-
Michael J. Conway replied to the topic Meaning of Certified Secure Web Application Security Test Checklist in the forum Web Applications 4 months, 3 weeks ago
While testing a web application, does it give you debugging information? Does it present a stack trace? Or does it give you a generic error message? That is what that check is looking for. Sometimes web applications leave debug set to true when they get moved to production. The result is that a user is given the stack trace when an error is…[Read more]
-
Michael J. Conway replied to the topic My MAC is HACKED beyond my control in the forum Malware 4 months, 3 weeks ago
This may sounds dumb but did you bother to patch the system after doing a clean install? Chances are that if all you did was a clean install, you left the same hole in place that your mischievous friends used in the first place.
With that said, I am not a Mac guy. However, there are some things you can do regardless of the system you use.…[Read more]
-
Michael J. Conway replied to the topic Where to start with cyber security ? in the forum General Certification 1 year, 6 months ago
There is no right answer to this. I came out of the operational military side of things without a back ground in computers. I spent more time in physical security, particularly with how it relates to aircraft. I picked up cybersecurity when I went back to school for my bachelor’s and focused on it with my master’s. While the degrees helped to…[Read more]
-
Michael J. Conway joined the group
Extraterrestrial Internet 1 year, 8 months ago
-
Michael J. Conway replied to the topic Olidebug/IDA Pro Alterenative in the forum Tools 2 years ago
Along the same lines as my previous post about alternatives, the NSA has released one of their custom built tools to the public. I haven’t tried it yet, but am planning to in the near future. If you are interested go check out GHIDRA 9.0. Happy bug hunting!
https://thehackernews.com/2019/03/ghidra-reverse-engineering-tool.html
https://ghidra-sre.org/ -
Michael J. Conway started the topic Vulnerator in the forum Links to cool sites. 2 years ago
For any of you that deal with DoD related cybersecurity, there is a tool published on GIT Hub by DISA called Vulnerator. It is not a finished product and looks to still be in development but the functionality for automating reports is there. If you have ever had to deal with ACAS and STIG Checklist, you know the pain of converting them to a…[Read more]
-
Michael J. Conway joined the group
Hardware Hacking 2 years ago
-
Michael J. Conway replied to the topic Certs? What? in the forum Security 2 years ago
Aside from a busy end to last year and a busy start to this year, my plan is still in something of a flux. I really need to put a date on the calendar for the ITIL exam if to do nothing ore than force me to study. After that and looking at what the EC CHFI and the eLearnSecurity version, I am probably going to go that route. After that, things…[Read more]
-
Michael J. Conway replied to the topic Cyber Security FUD – Fear and the Growth of the InfoSec Industry in the forum Opinions 2 years, 1 month ago
Doc,
I love this article and it goes nicely with what I have experienced over the last decade that I have actively worked in InfoSec. What I find amazing is that we really don’t do basics well. We still think of our networks in terms of the old castle analogy. The firewall is the drawbridge to get into the castle and we thing that building a…[Read more]
-
Michael J. Conway replied to the topic The L0pht Legacy in the forum Sanabria 2 years, 1 month ago
This is a great read and I thoroughly enjoyed it. In 98, I went to basic and missed this completely. On the federal side of things, I think we have made more progress towards secure systems, particularly in the DoD. We still have a ways to go as cybersecurity still feels like a bolt on at times but I think it is getting better. This is thanks…[Read more]
-
Michael J. Conway replied to the topic From Dev to InfoSec Part 4: Buffer Overflows Made My Brain Hurt in the forum Bango 2 years, 1 month ago
I love the brain dump on BOFs. I was at a company sponsored class over the summer and wrote an exploit for Adobe flash the same way you just did. I hadn’t done one of those in a while and forgot how much fun it really is. For the class we had access to IDA Pro as well as another tool similar to the old Ollydbg, x64dbg. And while those tools…[Read more]
-
Michael J. Conway started the topic Apple phishing in the forum News Items and General Discussion About EH-Net 2 years, 2 months ago
For those that didn’t hear, owners of iPhones are being targeted in the latest call spoofing campaign. A bad actor is placing calls to iPhones that make it look like the call is coming form Apple. The caller ID is showing Apple’s correct information to include address and web site. If answered, the individual is informed that Apple has had a…[Read more]
-
Michael J. Conway's profile was updated 2 years, 2 months ago
-
Michael J. Conway wrote a new post, Book Review: Hacking for Dummies 6th Edition 2 years, 2 months ago
Hacking for Dummies by Kevin Beaver is an information security professional’s introduction to ethical hacking. It is 22 chapters of information ranging from definitions (kept to a minimum) to reporting fi
-
Michael J. Conway joined the group
Threat Intelligence 2 years, 2 months ago
-
Michael J. Conway joined the group
DFIR 2 years, 3 months ago
-
Michael J. Conway replied to the topic https://blog.reybango.com/2018/10/22/from-dev-to-infosec-part-3-my-first-cert/ in the forum Bango 2 years, 4 months ago
Rey,
I just finished your blog post. One question though: where/what industry are you looking to work in? My background is DoD so I tend to look at 8570 to see what the baseline certifications are and work from there for certifications and training to pursue. And yes, it has been my experience that for somethings, you cannot beat hands on.
Thanks
-
Michael J. Conway joined the group
Penetration Testing 2 years, 4 months ago
-
mdk1 and
Michael J. Conway are now friends 2 years, 4 months ago
-
Michael J. Conway and
Don Donzal are now friends 2 years, 4 months ago
- Load More