- Is the source of the invitation legit?
Nov 6, 2022
How to secure yourself from online event phishing links? - CyberSecurity |
Oct 27, 2022
What is hacking? and what are the types of it? |
Oct 25, 2022
Ethical Hacking Certifications to Boost Your Career |
Ethical hackers play the role of an intruder by attempting to gain access to a computer system or network, application, or data. They do this legally and with authorization from the company as a way to identify vulnerabilities. Working in this field means you need to think like a hacker and use your best offensive cybersecurity skills to help improve the security of your company.
If you’re interested in a career as an ethical hacker, you might consider earning a certification as a way to:
Build new offensive security skills
Validate your skills to potential employers
Enhance your resume
Qualify for new job opportunities
Boost your confidence on the job
In this article, we’ll outline four popular certification options for ethical hackers (or aspiring ethical hackers). Learn more about what to expect from each certification exam, and get tips for how to prepare yourself for success.
Popular ethical hacking certifications
These four well-respected cybersecurity certifications are particularly relevant for careers in ethical hacking, penetration testing, and other areas of offensive cybersecurity.
1. Certified Ethical Hacker (CEH)
This ethical hacking certification from the EC-Council ranks among the top cybersecurity certifications companies are hiring for, appearing in nearly 10,000 job search results. The CEH is designed to help you think like a hacker and build skills in penetration testing and attack vectors, detection, and prevention.
Requirements: To qualify for the CEH exam, you need two years of work experience in information security. You can waive this requirement by completing an official EC-Council training.
Cost: $950 to $1,199 depending on testing location
Salary: $92,000
2. GIAC Penetration Tester (GPEN)
If you’re interested in penetration testing, a task within the umbrella of ethical hacking, then the GPEN certification could be a good fit. Earning your GPEN demonstrates your ability to perform penetration tests with the latest techniques and methodologies. Topics covered include test planning, scoping, and recon; scanning and exploitation; password attacks; and web application pen testing.
Requirements: There are no prerequisites for taking the GPEN exam.
Cost: $1,699
Salary: $104,000
3. CompTIA PenTest+
The PenTest+ exam from CompTIA is unique in that it features both multiple-choice and performance-based questions (questions that test your ability to solve problems in a simulated environment). The exam covers your ability to perform penetration tests in a variety of situations, including cloud, hybrid, web application, onsite, and internet of things (IoT) environments.
Requirements: There are no required prerequisites, but CompTIA recommends that you have three to four years of information security experience, and that you’ve mastered the materials covered in the Network+ and Security+ exams.
Cost: $370
Salary: $88,206 (for penetration tester)
Tip for passing the exam: The PenTest+ exam tests your knowledge in different ways, so it’s a good idea to prepare using a variety of different study resources. Here’s a few resources that come recommended by previous test takers:
4. Offensive Security Certified Professional (OSCP)
Another highly sought-after certification for pen testers, ethical hackers, and other offensive-minded security pros, the OSCP tests your ability to breach a series of target machines and produce detailed reports for each attack.
Requirements: There are no formal requirements to sit the exam, though Offensive Security recommends that you be familiar with networking, bash scripting, Perl or Python, and Linux. You may also consider taking the Penetration Testing with Kali course prior to taking the exam.
Cost: From $999
Salary: $96,000
Tip for passing the exam: Practice taking technical notes as you work through boxes or challenges during your preparation. Organize your notes with a table of contents so you can quickly access what you need on test day if you encounter a challenge that looks familiar. It’s also a good idea to prepare a report template for exploits ahead of the exam.
Oct 21, 2022
What is cybercrime? and types of cybercrime? |
- Email and internet fraud.
- Identity fraud (where personal information is stolen and used).
- Theft of financial or card payment data.
- Theft and sale of corporate data.
- Cyberextortion (demanding money to prevent a threatened attack).
- Ransomware attacks (a type of cyberextortion).
- Cryptojacking (where hackers mine cryptocurrency using resources they do not own).
- Cyberespionage (where hackers access government or company data).
- Interfering with systems in a way that compromises a network.
- Infringing copyright.
- Illegal gambling.
- Selling illegal items online.
