One of the most fascinating hacker movies I’ve ever seen, Zero Days documents the secrecy and devestation of Stuxnet, the world’s first cyber weapon.
This film captures interviews with whistleblowers who have come forth for the first time about their involvement with Stuxnet – and how the project was nearly compromized due to overly ambitious team members.
When most people hear the phrase “cyber attack,” they think of downed computer systems – not a virus designed to physically destroy millions of dollars of uranium refinement centrifuges.
Stuxnet was the first known malware designed to target industrial control systems. It did so by causing centrifuges to spin out of control, all while reporting back to the control room that equipment was operating as expected.
This book details the story behind Stuxnet, the “world’s first digital weapon.” It’s available in softcover, hardcover, audiobook, and Kindle.
You can find it on Amazon here.
Have you ever wondered what would happen if a cyberattack managed to take down the power grid?
According to best selling author Ted Koppel, it’s not only possible, but probable.
The infrastructure that supports the US power grid was not built with security in mind, and with nearly every aspect of modern life reliant on electricity, it’s become a prime target for our adversaries.
According to the NSA (National Security Agency), China and Russia have already penetrated our grid.
What happens when they decide to pull the trigger?
Join Ted as he explores the vulnerabilities of the US power grid, the ramifications of a major cyberattack, and what could be done to prevent it.
Identity thieves can do a lot with your identity. Here are some different freezes you can apply to protect yourself from fraud. The best part? Freezes don’t cost a thing.
Click each link to go to the relevant “freeze your credit/information” page.
| Equifax | One of the three major credit bureaus |
| Experian | One of the three major credit bureaus |
| TransUnion | One of the three major credit bureaus |
| Innovis | Another credit bureau |
| Bank Security Freeze | Identity thieves can open fraudulent bank accounts. A bank security freeze prevents this. |
| Utilities Security Freeze (NCTUE) | Identity thieves can open utility accounts in your name, leaving you with the bill |
| Employment Data Freeze (E-Verify) | Identity thieves can obtain employment with your ID, leaving you to pay the taxes |
| Employment Data Freeze (Equifax) | Second database used for employment |
| Child Credit Freezes | Identity thieves may apply for credit using children’s identities because they are rarely monitored |
| Tax ID PIN | Identity thieves can file your taxes for you, and get your refund. An Identity Protection PIN (IP PIN) helps prevent this. |
Additional Resources: https://www.consumerlawfirm.com/credit-reporting-agencies.htm
Cron is a great sysadmin tool, but it seems like my cronjobs never run because I can’t quite get syntax or permissions right.
Here’s my “how to use cron to (actually) update your Pi-hole daily” guide.
First, run:
sudo crontab -e (I know that running ‘pihole-up’ doesn’t require sudo, but cron gets angry without it.)
Add the following line to the cron file:
0 5 * * * /usr/bin/date >> /var/log/pihole_update.log && /usr/local/bin/pihole -up >> /var/log/pihole_update.log 2>&1
This will cause pihole to update every morning at 5:00 am, and log the results to /var/log/pihole_update.log preceded by a timestamp (so you know it’s actually working). (If you prefer updates weekly instead of daily, change 0 5 * * * to 0 5 * * 0 and updates will happen at 5:00 am every Sunday instead.)
Pi-hole updates, automated.
I’m studying for a Master of Science in Information Security Engineering. Upon digging into packet headers, I realize that, while many “cheat sheets” exist to break down various packet headers, I can’t find any that I really like.
So, I made my own TCP/IP packet breakdown.
I hope it helps you in your quest to better understand TCP/IP.
So, you’re going to Defcon!
If you plan on using your laptop while you’re there, in addition to a number of other safety measures, I recommend forgetting all wifi networks before you go.
Why?
Because your internet-addicted laptop will be beaconing out for familiar access points all the while you’re there, and miscreants and evil-doers can use this to their advantage to trick your device into connecting to their not-so-innocent WiFi access points.
Here’s how it works.
When your laptop (or phone, for that matter) is not connected to WiFi, it’s constantly looking for a known access point (such as the one in your basement or at your mom’s house) to connect to. It does this by sending out a beacon once every 30 seconds or so, saying, “Hey, FBISurveillanceVan, are you there?” When you’re at home and your wireless router hears this, it responds, “Yes, I’m here! Let’s connect!” Your device then connects to your access point, and – viola, you have internet.
Now, normally this is all fine and well. However, troublemakers can configure a malicious access point to respond to any beacon, claiming to be the access point in question. Your device will then connect to it, allowing the attacker to hijack your connection and do malicious things, such as spying on your network traffic (or even injecting some of their own).
Now, manually forgetting all 50+ saved networks on your laptop will be time-consuming and annoying, but what will be even more annoying is having to reconnect to all of your favorite hotspots when you return home.
To solve this problem, I created a PowerShell script that you can use to back up, forget, and restore all WiFi networks saved on your laptop (Windows only – sorry, Mac users).
You can find it on my GitHub here.
It’s pretty self-explanatory; run it with -Backup to back up all your saved networks, use -Wipe to forget all saved networks, and then use -Restore to restore all your previously backed-up networks after you return home.
Problem, solved.
If you encounter any problems or have any feedback regarding the script, leave a comment and let me know!
