A collection of free security training resources and books. Good places to start.
Classes
Metasploit Unleashed - https://www.offensive-security.com/metasploit-unleashed/
Technet Labs (Do search for PKI) - https://technet.microsoft.com/en-us/virtuallabs/bb467605.aspx
VMware Labs - http://labs.hol.vmware.com/HOL/catalogs/catalog/123
(Concentrate on VMware NSX intro and advanced)
Books
Security Engineering by Ross Anderson - https://www.cl.cam.ac.uk/~rja14/book.html
Learn python the hard way (Use the try it for free) - http://learnpythonthehardway.org/
Coursera Courses
Cybersecurity (All Courses below. Only $49 if you want the specialization cert) - https://www.coursera.org/specialization/cybersecurity/7
Cryptography 1 (Standford Course) - https://www.coursera.org/course/crypto
Software Security - https://www.coursera.org/course/softwaresec
Cybersecurity and its ten domains - https://www.coursera.org/learn/cyber-security-domain
Cryptography (University of Maryland) - https://www.coursera.org/course/cryptography
Hardware Security - https://www.coursera.org/course/hardwaresec
Bitcoin and cryptocurrency technology - https://www.coursera.org/course/bitcointech
Usable Security - https://www.coursera.org/course/usablesec
Cryptography 2 - https://www.coursera.org/course/crypto2
Information Security and Risk management in context - https://www.coursera.org/course/inforiskman
Surveillance Law - https://www.coursera.org/course/surveillance
I highly recommend this one for counterintelligence purposes
Designing and executing information security strategies - https://www.coursera.org/course/infosec
Kahn Academy
Computer Science - https://www.khanacademy.org/computing/computer-science
Collection of Security Defense tactics
Privacy and security conscious browsing - https://gist.github.com/atcuno/3425484ac5cce5298932
Best Practices on securing active directory - https://blogs.microsoft.com/cybertrust/2013/06/03/microsoft-releases-new-mitigation-guidance-for-active-directory/
Better Crypto hardening - https://bettercrypto.org/faq/
Mitigating pass the hash version 1 and 2 - https://www.microsoft.com/en-us/download/details.aspx?id=36036
Getting Started with virtual smart cards - https://technet.microsoft.com/en-us/library/dn579260.aspx
Sunday, August 23, 2015
Thursday, August 20, 2015
Best security caution you can take with a chromebook
Getting a chromebook? One of the best precautions you can take.
Sync while using a custom passphrase
Sign in to your Chromebook.
Enter your passphrase.
Click the status area, where your account picture appears.
Click Settings.
In the "People" section, click Advanced sync settings.
In the box that appears, choose what you want to sync:
To sync everything, select Sync everything from the dropdown menu.
To choose specific items to sync, select Choose what to sync from the dropdown menu, then check the items you want to sync.
Click OK.
Note: You'll need to enter the passphrase on each Chromebook you want to sync. If you've forgotten your passphrase, go to Google Dashboard and remove sync information from your Google Account, then set up sync again.
Why Would I do this?
hands-on experience shows that the default is only to encrypt the password and not necessarily the synced user data. If you put in custom password you can select to encrypt all your sync data... with your password.
Tuesday, August 4, 2015
Truecrypt Compromised?
An interesting article today on how the FBI cracked a hidden partition truecrypt volume that had a 30 character password.
http://www.theregister.co.uk/2015/08/04/truecrypt_decrypted_by_fbi/
So what happened and how is this possible? I personally don't think truecrypt has been broken or compromised. I think there are a few possible ways of how this hidden partition was cracked.
Option 1:
The feds more than likely had this guy under surveillance for months and since this could clearly be a national security issue they could have been authorized to compromise his pc using a zero day exploit like the ones recently exposed by the hacking team leak. Keyloggers more thank likely would have played a pivotal role in cracking the 30 character password so quickly.
Option 2:
He was using a password manager to manage all his passwords and had a weak master password and the feds managed to crack it.
Option 3:
To protect user data from compromise he obviously had to plug that hard disk into a system to remove the classified docs from the server that contained it. Users have no right to privacy on these types of systems. Maybe the FBI didn't crack anything at all. It is possible to have DLP software that quitely monitors all metadata transferred to removable mediums that offer no form of encryption to give the users the appearance that no file transfers are monitored when a simple query would be able to tell the feds exactly what was copied into the hidden partition.
http://www.theregister.co.uk/2015/08/04/truecrypt_decrypted_by_fbi/
So what happened and how is this possible? I personally don't think truecrypt has been broken or compromised. I think there are a few possible ways of how this hidden partition was cracked.
Option 1:
The feds more than likely had this guy under surveillance for months and since this could clearly be a national security issue they could have been authorized to compromise his pc using a zero day exploit like the ones recently exposed by the hacking team leak. Keyloggers more thank likely would have played a pivotal role in cracking the 30 character password so quickly.
Option 2:
He was using a password manager to manage all his passwords and had a weak master password and the feds managed to crack it.
Option 3:
To protect user data from compromise he obviously had to plug that hard disk into a system to remove the classified docs from the server that contained it. Users have no right to privacy on these types of systems. Maybe the FBI didn't crack anything at all. It is possible to have DLP software that quitely monitors all metadata transferred to removable mediums that offer no form of encryption to give the users the appearance that no file transfers are monitored when a simple query would be able to tell the feds exactly what was copied into the hidden partition.