Category Archives: blogpost

Course Review: InSEC Techs Cyber Security & Hacking Course

InSEC Techs – The Complete Cyber Security & Hacking Course

Various modules covering Enumeration, Scanning, System Penetration, Web Application Hacking, and so forth. You can find these courses on their website, Udemy, and other similar training portals that are slowly popping up around the web.

So to begin with, the presenter discusses the many types of courses and skills available to the teachers from InSEC Techs. I should have known something was up, when SEO & Digital Marketing were included with Ethical Hacking, CCNA, SAP All Modules. This was a very auspicious beginning, and it gave me some indication fo what I was going to be dealing with. If only it was that good.

Overall the video quality is not that great. Some videos the volume is very low. Then the next one is so loud you blow your eardrums out when you are using headphones. In my opinion this does not seem to be a truly professional training organization, but instead seems more like a fly by night operation. Sometimes the audio just flat out stops, and there is a lot of digital noise. Some videos have a lot of background noise, and it seems the presenter is sitting in an outdoor cafe. There was one video where you can here a single word overdub, which was a different voice, and at a different volume level. I had to listen to it 3 times, because I thought it was crazy.

The courses themselves only seem to go over tools and how to use them. Made me think very much like the CEH course I had previously experienced, only much worse. There is also no understandable order to the course. Other courses I have looked through follow a framework, such as PTES, or a recognized path, like the Lockheed Martin Attacker Kill Chain. (something) This course seems to move about randomly, moving from Viruses, to Social Engineering, Email Hacking, to Sniffing. Again in my opinion it would be very confusing to a new learner. There is no discussion at all about programming, which is really required for this type of work.

Some sections are downright terrible. For example, under the nmap section they run only one scan. No discussion of different types of scans, scripts that can be run, timing, evasion, or anything a real tester would need to effectively use this tool. The three methods of hacking are: Key Loggers, Trojans, and Password Cracking. The section on cracking WinRAR passwords??? REALLY??? 

The SQL Injection was not even that. The presenter opened up PHPMyAdmin, and ran the queries directly in the appropriate dialog box. No presentation of how that would look like to an attacker, or how to find it through a web form. Terrible. There are a few others that I could go into, like how is installing Truecrypt and creating a secure container file is a solid description or explanation of cryptography?

Final verdict would be to stay away from this course. Don’t waste your time, even though it is free.

DFIR 014 – Continuous IR

Nice little post here on continuous IR, and how it can feed into the program as a whole.

Making Incident Response a Security Program Enabler

The approach an organization can take to take incident response from a reactive process to proactive one involves the following steps:

– Improving an organization’s incident response capabilities
– Improving an organization’s root cause analysis capabilities
– Improving an organization’s security monitoring capabilities
– Influencing others to see incident response as a continuous process
– Operationalizing incident response information
– Collecting and documenting data for the organization’s incident response metrics
– Analyzing the organization’s incident response metrics to produce intelligence
– Presenting the intelligence to appropriate stakeholders

China admits to hacking

http://thehackernews.com/2015/03/china-cyber-army.html

CHINESE CYBER WARFARE UNITS
According to McReynolds, China has three types of operational military units:
1. Specialized military forces to fight the network — The unit designed to carry out defensive and offensive network attacks.
2. Groups of experts from civil society organizations — The unit has number of specialists from civilian organizations – including the Ministry of State Security (its like China’s CIA), and the Ministry of Public Security (its like FBI) – who are authorized to conduct military leadership network operations.
3. External entities — The unit sounds a lot like hacking-for-hire mercenaries and contains non-government entities (state-sponsored hackers) that can be organized and mobilized for network warfare operations.