Note: I received inspiration for this blog post while taking SEC530 from SANS Technology Institute; I describe this class as a comprehensive “Cyber Defense 101” class where you learn about everything you need to know to be a good cyber defender. It’s one of the more difficult classes I’ve taken so far due to the vast array of topics discussed; however, it’s also very well organized, which makes it more digestible. I recommend this class for anyone who is serious about becoming a cyber defender.
TL;DR: Check out my script on GitHub here.
On occasion, you may find the need to backup, restore, or transfer saved wireless networks from one Windows device to another. Whether you’ve gotten a new laptop that needs to be reconnected to your favorite hotspots or you simply want to back up your saved networks in case of need, this can be done with tools built right into Windows using a series of simple commands.
The first thing you’ll want to do is create a new folder to keep the backup files organized in as each network will be backed up to its own file. For example, you may want to create a backup folder on your desktop, like so:
mkdir C:\Users\%username%\Desktop\WifiBackupTo back up a single network to a file, run the following command, replacing “FBISurveillanceVan” with the name of your WiFi network:
netsh wlan export profile "FBISurveillanceVan" key=clear folder="C:\Users\%username%\Desktop\WifiBackup"Or, to back up all saved networks on your device, use this command:
netsh wlan export profile key=clear folder="C:\Users\%username%\Desktop\WifiBackup"Restoring WiFi networks to a device which have been backed up in this manner can be restored using the following command, again replacing “FBISurveillanceVan” with the name of your WiFi network:
netsh wlan add profile filename="C:\Users\%username%\Desktop\WifiBackup\Wi-Fi-FBISurveillanceVan.xml" user=currentUnfortunately, if you have multiple backups you need to restore, they must be restored one at a time and cannot all be restored with a single command. Thankfully, a few lines of code and a simple loop can fix this problem for us.
To restore multiple WiFi networks at once, open a PowerShell window and run the following command:
$DesktopPath = [System.Environment]::GetFolderPath([System.Environment+SpecialFolder]::Desktop)
$Files = Get-ChildItem "$DesktopPath\WifiBackup"
foreach ($File in $Files){
netsh wlan add profile filename="$($File.fullname)" user=current
}While this method works, it’s still just a tad bit too manual for me, which is why I created a Manage-WiFiNetworks.ps1 script, available on my GitHub. Using this script, you can simply specify the -Backup parameter to backup all networks, and the -Restore parameter to restore previously backed-up networks.
Additionally, if you want to forget all saved networks (such as before going to Defcon), you can do so with the -Wipe parameter (just be sure to back them up first.)
for i in {1..1024}; do nc localhost $i -zv; done 2>&1 | grep Connected | sed 's/.:(.)./\1/g'
$ for i in {1..1024}; do nc localhost $i -zv; done 2>&1 | grep Connected | sed 's/.:(.)./\1/g'
22
80
443
Create a DR/BCP Plan and test it annually, including a test of your backups/restore
Create a scheduled access and privileged audit of all your critical systems every 3 or 6 months, so making sure all leavers are disabled and there are no extra admins etc
Have a solid asset database for physical assets and who owns them, serial number etc Asset list for servers including how they are backed up, physical/vm, what they are used for, services they run, are they critical etc
Digital asset list for all of the software programs that your users use, including who has admin, the type of data that they hold, if it is critical to the business etc
Make sure your user base takes cyber awareness training
Create a daily checklist of things to be checked like admin logs, alerts, emerging threats, backups, and create an escalation process. Audit to make sure it is getting done regularly.
Create a change management system
Setup a base policy set like acceptable use, BYOD, Password policy, Information Technology policy (goes over guidelines for your IT team), remote work, physical security, clear desk policy, employee handbook etc
Document physical security at your location/s for deliveries, guests, cameras, card pass logging etc
Document and check your onboarding and offboarding processes Work with HR to make sure all employees get a contract, are background checked, get trained and get a handbook etc
Get a copy of all client contracts and make sure you are compliant
Create a checklist and/or questionnaire for security reviews of vendors and new tech
Create an objectives and measures for your IT organization with 8 or so KPIs like vulnerabilities remediated in X amount of time, users with x% of phishing messages, Help Desk responding in X amount of time etc. Then measure it regularly and have a meeting with management to review every 6 months
Get a solid vulnerability remediation and management plan in place
MFA EVERYWHERE
Local Admin NOWHERE
Disk encryption EVERYWHERE
Phishing tests for all employees
Work out how to protect corporate email on BYOD phones
Talk to senior management about risk and document where they find the biggest risks to the business. Take steps to mitigate and track progress regularly
Create a “continual improvement log” that tracks security items you run across or think of and track them to remediation
Run incident response exercises with your team, so pretending something happened and see how they react etc.
Inventory all your critical business assets in a spreadsheet (i.e., what makes the money come in)
Identify what data you rely on to do business, tag them to specific systems in this spreadsheet
Work to get backups of the critical data and systems, ideally somewhere that isn’t directly networked (read: accessible to ransomware or bad actors)
Implement MFA on all remote access (email, VPN, server administration, whatever)
Make sure everyone is using passwords (kinda default with the “MFA” suggestion)
Get endpoint protection in place; anything is better than nothing, but any of the best ones are a little pricy but definitely worth it because, as a small business, your users will destroy you.
Try and get a vulnerability scan (free ones exist) and use your existing free-hand knowledge to scan ports and services to identify potential openings/risks.
Sources: