Posts by Tag

Brain Dump

Themes and Thoughts from the 2018 NYS Cybersecurity Conference

  5 minute read  

I had the opportunity to attend the 2018 NYS Cybersecurity Conference held in Albany NY. The conference is held every year in June and this year marked 21 years of the conference. I’ve attended this conference twice now, the first time last year (2017), and I always get a lot of value from this trip. This time I had the chance to also take a full day of training on the topic of DevSecOps (which...

My 5 Step Infosec Learning Methodology

  5 minute read  

Learning (Noun): The acquisition of knowledge or skills through experience, study, or by being taught. There are many ways to learn and everyone has a different style that works best for them. When reading my thoughts below take into consideration that I much more prefer audio/video than reading. To me this is because when it comes to audio I can listen passively while I do something else, like...

Back to top ↑

Phishing

How to Check a Sketchy Link Without Clicking It

  3 minute read  

Let’s say you’re working through your dozens of emails, responding to clients or customers or business partners and you come across this one email from your bank informing you that you need to reset your password. This email comes completely out of the blue and to top it off you don’t recognize the senders email address. Do you click it?

Anatomy Lesson of a UPS Phishing Email

  2 minute read  

There is bound to be a number of phishing emails you will get that will be easy to spot. Fortunatly there is still a fair amount of large phishing campaigns that take more of the spray and pray approach than one of researching and targeting a specific organization or person. The ones that can really get you are the simple ones, with just a little text, a photo of a trusted brand and a link and ...

Quick And Easy Ways to Protect Your Company From CEO Fraud

  5 minute read  

In this blog post i’m going to share one quick and easy technique you can use to protect your company from 2 different types of CEO fraud. The technique I detail in this blog post is not the only way to detect these emails. It’s just one of many ways. Also. please know that nothing in this blog post is new or ground breaking. I don’t propose any new fancy techniques. There are times in security...

Back to top ↑

Training

Defensive Cybersecurity Mega List - FREE Training Resources

  6 minute read  

A mega huge list of Cybersecurity Training Resources, that are completely FREE. This list has a little bit of everything, from Blogs and Webcasts to college level courses. This list is for anyone who is new to cybersecurity or is just getting into the industry and has only a few years experience. I think you will find this to be a really great starting point for advancing your knowledge and han...

My 5 Step Infosec Learning Methodology

  5 minute read  

Learning (Noun): The acquisition of knowledge or skills through experience, study, or by being taught. There are many ways to learn and everyone has a different style that works best for them. When reading my thoughts below take into consideration that I much more prefer audio/video than reading. To me this is because when it comes to audio I can listen passively while I do something else, like...

Back to top ↑

Conferences

Themes and Thoughts from the 2018 NYS Cybersecurity Conference

  5 minute read  

I had the opportunity to attend the 2018 NYS Cybersecurity Conference held in Albany NY. The conference is held every year in June and this year marked 21 years of the conference. I’ve attended this conference twice now, the first time last year (2017), and I always get a lot of value from this trip. This time I had the chance to also take a full day of training on the topic of DevSecOps (which...

Back to top ↑

Blueteam

Defensive Cybersecurity Mega List - FREE Training Resources

  6 minute read  

A mega huge list of Cybersecurity Training Resources, that are completely FREE. This list has a little bit of everything, from Blogs and Webcasts to college level courses. This list is for anyone who is new to cybersecurity or is just getting into the industry and has only a few years experience. I think you will find this to be a really great starting point for advancing your knowledge and han...

Quick And Easy Ways to Protect Your Company From CEO Fraud

  5 minute read  

In this blog post i’m going to share one quick and easy technique you can use to protect your company from 2 different types of CEO fraud. The technique I detail in this blog post is not the only way to detect these emails. It’s just one of many ways. Also. please know that nothing in this blog post is new or ground breaking. I don’t propose any new fancy techniques. There are times in security...

