TRAINING : Awareness, CTI, Cyber Threat Hunting, Practical Ethical Hacking, HoneyPots

August is drawing to a close and has been an interesting month for many reasons.
I am starting a new job Sept 1st and the other is due to some great training I took.

While I finish off   Building Intrusion Detection Honeypots with Chris Sanders (Applied Network Defense) https://www.networkdefense.io/library/building-intrusion-detection-honeypots/about/

Awareness
SANS Awareness Summit https://www.sans.org/cyber-security-summit/#agenda
The past year or so, SANS has provided a steady stream of excellent free virtual Summits for everyone to enjoy. Appreciated and amazing!

 
Windows
I took Windows Post Exploitation with Kyle Avery and was impressed, Kyle is enthusiastic, highly skilled and explains things at the right level – at least for me ! I know very little about this area and as a blue team defender, I wanted to know a bit more of how some of the magic happens. This is a longer, more detailed version of “Getting Started in Covert .NET Tradecraft for Post-Exploitation” You can read more about the training courses offered here: https://wildwesthackinfest.com/training-schedule/

Now that the course is over, I need to get going on the cyber range that is included with all the online courses ! https://www.blackhillsinfosec.com/services/cyber-range/

CTI
An online Cyber Threat Intelligence course with Joe Slowik ; the best thing about this course is the level of interaction and dialog that takes place along with excellent material from an acknowledged CTI expert. https://paralus.co/training/

OT
Cybersecurity & Infrastructure Security Agency (CISA) offers a number of online courses via their Virtual Learning Portal. I am signed up for the 301V (Virtual) ICS Cybersecurity course starting Monday Sept 30. CISA regularly offers a number of these courses, go check them out here: https://ics-training.inl.gov/learn

If you have not already done so, you must subscribe to ICS Security: Friday News and Notes. Dale Peterson is a legend and his updates are well worth the time to read or watch. You can sign up here: https://friday.dale-peterson.com/signup

Incident Response Hierarchy of Needs – https://github.com/swannman/ircapabilities

Book of the month: An update to the classic by Tony Robinson (@da_667) Building Virtual Machine Labs: A Hands-On Guide (Second Edition) Get yours here: https://leanpub.com/avatar2

Cyber Threat Hunting
While writing this I also found that today Chris Breton of Active Countermeasures is holding a 6 hour online course called Cyber Threat Hunting Training today, so I signed up for that. Chris is a great instructor and also shares alot of high quality information via his webcasts: https://www.activecountermeasures.com/webcasts/

Finally, I signed up for Practical Ethical Hacking from TCM Security https://academy.tcm-sec.com/p/practical-ethical-hacking-the-complete-course/

Comments

Post a Comment

Popular posts from this blog

 Update for 2022 Merry Christmas and a Happy New Year to everyone. Special shout out to those safeguarding civilization in all the many forms this takes. Being on call is not for everyone, is it ?  My last update was a while back and I am clearly overdue for an update we go into 2023. So lets cover some of my observations and personal highlights of 2022: The continued success and growth of EnergiCERT ( https://energicert.dk/ ) is certainly strengthening and benefiting the cyber security of  Danish critical infrastructure. Wonderful team of people, well managed and motivated. Yeah, I am biased ;) Engarde Security continues to grow and be noticed; now has expanded and with an ics range ( https://www.engardesecurity.com/icsrange )  Highly skilled people and the ics range is very well done. Enjoyed an excellent ICS Security conference in Copenhagen in November:  (https://insightevents.dk/isc-cph/ ) But I still miss CS3 (https://cs3sthlm.se/ ) for many non technical...
Read more
In the beginning... The first computer incident I was involved in was the ILOVEYOU virus in May 2000 and that directly lead me into forensics, with my first investigation being in 2004.  I started out with a script from a book called “Windows Forensics and Incident Recovery” written by Harlan Carvey (@keydet89) https://windowsir.blogspot.com/   Thank you Harlan for all the books since and creating RegRipper https://github.com/keydet89/RegRipper3.0 While I started out with a humble script, the modern forensicator/Incident Responder has a huge variety of FOSS tools to choose from. The need for Windows deadbox forensics still exists, but the focus has shifted to incident response (IR), with the need for speedy accurate triage, to stop Ransomware. Given the rise in ransomware, data breaches and malware attacks, the need for IR is only increasing. The good news is the basics for Forensics and IR fields (DFIR) are basically the same – paraphrasing the experts...
Read more

Alls well that ends well...

 After the shock of loosing my job in June, I was fortunate to discover I had a very supportive network of friends, former colleagues and people I met over the years who provided much needed moral support who helped me move on. Eventually to a rather unique and special job at sektorcert helping protect Danish critical infrastructure.  Thanks to all of you who reached out with offers, coffee meetings and advice while I was on garden leave. Your comments significantly helped during this challenging time. I feel truly fortunate and grateful to be working where I am now, with a most excellent group of  colleagues. The combination of our mission and the fact we are a non profit organization that directly supports our members is a welcome change from the usual commercial aspects of every other company I have worked for over the past 30 + years, with the exception of Unicef. So I wish the readers a very Merry Christmas and a reasonably decent 2024; which is optimistic as hell; b...
Read more