In a previous blog, I discussed securing AWS management configurations by combating six common threats with a focus on using both the Center for Internet Security (CIS) Amazon Web Services Foundations benchmark policy along with general security best practices. Now I’d like to do the same thing for Microsoft Azure. I had the privilege of being involved […]… Read More
The post 8 Cloud Security Best Practice Fundamentals for Microsoft Azure appeared first on The State of Security.
On February 11, 2020, Offensive Security introduced a major overhaul and update to their already fantastic course: Penetration Testing with Kali Linux. Those changes included updates to their lab environment. The study materials were substantially updated, with additional material including entire new sections on Bash Scripting, Active Directory Attacks, and PowerShell Empire. The training videos […]… Read More
The post More Lessons Learned About Trying Harder and Passing the Offensive Security Certified Professional Exam (OSCP) appeared first on The State of Security.
In this blog series, I will be putting the spotlight on useful Ghidra features you may have missed. Each post will look at a different feature and show how it helps you save time and be more effective in your reverse engineering workflows. Ghidra is an incredibly powerful tool, but much of this power comes […]… Read More
The post Ghidra 101: Slice Highlighting appeared first on The State of Security.
As a cybersecurity professional, how numb have you become to vendors who try to scare you with frightening statistics in an effort to sell you a new product? It is understandable that a vendor has to present as much information in a limited amount of attention-grabbing time, so their doomsday technique makes some sense. Perhaps the vendors’ […]… Read More
The post Fighting Cybercrime: We Are Stronger Together than We Are Individually appeared first on The State of Security.
As if dealing with COVID-19 were not enough, 2020 turned out to be a banner year for another troublesome strain of virus— ransomware. Malicious actors grew more sophisticated, daring and brutal. They also hit a number of high-profile targets. For those of you who didn’t keep up with all of the developments in the ransomware […]… Read More
The post A Review of Ransomware in 2020 appeared first on The State of Security.
2020 was dominated by news of the pandemic and anchored by reality that we all found ourselves in – entire families logging in remotely, trying to keep school and work feeling “normal.” While we tested the limits of what a home office could sustain, the privacy and security of a fully remote world was put front […]… Read More
The post Privacy in 2020 and What to Expect for the Year Ahead appeared first on The State of Security.
Unfamiliar territory As a security analyst, engineer, or CISO, there are so many aspects of the field that require immediate attention that one cannot possibly know everything. Some of the common areas of security knowledge include topics such as where to place a firewall, configuration and patch management, physical and logical security, and legal and […]… Read More
The post Don’t Let Your Stored Procedures Lack Integrity appeared first on The State of Security.