Tuesday, May 23, 2017

Tech Tip Tuesday - WannaCry Additional Prevention Advice

The WannaCry epidemic may be over but the copycats, or as I like to call them "#cryptocats", are just starting. Newly discovered malware, dubbed “EternalRocks”, leverages seven of the leaked “NSA tools”. WannaCry only used two. The #NoMoreRansom has some good prevention advice for everyone.

https://www.nomoreransom.org/prevention-advice.html

If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
Posted by at No comments:
Labels: , , , , ,

Tuesday, May 9, 2017

Tech Tip Tuesday - Security Onion

Here’s a long overdue post. Security Onion is a Network Security Monitoring (NSM) tool. It contains full packet capture, network/host intrusion detection systems (IDS), and powerful analysis tools all on one platform. If you follow the walkthrough you can go from downloading the image to analyzing packets in a couple of hours.

https://github.com/Security-Onion-Solutions/security-onion/wiki/IntroductionWalkthrough

If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
Posted by at No comments:
Labels: , , , , , ,

Tuesday, May 2, 2017

Tech Tip Tuesday - Cisco Packet Tracer 7.0 Design Challenge

The Packet Tracer Challenge runs from April 17 to May 12, 2017. You are given a scenario and tasked to use Packet Tracer 7 to engineer a solution. The winner of the challenge will receive a $500 gift card. I am interested in seeing the creative solutions people come up with. Will we see your entry?

https://www.facebook.com/PacketTracerChallenge/

If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
Posted by at No comments:
Labels: , , , ,

Tuesday, April 25, 2017

Tech Tip Tuesday - Tcpreplay

Tcpreplay is a free tool that you can use to *drumroll*... replay network traffic. You can ask the Google to find you find sample PCAPs (from CTF competitions, forensics puzzles, etc) and replay them to train/familiarize yourself with what right/wrong looks like in your lab environment. It’s slightly safer than downloading malware for demonstration purposes.

https://n0where.net/edit-and-replay-network-traffic-tcpreplay/

If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
Posted by at No comments:
Labels: , , , , , , , , , ,

Tuesday, April 18, 2017

Tech Tip Tuesday – Homograph Attacks

This is straight out of Wikipedia. https://en.wikipedia.org/wiki/IDN_homograph_attack

“The internationalized domain name (IDN) homograph attack is a way a malicious party may deceive computer users about what remote system they are communicating with, by exploiting the fact that many different characters look alike, (i.e., they are homographs, hence the term for the attack). For example, a person frequenting citibank.com may be lured to click a link in which the Latin C is replaced with the Cyrillic ะก.”

This vulnerability coupled with convincing phishing campaign could easily dupe the savviest of users. Bad guys/gals can make it even more convincing by getting valid certificates for their domain. Chrome 59 is patched and Firefox has a workaround by not providing a user friendly way of reading IDNs. https://www.xudongz.com/blog/2017/idn-phishing/

If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
Posted by at No comments:
Labels: , , ,

Wednesday, April 12, 2017

Tech Tip Tuesday - Protect Yourself from Your ISP

If you still have concerns over the new found rights of ISPs to sell or use your private data for their benefit, the Electronic Frontier Foundation (EFF) put together a list of measures you can take to keep your private information… private.

https://www.eff.org/deeplinks/2017/04/heres-how-protect-your-privacy-your-internet-service-provider

If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
Posted by at No comments:
Labels: , , , , ,

Tuesday, April 4, 2017

Tech Tip Tuesday – Just Say No Thank You

Who reads their EULA (end user licensing agreement) or any other privacy notice for services they use their services? Maybe we should before (or in addition to) installing a VPN and user TOR to browse. Your ISP should give you the ability to Opt Out of (Customer Proprietary Network Information) CPNI which they use to market communications-related services. They basically monitor you web traffic to customize what advertisements you receive. I’m not saying you shouldn’t share your information. I think you should just be aware of what you are implicitly agreeing to.

https://www.usatoday.com/story/tech/columnist/2017/04/02/take-these-5-steps-help-protect-your-privacy-online/99953034/

If you have a Tech Tip you want to share, send them to info@cyberhui.org and we'll get them out next #TechTipTuesday.
Posted by at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)