and password in order to authenticate your account and gain access to a system. While straightforward and commonplace, this isn't the best solution in most cases. Today I'll be explaining why key based authentication is more convenient, more secure, and allows for automation of tasks without saving credentials in plain-text in a text file. Key based authentication involves the use of private and public keys ( public-key cryptography ). The private key is stored on the client and the public key is stored on the server in a special file ( ~/.ssh/authorized_keys ). This allows any system with the corresponding private key to login to the server where we just stored the public key. Our steps are: Generate key pair (public / private key). Transfer public key and add it to the authorized_keys file on the remot

Depending on your industry your company may be subject to adhere to many, one, or no compliance requirements. Even for companies that have no compliance requirements, following the associated guidance and controls often results in a more secure and better documented environment. Today I'll be covering a high-level overview of some of the most common compliance requirements we run into in information security -- what they're used for, how they're different, and who they might apply to. This list is far from exhaustive, so if I've excluded any you think should be here please comment and let me know. Disclaimer: Do not take the information provided here as definitive or current to your or your organization's compliance status or situation. Consult the appropriate legal and/or regulatory guidance for your situation. ISO 27001 ISO 27000 is a family of standards published by the International Organization for Standardization . The most popular of these (at least within in

Certificates are amazing. They are all standardized, there's a single, universal, secure format that most everyone uses, just about anyone can manage them, and a single validation failure in a chain can no longer cause production outages. Now that the jokes are out of the way, if you're anything like me you find it difficult to keep track of the certificate formats, how they're encoded, which formats allow for the private key to be included and which don't, why exactly I need to use one format of certificate on this box but it needs to be converted before I put it on Windows, etc. But certificates actually play a vital role in security and they're important to understand. I won't be covering all certificate formats today, but I'll cover several -- including the most common ones and what differentiates them from other certificate formats. Note I define certificate format as the defined formatting of the certificate (defined in an RFC or otherwise), and certi

Today we'll be exploring Hashcat -- "the world’s fastest and most advanced password recovery utility". This, along with similar tools, should be used only for password recovery, pentest engagements, CTFs, etc and never for illegal purposes. I could write an entire series about the capabilities Hashcat provides, but we will cover a few basic examples for now ( besides, Hashcat does a pretty good job of that themselves ): Crack MD5 hashes using the rockyou.txt wordlist. Crack NTLM hashes using the rockyou.txt wordlist. Crack NTLM hashes using a mask attack (modified brute force). I'll be using Kali Linux as Hashcat comes pre-installed, but Hashcat can run on Windows, macOS, and other Linux distributions as well. As you'll see, I'll be using some lists of hashes I made previously. Tools to generate hashes using dozens of algorithms are available online -- just save the output as a text file if you want to follow along. Cracking MD5 Hashes Using rockyou.txt Wordl

Anyone on the blue team side of security thinks about how to prevent and train users not to click on phishing emails. Phishing emails are the initial vector for the vast majority of companies that fall victim to ransomware , and others harvest credentials to be used in data breaches . Office 365 / Exchange Online provides built-in protections for anti-spam and anti-phishing efforts (including ATP), but these can also be combined with 3rd party external vendors such as Symantec, ProofPoint, Cisco, SOPHOS, and more. With these technologies in place the percentage of phishing emails that are received by your users drops significantly. Most provide protection even if an email gets through by screening links and attachments if a user clicks on them (in addition to your local AV software). But because we know that some of the emails will get through and we want them deleted as soon as possible, we have two options: Send out an email asking people to be aware of a phishing email circulating t

The days of needing a 4 post rack (or a solid table), a spare room in your house, and an increased electric bill for a home lab are long gone. Between virtualization and the cloud, there are more options than ever to create a great home lab for minimal cost. While I'm a fan of cloud resources, the free tiers on most cloud platforms can be limited or you have to be very careful what you enable so as not to get charged. It's for these reasons I'm going to stay away from the cloud for today -- I want this process to be completely free for anyone that wants a home lab. This leaves us with a few options for virtualization. The most popular are VirtualBox, VMware, and Hyper-V. Hyper-V will require a Windows operating system, and VMware Workstation has changed in availability over the years and is currently a paid product. This leaves VirtualBox -- completely free, has most of the features available in the paid VMware Workstation, and will work on Windows, macOS, or Linux

    The lives of many and the global economy have recently been thrust into uncertainty. As of this writing, COVID-19 has forced many businesses to cut hours, lay-off workers, or even close permanently. Not to mention the operational strain currently placed on the healthcare system, delivery/shipping services, and those from almost every other industry. We know this will pass - it's what will happen between now and then that has many concerned. For the businesses that can, having employees work from home has become the solution to slow the bleeding.      Will US businesses that were previously against it now let sick employees work from home instead? Or will a realization of lost productivity cause businesses to dig their heels in once and for all that you need to be in the office to be productive? Many have written about ways to better work from home  and how to keep a connection with co-workers despite the proverbial water-cooler no longer being there. Then of course there i