- The fraud is done, by manipulating the computer network
- Unauthorized access to or modification of data or application
- Intellectual property theft that includes software piracy
- Industrial spying and access to or theft of computer materials
- Writing or spreading computer viruses or malware
- Digitally distributing child pornography
Oct 1, 2022
What is Red team and Blue team in cybersecurity? Part 1 |
Red Teams are internal or external organisations that aim to assess the efficacy of an organisation's security system by copying the methods and strategies of likely attackers in a realistic manner. It is similar to Penetration Testing, but involves attempting one or more targets as part of a campaign. For those on the Blue Team, having Adversarial Empathy - the capacity to think from the point-of-view of their adversary usually gained from attack experience - is essential.
Blue Teams refer to the internal security team that defends against both real attackers and Red Teams. This group should be separated from standard security operations teams on account of their attitude, which is characterised by constant caution against attack. Purple Teams are a further way of ensuring the efficacy of both Red and Blue; they incorporate measures designed by the Blue Team with threats and weaknesses pinpointed by the Red Team for a greater level of coverage. Ideally, it isn't necessary to have a dedicated Purple Team but instead a sustained interaction between Red and Blue.
Although Red Teams and Penetration Testers share many skills and functions, they are not the same. There are a number of attributes that distinguish Red Teams from other offensive security teams. These include:
It is possible to emulate the TTPs utilized by adversaries the target is likely to face, such as utilizing analogous tools, exploits and pivoting methodologies, as well as constructing analogous goals. This is known as campaign-based testing and runs for an extensive period of time, often several weeks or months. In contrast, a Penetration Test tends to rely on conventional pentesting tools and is truncated - typically lasting one to two weeks with a distinct set of aims like pivoting to the internal network, obtaining confidential data or acquiring administrative rights. A Red Team engagement draws upon a more tailored selection of TTPs together with specific objectives over an extended timeline.
In addition to testing for vulnerabilities, red teams use the TTPs of their likely threat actors in campaigns that run continuously over an extended period of time
It is of course possible to create a Red Team campaign that uses the best-of-the-best TTPs known to the Red Team, which uses a combination of common pentesting tools, techniques, and goals, and to run it as a campaign (modeling a Pentester adversary). A Red Team campaign should emulate the tactics of a specific threat actor, but those tactics won't necessarily be the same as the attack of the Red Team.
Cybersecurity Blue Teams are proactive defenders of a company. n InfoSec, there are some tasks which are not considered Blue-Team-worthy due to their defense-oriented nature, such as tier-1 SOC analysts who aren't trained or interested in offensive techniques, aren't curious about what they're looking at, and aren't creative about following up on alerts.
The difference between a Blue Team and just doing defensive things is the mentality. Here's how I differentiate: Blue Teams / Blue Teamers possess: A proactive vs. reactive mindsetEndless curiosity regarding things that are out of the ordinaryContinuous improvement in detection and responseIt's not about whether someone is a self-taught tier-1 SOC analyst or some hotshot former Red Teamer from Carnegie Mellon. Continually improving and being curious are the key.
Teams in purple: Rather than a dedicated team, purple is a cooperative mindset between attackers and defenders. Purple Teams are not necessary in organizations where the Red Team / Blue Team interaction is healthy and working well. A Red Team's purpose is to improve the Blue Team.A group that is not familiar with offensive techniques and wants to learn about how attackers think is best utilizing the term. A Purple Team exercise can involve good guys trying to learn from whitehat hackers. It could be an incident response group, a detection group, or a developer group. The solution to this problem is to fix the Red Team / Blue Team interaction dynamics-not to create a separate group that does their job for them.
Yellow, Orange, and Green Teams: what are they?
April Wright brilliantly introduced a few other team types in a Blackhat talk called Orange is the New Purple, in addition to the well-known Red, Blue, and Purple team concepts. It was during her talk that she introduced the Yellow team, which is the builder, and combined it with Blue and Red to come up with the other colors. I think this is extremely smart, but disagree somewhat with some of the characterizations of the combinations. In what I'm calling the BAD Pyramid above, which is a derivative of April's work, I captured my own interpretation of these interactions. I don't much care for the word "team" being assigned to all these colors, since I believe in most cases they are mindsets, or functions, rather than dedicated groups of people. Developers, for example, already have a name. Green, Orange, and Purple behaviors should be changed to either Developers or Blue Team behaviors.