1 - Mark Ciampa's Blog (Security+ 6e)

    • 5 Jan 2021

    Cloud Shifts, Architectures, and Protections

    [Reading Time - 3 minutes 00 seconds] The COVID-19 pandemic of 2020 is generally recognized as accelerating migrations that were already progressing, albeit at a more moderate pace. The pandemic has just quickened that pace. For example, consider online delivery and pickup of grocery orders. In August 2019, prior to the pandemic, online grocery sales totaled $1.2 billion. Yet just over one year later in the midst of...
    • 28 Dec 2020

    Nashville Bombing

    [Reading Time - 3 minutes 47 seconds] At 6:30 AM on Friday (Dec 25 2020) a bomb blast shook part of downtown Nashville, TN. There are several takeaways from this incident that relate to security. A recreational vehicle (RV) parked on 2nd Avenue North exploded and damaged 41 businesses; one building completely collapsed. The perpetrator of the blast was the only person killed. There were several reasons why a massive...
    • 21 Dec 2020

    SolarWinds - Part 3

    [Reading Time - 3 minutes 50 seconds] In the wake of the SolarWinds Orion attack (see Dec 19 2020 and Dec 20 2020 blog postings), where do we go from here? As previously noted, some are claiming this attack is a watershed moment. For example, one tech company says: It’s critical that we step back and assess the significance of these attacks in their full context. This is not “espionage as usual,” even...
    • 20 Dec 2020

    SolarWinds - Part 2

    [Reading Time - 4 minutes 12 seconds] In our SolarWinds - Part 1 blog (see Dec 19 2020 blog posting) we looked at the background of SolarWinds and how this massive and sophisticated attack took place. And the sophistication of this attack is particularly mind-blowing. Detailed postings from FireEye and Microsoft show the very high level of technical expertise that went into this attack. For example, here is a quote from...
    • 20 Dec 2020

    SolarWinds - Part 1

    [Reading Time - 4 minutes 45 seconds] It's an understatement to say that the year 2020 will long be remembered. COVID-19. Elections. Social unrest. The list goes on and on. And now to there is another major event to add to 2020: a massive cyberattack has recently been uncovered (Dec 9 2020). And "massive" is a good way to describe it. The number of the victims is massive, with perhaps as many as 400 of the...
    • 14 Dec 2020

    1969 Zodiac Killer Code Cracked

    [Reading Time - 2 minutes 30 seconds] In today's world of super-fast computers and advanced cryptography {Chapter 3 Security+ 6e} it's tempting to think that a coded message 51 years old would be easy to crack. That has not been the case with the infamous Zodiac Killer code--until earlier this month (Dec 3 2020) when three amateur sleuths were able to uncover the underlying ciphertext {Chapter 3 Security+ 6e}...
    • 11 Dec 2020

    IoT Update

    [Reading Time - 3 minutes 38 seconds] There have been some recent advancements in IoT security and privacy. Will these new initiatives have an impact on securing these devices and protecting the data that is collected? First, a quick IoT primer. The Telecommunication Standardization Sector of the International Telecommunication Union (ITU-T) defines the Internet of Things (IoT) {Chapter 10 Security+ 6e} as "A global...
    • 2 Dec 2020

    How Good Is Threat Intelligence?

    [Reading Time - 3 minutes 5 seconds] [NOTE: The completely revised "CompTIA CySA+ Guide to Cybersecurity Analyst 2e" textbook will be available in Spring 2021. Below is an excerpt from the book.] Cybersecurity threat data and intelligence, also simply known as threat intelligence (TI), is a booming segment within the cybersecurity industry. The commercial market for these products and services is valued at over...
    • 30 Nov 2020

    Password Manager Update

    [Reading Time - 2 minutes 29 seconds] A recent research paper examined the primary features of 13 different password managers {Chapter 11 Security+ 6e}. The results show that while most of these tools are strong and continue to improve, there are still weaknesses that all users need to be aware of. The research looked at the three main categories of password managers: app-based password managers that are stand-alone programs...
    • 21 Nov 2020

    How Experts Detect Phishing Emails

    [Reading Time - 3 minutes 27 seconds] Everyday you receive a ton of emails in your inbox. How do you determine if a given email is a phishing {Chapter 2 Security+ 6e} email or it is legitimate? A recent study by the security researcher Rick Wash of Michigan State University uncovers some fascinating details about how IT experts determine if an email is phishing or legitimate. And he makes a strong case that the current...
    • 14 Nov 2020

    What's New In Security+ SY0-601

    [Reading Time - 2 minutes 41 seconds] As noted earlier this week (see Nov 12 2020 blog posting) the new Security+ certification exam SY0-601 was released on Nov 12 2020. What's in the new certification? How is it different from the current SY0-501? First, let's look at some overview information about Security+. What exactly is Security+? Security+ is defined as an "entry-level cybersecurity certification...
    • 12 Nov 2020

    New Security+ SY0-601 Certification Exam Released Today (Nov 12 2020)

    [Reading Time - 2 minutes 23 seconds] The new Security certification exam SY0-601 is released today (Nov 12 2020). And the new book from Cengage that covers this new certification is ready for instructors today to sample and will be ready for everyone in January 2021. The CompTIA Security+ Guide to Network Security Fundamentals, Seventh Edition, covers all of the new certification exam objectives. Below is an excerpt...
    • 3 Nov 2020

    Disinformation Attacks?

    [Reading Time - 2 minutes 19 seconds] It's election day here in the U.S. And taking a page out of the playbook of the 2016 election, there will certainly be a multitude of social media users--both international nation state actors {Chapter 1 Security+ 6e} as well as domestic rabble rousers--who will flood social media with fake information (aka lies). It could be false information (such as how to vote via Twitter...
    • 31 Oct 2020

    Privacy vs. Profits?

