Information Security Education Resources

A story about “free” antivirus

A colleague of mine was working on a coworkers personal computer. The job was a fresh Windows 10 installation, and my colleague decided to install Avast Antivirus Free. Shortly after installing Avast Security Onion lit up like a Christmas tree. I didn’t recognize the IP address that the alerts were originating from, so I went into our equipment room where I found the PC plugged in. When I unplugged the ethernet cable, the alerts stopped…

Continue reading

Information Security Education Resources

Enough with the Hoodies: Education without the scare tactics

Growing up, I had DARE & abstinence-only education, which were comprehensive national education programs designed to educate children and keep them safe. They are an easy sell with a “wholesome” and straightforward answer to an otherwise complicated subject. “Just Say NO!” can be readily understood by young and old and easily marketed. Why not for InfoSec? Why not on a national scale? The ubiquity of electronics has grown exponentially. According to a 2017 article by…

Continue reading

Information Security Education Resources

Security Onion Set Up Part 1: Planning for Version 16.04

The guidance in the article “Security Onion Set Up Part 1: Planning” no longer applies if you’re using the new Security Onion image because it uses Elastic Stack instead of ELSA. Elastic Stack might be a resource hog, but the workflow is superior compared to ELSA in the way you can visualize data in the dashboard and pick from pre-configured searches that touch on almost everything you would need to look at out-of-the-box.

Continue reading

Information Security Education Resources

What’s New With TLS 1.3

TLS 1.3 is the newest version of Transport Layer Security which is a cryptic protocol that allows for your web page traffic to be secured. It works to secure the communications between client and server to include passwords, and other crucial information sent from client to the server, and server to the client. As a result, TLS makes it extremely difficult to gain access to the information sent while it’s traveling to and from the…

Continue reading

Information Security Education Resources News

US election systems deemed critical

It comes as no surprise that the US election systems have been classified as critical infrastructure, but what does come as a surprise is how long it took. The story as to why US election systems have been classified as critical infrastructure is as old as cybersecurity itself (8 or 9 years). People will secure themselves only after they have been compromised.

Continue reading