GCHQ, the British version of the NSA, has developed an educational app to “help students explore the fascinating world of cryptography”. The app was designed by British STEM students. Do you know of any other student developed security tools?
http://www.gchq.gov.uk/press_and_media/news_and_features/Pages/cryptoy-app-released.aspx
If you have a #CyberPatriot Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
Tuesday, December 30, 2014
Tuesday, December 23, 2014
Tech Tip Tuesday – $1,000 FREE from Amazon Web Services (AWS)…
AWS and edX have partnered up to offer students, who successfully complete the FREE edX Entrepreurship 101 or 102 class, $1,000 worth of AWS for FREE. This is the perfect combination for tech savvy entrepreneurs looking to build their business.
https://www.edx.org/AWS-activate
If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
https://www.edx.org/AWS-activate
If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
Tuesday, December 16, 2014
Tech Tip Tuesday – Teach a Man to Phish
A recent Google study finds that the most successful phishing websites capture data from 45% of its visitors. Phishing attacks have been around since Anna Kournikova and will continue to be a thing as long as people keep clicking. They usually involve a current event (e.g. Ebola, Ferguson, Korean Air nuts) to incite some emotional response. Our friends at Intel Security put together this 10-question quiz. Take the quiz and let us know how you did.
http://www.cbsnews.com/news/mcafee-intel-security-phishing-quiz-can-you-spot-a-scam-dont-be-so-sure/
If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
http://www.cbsnews.com/news/mcafee-intel-security-phishing-quiz-can-you-spot-a-scam-dont-be-so-sure/
If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
Wednesday, December 10, 2014
Tech Tip Tuesday - Google Firing Range
Are you looking for another tool to test your web applications? Why not use what Google uses? The tool is "a collection of unique bug patterns drawn from vulnerabilities that Google has seen in the wild". http://googleonlinesecurity.blogspot.com/2014/11/ready-aim-fire-open-source-tool-to-test.html
If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
Tuesday, December 2, 2014
Tech Tip Tuesday – Hour of Code
The Hour of Code is happening December 8-14, 2014. Last December 20 million students did Hour of Code. Even if you don’t plan on participating in the event, check out the website and start coding. There is age appropriate content from ages 4 to 104.
http://code.org/
If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
Tuesday, November 25, 2014
Tech Tip Tuesday – Cisco Games Arcade
Are you studying for the Cisco Networking Quiz for Round 2 of CyberPatriot VII? If you have gone through the Cisco Networking Academy but want something difference try out the games in the Cisco Games Academy. The “Subnet Game” can give you some virtual experience in IP subnetting.
https://learningnetwork.cisco.com/community/learning_center/games
If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
https://learningnetwork.cisco.com/community/learning_center/games
If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
Tuesday, November 18, 2014
Tech Tip Tuesday – Google Guide for Technical Development
As seen on @lifehacker, Google’s Guide for Technical Development recommends academic courses available from online for FREE. This isn’t an end all be all list but it’s a great start. The fine print: “Checking off all items in this guide does not guarantee a job at Google”
http://www.google.com/edu/tools-and-solutions/guide-for-technical-development/index.html
If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
http://www.google.com/edu/tools-and-solutions/guide-for-technical-development/index.html
If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
Tuesday, November 11, 2014
Veterans Day Tech Tip Tuesday – National Initiative for Cybersecurity Careers and Studies (NICCS) for Veterans
The NICCS has a collection of educational and career opportunities for veterans. It’s a good start for transitioning vets or vets looking to further their education.
http://niccs.us-cert.gov/home/veterans
If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
http://niccs.us-cert.gov/home/veterans
If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
Tech Tip Tuesday – Gnu on Windows (GOW)
Do you want to take advantage of tools commonly found on *nix systems but can’t commit to loading a new operating system? Of course there’s the 100+MB installation of Cygwin, but why not try GOW at 18MB.
https://github.com/bmatzelle/gow/wiki
If you have a #CyberPatriot Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
https://github.com/bmatzelle/gow/wiki
If you have a #CyberPatriot Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
Wednesday, November 5, 2014
Tech Tip Tuesday - Cisco IOS Commands
Here’s a Cisco IOS command cheat sheet you can use for Round 2 of CyberPatriot VII. Don’t count on the question mark to get by.
http://www.pantz.org/software/ios/ioscommands.html
If you have a #CyberPatriot Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
http://www.pantz.org/software/ios/ioscommands.html
If you have a #CyberPatriot Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
Tuesday, October 28, 2014
Tech Tip Tuesday - Fun with IP Subnetting
CyberPatriot VII Round is coming up November 14-16, 2014. There are three images (Ubuntu, Vista, Windows 8) AND a networking quiz on the Cisco Networking Academy site. Check out this site if you need help getting started with IP subnetting or just need a refresher. Hopefully it won’t be on IPv6.