Back to top ↑

Powershell

Using Powershell and Microsoft EWS Managed API to download attachments in Exchange 2016

  7 minute read  

Have you ever used a piece of software that provides no way of saving attachments or reports directly to a file? Yeah, me too. It’s frustrating. I’m very passionate about automating repetitive tasks and the frustration I’ve had over this particular issue has caused me to look into a solution. What I found was that I can use my beloved Powershell, in combination with Microsoft Exchange Web Servi...

Back to top ↑

Microsoft Exchange

Using Powershell and Microsoft EWS Managed API to download attachments in Exchange 2016

  7 minute read  

Have you ever used a piece of software that provides no way of saving attachments or reports directly to a file? Yeah, me too. It’s frustrating. I’m very passionate about automating repetitive tasks and the frustration I’ve had over this particular issue has caused me to look into a solution. What I found was that I can use my beloved Powershell, in combination with Microsoft Exchange Web Servi...

Back to top ↑

Scripting

Using Powershell and Microsoft EWS Managed API to download attachments in Exchange 2016

  7 minute read  

Have you ever used a piece of software that provides no way of saving attachments or reports directly to a file? Yeah, me too. It’s frustrating. I’m very passionate about automating repetitive tasks and the frustration I’ve had over this particular issue has caused me to look into a solution. What I found was that I can use my beloved Powershell, in combination with Microsoft Exchange Web Servi...

Back to top ↑

CEO Fraud

Quick And Easy Ways to Protect Your Company From CEO Fraud

  5 minute read  

In this blog post i’m going to share one quick and easy technique you can use to protect your company from 2 different types of CEO fraud. The technique I detail in this blog post is not the only way to detect these emails. It’s just one of many ways. Also. please know that nothing in this blog post is new or ground breaking. I don’t propose any new fancy techniques. There are times in security...

Back to top ↑

Regex

Quick And Easy Ways to Protect Your Company From CEO Fraud

  5 minute read  

In this blog post i’m going to share one quick and easy technique you can use to protect your company from 2 different types of CEO fraud. The technique I detail in this blog post is not the only way to detect these emails. It’s just one of many ways. Also. please know that nothing in this blog post is new or ground breaking. I don’t propose any new fancy techniques. There are times in security...

Back to top ↑

AWS

Back to top ↑

Holiday Hack

2019 SANS Holiday Hack Challenge Write Up

  1 minute read  

Ho ho ho and welcome to my very first ever SANS Holiday Hack Challenge write-up! That’s right this is the very first time I have participated in a Holiday Hack Challenge and to be honest, this is the first Capture the Flag I have participated ever in my life. I haven’t even had the privilege yet to attend a SANS event. Although I hope to change that soon. That might sound crazy but it’s true. I...

Back to top ↑

CTF

2019 SANS Holiday Hack Challenge Write Up

  1 minute read  

Ho ho ho and welcome to my very first ever SANS Holiday Hack Challenge write-up! That’s right this is the very first time I have participated in a Holiday Hack Challenge and to be honest, this is the first Capture the Flag I have participated ever in my life. I haven’t even had the privilege yet to attend a SANS event. Although I hope to change that soon. That might sound crazy but it’s true. I...

Back to top ↑

Write-up

2019 SANS Holiday Hack Challenge Write Up

  1 minute read  

Ho ho ho and welcome to my very first ever SANS Holiday Hack Challenge write-up! That’s right this is the very first time I have participated in a Holiday Hack Challenge and to be honest, this is the first Capture the Flag I have participated ever in my life. I haven’t even had the privilege yet to attend a SANS event. Although I hope to change that soon. That might sound crazy but it’s true. I...

Back to top ↑

Mega List

Defensive Cybersecurity Mega List - FREE Training Resources

  6 minute read  

A mega huge list of Cybersecurity Training Resources, that are completely FREE. This list has a little bit of everything, from Blogs and Webcasts to college level courses. This list is for anyone who is new to cybersecurity or is just getting into the industry and has only a few years experience. I think you will find this to be a really great starting point for advancing your knowledge and han...

Back to top ↑