    [Reading Time - 2 minutes 25 seconds] Data privacy {Chapter 13 Security+ 6e} is a major concern among users today. Apple recently announced that they will give users even more control over protecting their privacy. But that has resulted in a complaint being filed against Apple. Is the complaint because it will result in a loss of revenue for some organizations? Are we now in a battle of privacy vs. profits? Earlier this...
    • 14 Oct 2020

    Ransomware Update Part 3 - Should You Pay the Ransom?

    [Reading Time - 2 minutes 30 seconds] Should an organization hit with a ransomware {Chapter 2 Security+ 6e} attack pay the ransom? Looking at it from a purely cost-benefit analysis, these are the reasons for paying the ransom: It avoids regulatory fines for losing important data It is often covered by cyberinsurance No highly confidential information is lost Paying the ransom is usually is the least costly option The...
    • 13 Oct 2020

    Ransomware Update Part 2 - New Tactics & Higher Ransoms

    [Reading Time - 3 minutes 29 seconds] Pretend for a moment that you are an attacker and you have just successfully locked up an organization's environment with your ransomware {Chapter 2 Security+ 6e}. But the organization refuses to pay your ransom demands. Is there anything else that you could do to persuade them to pay up? Until recently the answer was essentially no: if they didn't want to pay, then there...
    • 11 Oct 2020

    Ransomware Update Part 1 - New Targets

    [Reading Time - 3 minutes 48 seconds] It's obvious that 2020 will long be remembered as the year of COVID-19. But for cybersecurity professionals 2020 will also be remembered as the year of ransomware {Chapter 2 Security+ 6e}. The number of incidents of ransomware attacks continues to dramatically increase. Organizations large and small, public and private, across all industries and countries face a never-ending onslaught...
    • 7 Oct 2020

    UEFI Attacks

    [Reading Time - 3 minutes 7 seconds] Suppose you wanted to plant malware on a computer. Where would be the best place? It had to be somewhere that the malware remains persistent, is hard to find, and users don't even think of it as a location for malware. The answer for this ideal place for your malware is arguably the UEFI (Unified Extensible Firmware Interface) {Chapter 9 Security+ 6e}. And that's exactly what...
    • 5 Oct 2020

    Which Certification Test Preparation Strategies Actually Work

    [Reading Time - 2 minutes 3 seconds] If you were to ask a roomful of professionals for the best test preparation strategy for taking a certification exam, you'd likely to receive a wide range of answers. "Take a class" is what some would say, while others would counter with, "No, just do your own self-study." Still others might say "Be sure to take a practice exam" but others would say...
    • 28 Sep 2020

    You Mean They Don't Already?

    [Reading Time - 3 minutes 50 seconds] An analysis report was just released by the federal Cybersecurity and Infrastructure Security Agency (CISA) on a recent successful attack against an unnamed federal agency’s enterprise network. The analysis report (AR20-268A) is a detailed look into how the attack occurred and serves as a good example of the modus operandi of today's attackers. However, there are some holes...
    • 19 Sep 2020

    Ransomware Causes a Death

    [Reading Time - 2 minutes 47 seconds] You knew that it had to happen at some point--and now it has. A person has died as the result of a ransomware {Chapter 2 Security+ 6e} attack on a hospital. Last Thursday (Sep10 2020) the Duesseldorf University Hospital in Duesseldorf, Germany (the largest hospital in the city) was locked down by ransomware. About 30 hospital servers were impacted. The threat actors left a message...
    • 15 Sep 2020

    30% Cybersecurity Tax?

    [Reading Time - 3 minutes 13 seconds] Nobody really likes taxes, do they? But suppose there were a tax that was used to provide cybersecurity protection. How much would you be willing to pay to be protected? Would you pay 5 percent? Maybe 10 percent? What about 30 percent: would you pay $1.30 for an item if $0.30 went towards cybersecurity protection? And what if you didn't want the protection? Could you opt out and...
    • 12 Sep 2020

    IRS Bounty

    [Reading Time - 2 minutes 22 seconds] Bug bounty programs abound today. But in a slight twist, a bounty is being offered for anyone who can trace cryptocurrency. And in an even more bizarre twist, it's the Internal Revenue Service (IRS) that is behind it. For many years large corporations have paid security researchers to uncover security bugs in their products and then privately report them so that the bugs can be...
    • 9 Sep 2020

    Without Authorization

    [Reading Time - 3 minutes 59 seconds] How would you define "without authorization"? Someone breaking into your home or apartment to steal your computer would clearly be "without authorization." But what about two Girl Scouts who walk across your front lawn and up to your front door to ask if you want to buy any Girl Scout cookies? Is that "without authorization"? While most states do not...
    • 6 Sep 2020

    Breaking a Substitution Cipher

    [Reading Time - 2 minutes 6 seconds] CT MIT HTGHST GY MIT WFOMTR LMAMTL OF GKRTK MG YGKD A DGKT HTKYTEM WFOGF TLMAZSOLI PWLMOET OFLWKT RGDTLMOE MKAFJWOSOMB HKGXORT YGK MIT EGDDGF RTYTFLT, HKGDGMT MIT UTFTKAS CTSYAKT AFR LTEWKT MIT ZSTLLOFUL GY SOZTKMB MG GWKLTSXTL AFR GWK HGLMTKOMB RG GKRAOF AFR TLMAZSOLI MIOL EGFLMOMWMOGF YGK MIT WFOMTR LMAMTL GY ADTKOEA. Would you like to read the above ciphertext {Chapter 3 Security...