http://www.wikihow.com/Calculate-Network-and-Broadcast-Address
If you have a #CyberPatriot Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
http://www.wikihow.com/Calculate-Network-and-Broadcast-Address
If you have a #CyberPatriot Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
Tuesday, October 21, 2014
Tech Tip Tuesday – Offensive Computer Security Training
Florida State University has made their lecture slides and YouTube videos available for their Spring 2014 CIS 4930/CIS 5930. I know that people are uneasy about “offensive” training but it the instructor sums up their motivation as “Teaching only defense is like teaching people only to play goalie in soccer when you don’t even know what the goal looks like.”
http://www.cs.fsu.edu/~redwood/OffensiveComputerSecurity/lectures.html
If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
http://www.cs.fsu.edu/~redwood/OffensiveComputerSecurity/lectures.html
If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
Sunday, October 19, 2014
CONTINUING PROFESSIONAL EDUCATION (CPE) Credits
If you have an industry certification, you probably have a requirement to maintain CONTINUING PROFESSIONAL EDUCATION (CPE).
By participating in CyberPatriot, you have the ability to earn qualified CPEs. The following information was pulled from the most recent certification guidelines. Be sure to check your certification's policy on CPEs prior to claiming them.
The most important area in regards to CPEs is documentation of what you did.
ISC2
Through CyberPatriot participation, you can obtain CPEs through three different options.
Preparing for presentation/lecture/training – Group A or B credit
CPE credits are earned for the time spent in preparing for the non-work related presentation, lecture or training materials. CPE credits are not earned for the time spent on presenting the course, lecture, or training. Members could claim Group A credits when the presentation, lecture or training, i.e., activities cover topics directly related to one of the domains of their respective credential.
However, if topics of the presentation, lecture or training, i.e., activities are not directly related to one of the domains of the credential, but content of those activities will still enhance members’ overall professional skills, knowledge, education, or competency, members could claim Group B credits.
Number of CPE credits that can be claimed under this category is based on the number of hours spent preparing for the activities – in relation to the presentation time – limited to a maximum of a 2-hour presentation (See Table 3). For example, four CPE credits could be claimed for the initial preparation of training materials, lecture or presentation for a one hour presentation. CPE’s may be earned for updating an existing presentation as described in Table 4. This CPE activity is only relevant for short presentations up to 2 hours in length. Examples include Webinars or Pod Casts.
Credits are not earned for teaching or training courses that are of multiple days, weeks, or months in length. Tables 3 and 4 provide limits to the number of CPEs earned for preparation time.
Volunteering for government, public sector, and other charitable organizations – Group A only
Members are entitled to one Group A CPE credit for each hour of volunteer work. As documentation of their volunteer efforts, members must retain a signed confirmation on the organization’s letterhead, indicating the number of hours of volunteer work they have performed. This volunteer work must be
related to a member’s (ISC)2 credential.
Preparing new or updating existing training seminar or classroom material – Group A credit
Instructors, teachers or professors can earn CPE credits for the time spent in preparing information
security training or course material to teach in training seminars or academic classes. The material must be new but not recycled or repeated one. CPE credits are not earned for the time spent for presenting the material. Members could claim Group A credits when the coursework or training material is directly related to one of the domains of their respective credential(s).
Although CPE credits are earned for preparation of the material, but it is calculated based on the length of the training, seminar or course taught (See Table 6). A 500 word essay explaining what was learned from preparing the material is required to be submitted when posting/claiming CPE credits for this category. For example, two CPE credits could be claimed for the initial preparation of new, not repeated, training or coursework materials for a 1-day seminar or class when submitted with the 500 word essay. CPE credits may be earned for updating existing seminar or course material at the same rate as described in Table 6 and must be accompanied with a 500 word essay.
Table 6
EC-Council
EC-Council refers to their continuing education as EC-Council Continuing Education (ECE). EC-Council may be a little harder to justify, but they do have an ECE area that may qualify.
Preparing for training classes in a related domain
This credit can only be taken for preparing for the class and can only be claimed once unless you upgrade the materials and then the upgrade can be claimed.
See this site for more info:
http://portal.eccouncil.org/delta/announcement.htm
DOCUMENT, DOCUMENT, DOCUMENT.
There are many ways to document CPEs. My preference is to leverage Google Calendar. When I attend an event (conference, webinar, chapter lunch, etc), I put it in my calendar and I put CPE in the description. If I receive a receipt or some other type of documentation, I take a picture with my phone and attach it to the calendar invite.
When it comes time for me to update my CPEs, I just search my calendar during a certain time frame for the term CPE and all the events come up. If I am ever audited, my documentation can be retrieved from the calendar.
If you have information on another certification and would like us to add it to this blog, please send it to info@cyberhui.org.
