Ho ho ho and welcome to my very first ever SANS Holiday Hack Challenge write-up! That’s right this is the very first time I have participated in a Holiday Hack Challenge and to be honest, this is the first Capture the Flag I have participated ever in my life. I haven’t even had the privilege yet to attend a SANS event. Although I hope to change that soon. That might sound crazy but it’s true. I...
There is bound to be a number of phishing emails you will get that will be easy to spot. Fortunatly there is still a fair amount of large phishing campaigns that take more of the spray and pray approach than one of researching and targeting a specific organization or person. The ones that can really get you are the simple ones, with just a little text, a photo of a trusted brand and a link and ...
In this blog post i’m going to share one quick and easy technique you can use to protect your company from 2 different types of CEO fraud. The technique I detail in this blog post is not the only way to detect these emails. It’s just one of many ways. Also. please know that nothing in this blog post is new or ground breaking. I don’t propose any new fancy techniques. There are times in security...
Have you ever used a piece of software that provides no way of saving attachments or reports directly to a file? Yeah, me too. It’s frustrating. I’m very passionate about automating repetitive tasks and the frustration I’ve had over this particular issue has caused me to look into a solution. What I found was that I can use my beloved Powershell, in combination with Microsoft Exchange Web Servi...
I had the opportunity to attend the 2018 NYS Cybersecurity Conference held in Albany NY. The conference is held every year in June and this year marked 21 years of the conference. I’ve attended this conference twice now, the first time last year (2017), and I always get a lot of value from this trip. This time I had the chance to also take a full day of training on the topic of DevSecOps (which...