Supply chain attacks demonstrate the need for multiple controls

If you’ve been paying attention to security news over the last few days, you’ve no doubt heard about the SolarWinds security compromise that has affected several US government agencies, the cybersecurity company FireEye, and possibly thousands of other private companies. I don’t want to give a detailed analysis of the event here, as there are better, more insightful posts about it elsewhere, but here’s a quick summary:

SolarWinds is the distributor of Orion, a network management program designed for large, enterprise-level networks. Essentially, a yet-to-be-identified (“officially,” at least — most analysts…


The Fundamentals Identity and Access Management

Who gets in? And where can they go?

Part of data privacy and protection in an enterprise environment involves Identity and Access Management (often shortened to IAM). Despite the many variations and complexities of IAM systems in corporate setups, the fundamental principle is pretty basic: IAM is about controlling who has who has access to what (and, usually, under what circumstances). IAM has been foundational to information systems from the very beginning. In fact, if you’ve ever signed in to a computer that’s had more than one user, you’ve (perhaps unknowingly) participated in a form of IAM. In this case, the operating…


Get in the spirit of the holidays with some hacking!

If you’re like me, you probably have a number of projects that you’re working on and tracking at any one time. It’s important to keep your skills fresh, and, if you can have a little fun while you’re at it, it doesn’t have to feel like work or a huge time sink. …


Want to be more efficient? Spend time on Good Documentation.

Today I want to talk about a topic that is often disparaged within certain departments and industries: documentation.

Contrary to popular opinion, the more documentation that exists, the better it can be.

Typically, documentation is seen as a “necessary evil” that wastes time or resources when an employee could be spending that time on more “productive” projects or problems to solve. As someone who often learns by digging into software and messing around with settings rather than thoroughly reading a manual cover-to-cover, I can certainly empathize with this perspective, but there comes a point when the need for good documentation is absolutely critical for…


or, How to See Malware Activity in Real Time.

I recently discovered Brad Duncan’s blog Malware-Traffic-Analysis.net. The blog is host to a variety of traffic analysis exercises, primarily involving malware infections that take place over a network and are documented in pcap files. It has really been scratching my digital forensics itch lately, and it allows for some detailed log analysis without having to spend an inordinate amount of time downloading a large VM and getting a full PenTest lab set up. I thought I would share one of the exercises I recently completed (which you can find here).

Here’s…


How to Subnet with only a little bit of memorization and math — no binary required

When I was first learning about networks, the topic that most consistently stumped me was subnetting. I am notoriously bad at doing anything other than simple math in my head, and it always felt like I was one step behind understanding what I needed to do to get the right result. To complicate matters, most online explanations for subnetting never really clicked for me — I (mostly) understood the theory of splitting up an address into multiple subnetworks, but who wants to spend an…


Getting started in scripting doesn’t have to be scary

Earlier this week, I was working on a project that required a little bit of python scripting. While not anything too complicated, it reminded me that I needed to stay fresh with my programming, and so, as a personal challenge, I decided afterwards to create a python script from scratch with as little internet-referencing as possible. In order to show how we can iterate a python script from something very simple into something gradually more complex, I decided to share my process below. …


Ransomware is on the rise in 2020

A growing concern for every industry just about everywhere is the topic of ransomware. Ransomware is not a new threat (the first documented case of ransomware occurred in 1989 for a whole $189), but incidents of ransomware have been increasing exponentially lately, especially as the world still reels from all of the destabilizing events of 2020. Ransomware is when a compromised system or network is encrypted or rendered otherwise unusable by a malicious third party, who then promises to restore functionality if a ransom is paid. …


Once you know the environment, it’s time to break in

Today we’re going to follow-up last week’s blog post about the information gathering phase of PenTesting with a post about the exploitation phase of a PenTest. As discussed last week, we’re running the VM “SoSimple” from VulnHub. We’ve already found a good deal of information about the VM, including an instance of Wordpress, as well as the login credentials for that Wordpress account.

The exploitation phase of a PenTest is when we take the knowledge we’ve gained about the system and try to find the cracks in the armor, so…


How much info can you get with a single tool? A lot, actually.

While working on some individual PenTesting this week, I decided to challenge myself and see how much information gathering I could do with just a single tool — MetaSploit Framework, one of the most popular hacking tools out there. This is a nonrealistic limitation, of course, since almost all PenTesting involves using as many tools at your disposal as possible, but it proved to be a fun challenge with a couple surprises and one unexplained issue, which I will lay out below.

Like my interest in digital…

Tim Smith

Cybersecurity and Communication. https://www.linkedin.com/in/tsmith6421/

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store