By participating in CyberPatriot, you have the ability to earn qualified CPEs. The following information was pulled from the most recent certification guidelines. Be sure to check your certification's policy on CPEs prior to claiming them.
The most important area in regards to CPEs is documentation of what you did.
ISC2
Through CyberPatriot participation, you can obtain CPEs through three different options.
Preparing for presentation/lecture/training – Group A or B credit
CPE credits are earned for the time spent in preparing for the non-work related presentation, lecture or training materials. CPE credits are not earned for the time spent on presenting the course, lecture, or training. Members could claim Group A credits when the presentation, lecture or training, i.e., activities cover topics directly related to one of the domains of their respective credential.
However, if topics of the presentation, lecture or training, i.e., activities are not directly related to one of the domains of the credential, but content of those activities will still enhance members’ overall professional skills, knowledge, education, or competency, members could claim Group B credits.
Number of CPE credits that can be claimed under this category is based on the number of hours spent preparing for the activities – in relation to the presentation time – limited to a maximum of a 2-hour presentation (See Table 3). For example, four CPE credits could be claimed for the initial preparation of training materials, lecture or presentation for a one hour presentation. CPE’s may be earned for updating an existing presentation as described in Table 4. This CPE activity is only relevant for short presentations up to 2 hours in length. Examples include Webinars or Pod Casts.
Credits are not earned for teaching or training courses that are of multiple days, weeks, or months in length. Tables 3 and 4 provide limits to the number of CPEs earned for preparation time.
Table 3. Initial Presentation
| Presentation Time | CPEs | Prep Time | Number of CPE Credits Allow for Prep Time |
|---|---|---|---|
| 1/4 hour (15 mins) | 0 | 1 hour | 1 |
| 1/2 hour (30 mins) | 0 | 2 hour | 2 |
| 1 hour | 0 | 4 hour | 4 |
| 1 hour | 0 | 6 hour | 4 |
| 1 1/2 hour | 0 | 6 hour | 6 |
| 2 hour | 0 | 8 hour | 8 |
Table 4. Updating Existing Presentation
| Presentation Time | CPEs | % of Presentation Update | Number of CPE Credits Allow for Updating Existing Presentation |
|---|---|---|---|
| 1 hour | 0 | 25% | 1 |
| 0 | 50% | 2 | |
| 0 | 75% | 3 | |
| 2 hours | 0 | 25% | 2 |
| 0 | 50% | 4 | |
| 0 | 75% | 6 |
Volunteering for government, public sector, and other charitable organizations – Group A only
related to a member’s (ISC)2 credential.
Preparing new or updating existing training seminar or classroom material – Group A credit
Instructors, teachers or professors can earn CPE credits for the time spent in preparing information
security training or course material to teach in training seminars or academic classes. The material must be new but not recycled or repeated one. CPE credits are not earned for the time spent for presenting the material. Members could claim Group A credits when the coursework or training material is directly related to one of the domains of their respective credential(s).
Although CPE credits are earned for preparation of the material, but it is calculated based on the length of the training, seminar or course taught (See Table 6). A 500 word essay explaining what was learned from preparing the material is required to be submitted when posting/claiming CPE credits for this category. For example, two CPE credits could be claimed for the initial preparation of new, not repeated, training or coursework materials for a 1-day seminar or class when submitted with the 500 word essay. CPE credits may be earned for updating existing seminar or course material at the same rate as described in Table 6 and must be accompanied with a 500 word essay.
Table 6
| Instruction Time | CPEs for Instruction Time | CPEs for Prep Time +500 word Essay |
|---|---|---|
| 1 Day Course | 0 | 2 |
| 2 Day Course | 0 | 5 |
| 5-7 Day Course | 0 | 10 |
| Semester (12 weeks or more) | 20 | 2 |
EC-Council
EC-Council refers to their continuing education as EC-Council Continuing Education (ECE). EC-Council may be a little harder to justify, but they do have an ECE area that may qualify.
Preparing for training classes in a related domain
This credit can only be taken for preparing for the class and can only be claimed once unless you upgrade the materials and then the upgrade can be claimed.
See this site for more info:
http://portal.eccouncil.org/delta/announcement.htm
DOCUMENT, DOCUMENT, DOCUMENT.
There are many ways to document CPEs. My preference is to leverage Google Calendar. When I attend an event (conference, webinar, chapter lunch, etc), I put it in my calendar and I put CPE in the description. If I receive a receipt or some other type of documentation, I take a picture with my phone and attach it to the calendar invite.
When it comes time for me to update my CPEs, I just search my calendar during a certain time frame for the term CPE and all the events come up. If I am ever audited, my documentation can be retrieved from the calendar.
If you have information on another certification and would like us to add it to this blog, please send it to info@cyberhui.org.
Tuesday, October 14, 2014
Tech Tip Tuesday – MOOCs
MOOCs, not Moops, are Massive Open Online Courses. We’ve
shared a couple of them in previous posts but wanted to share a little more.
They are normally free and utilize the same content from in residence courses from
MIT, Stanford, Princeton, etc. I will say that requires some internal
motivation to complete. Coursera is offering one from Stanford on Surveillance
Law that starts today.
If you have a Tech Tip you want to share, send
them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
Wednesday, October 8, 2014
Tech Tip Tuesday - The Power of Cron
Have you ever heard about cron? Cron allows linux users to schedule jobs to run periodically at fixed times, date or intervals. Typical uses for cron is to schedule your backups, or a script you have written.
http://www.pantz.org/software/cron/croninfo.html
If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
http://www.pantz.org/software/cron/croninfo.html
If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
Wednesday, October 1, 2014
Tech Tip Tuesday - Shellshock
Have you heard about Shellshock? It has gained much attention the past week and rightly so. The folks at the Internet Storm Center have videos to explain what exactly Shellshock is. Remember to always keep your machine up to date on the latest patches.
https://isc.sans.edu/diary.html?date=2014-09-29
If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
https://isc.sans.edu/diary.html?date=2014-09-29
If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
Tuesday, September 23, 2014
Tech Tip Tuesday - Kali NetHunter
If you have a Google Nexus device laying around and you wanted to load Kali Linux on it, well you're in luck. Offensive Security has released NetHunter that can be installed on your Nexus devices to use as a portable penetration testing device.
http://nethunter.com
If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
http://nethunter.com
If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
Wednesday, September 17, 2014
Tech Tip Tuesday – Netcat
It’s known as the Swiss army knife because it can do almost anything.
Port scanning, banner grabbing, DNS forward/reverse checking, transferring
files, and making Julienne fries. Well maybe not the fries. The good people at
the SANS Institute put together this cheat sheet to help you get started.
If you have a Tech Tip you want to share, send them to
info@cyberhui.org and we'll get them out next #TechTipTuesday.
Tuesday, September 9, 2014
Tech Tip Tuesday - iPhone wiping
Whether you're planning on selling your old iPhone on Craigslist or just trading it in for an upgrade to the new iPhone 6 or 6 Plus, make sure you remove all your personal information. Apple has a couple of ways for you to do this. It will keep your Backstreet Boys playlist between you and your earphones.
http://support.apple.com/kb/HT5661
If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
http://support.apple.com/kb/HT5661
If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
Monday, September 8, 2014
Cyber Hui CyberPatriot VII Self Assessment Survey
Last year I utilized a self-assessment survey for Leilehua. This helped me gauge the student's knowledge and skill level prior to starting my training regime with them.
Our goal was to find and develop subject matter experts for each core area: Windows, Linux, and Networking. We put together 2-person teams for each of the core areas. We leveraged the results of the survey to help form the teams.
Additionally, the survey helped me get contact info for the students. As a mentor, the ability to communicate and share information with the students is vital. My main form of communication outside of the classroom was email.
I also used the survey as a post self-assessment to gauge the how much the students felt they learned from the competition and the training I provided. This has led me to shift my training plan for this year.
I placed the survey online and made it available to any coaches or mentors that would like to use it. If you decide to use it,
1. Email info@cyberhui.org with your school name and contact info
2. Give your students this url (http://bit.ly/CPVIISA)
3. I will send you the results of what they submitted.
Our goal was to find and develop subject matter experts for each core area: Windows, Linux, and Networking. We put together 2-person teams for each of the core areas. We leveraged the results of the survey to help form the teams.
Additionally, the survey helped me get contact info for the students. As a mentor, the ability to communicate and share information with the students is vital. My main form of communication outside of the classroom was email.
I also used the survey as a post self-assessment to gauge the how much the students felt they learned from the competition and the training I provided. This has led me to shift my training plan for this year.
I placed the survey online and made it available to any coaches or mentors that would like to use it. If you decide to use it,
1. Email info@cyberhui.org with your school name and contact info
2. Give your students this url (http://bit.ly/CPVIISA)
3. I will send you the results of what they submitted.
Wednesday, September 3, 2014
Tech Tip Tuesday – Two Factor Authentication (2FA)
Are you worried about your
personal information from your Apple iCloud or Dropbox getting in the wrong
hands? Trail of Bits put together a walkthrough to setup 2FA on those services.
What is 2FA? Two-factor or multi-factor authentication uses a combination of
these three things. 1. Something you know (password, PIN) 2. Something you have
(smart card, phone) 3. Something you are (fingerprint, retina). 2FA will
protect you from password guessing and brute force attacks.
If you
have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get
them out next #TechTipTuesday.
Subscribe to:
Posts (Atom)