Blog 15

This chapter was about cryptography.

• Cryptography is the practice of concealing information used in electronic communication to protect passwords, secret keys, etc.
• A cipher/algorithm is a formula used to hide the meaning of a message. 
• The key is the variable in a cipher that is used to encrypt or decrypt a message.
• Symmetric encryption that transposes plain text to ciphertext in chunks is called a block cipher.

• The next section was about certificates.
• PKI creates pairs of public and private keys. 
• The next section was about encrypting files and whole hard drives.
• I learned about GPG and PGP

Article

The article I read about was the US Marshals Service. They had inmates information exposed. More than 387,000 former and current inmates had their information exposed. Information stolen was names, dates of birth, social security numbers, and home addresses.  They are doing numerous fixes to ensure this breach doesn't happen in the future. The hackers were not caught.

Blog 14

Cloud Computing and Internet of Things

Cloud Computing

• Content Security Policy gives subscribers security tokens and electronic credentials.
• Cloud Access Security Broker is software that sits between cloud service users and cloud applications to monitor activity and enforce security policies.
• LoadStorm is a cloud load testing solution to find the scalability of web or mobile applications.
• BlazeMeter is a continuous testing solution to help with early stages of app development.
• JMeter is an Apache project used as a load testing tool for analyzing and measuring performance of services.
• Nexpose is a vulnerability scanner.
• There are numerous threats to the Cloud. 

Internet of Things

•  Light Fidelity is a visible light communications system. It uses light bulbs to transfer data at high speeds.
• HaLow is Wi-Fi with extended range.
• LoRaWAN is a low-power wide area network for IOT devices.
• SigFox is a global network operator.
• NeulNET is a cloud-based solution that offers an end to end pipe.
• Very Small Aperture Terminal VSAT is a long range protocol that uses small dish antennas to transfer broadband and narrowband data.
• IoT system
• Devices
• Gateway
• Data Storage 
• Remote control

Article

The article I read was about a hack on the SBA online portal for disaster loan assistance for small businesses.  Financial information, insurance, citizenship, household size, and marital state were leaked. Names, addresses, birth dates, and social security numbers were also leaked. They have offered a year of credit monitoring for those effected. The hackers were not caught.

https://www.newsday.com/business/coronavirus/security-breach-sba-loan-1.44015549

Blog 13

This chapter was about Wi-Fi, Bluetooth, and Mobile Devices

Wi-Fi

• Message integrity code: Uses verifiers that detect any changes to a message's content. 
• Wigle.net can be used to find out where hotspots are in a geographic area.
• Aircrack -ng is used on Linux to brute force a password for a Wi-Fi network.
• Use Wi-Fi predictive planning tools. It can help you place access points, wires, etc.
• Use RF scanning such as wireless intrusion prevention and wireless intrusion detection.
• DHCP snooping can be configured to drop DHCP requests that aren't from a trusted source.

Bluetooth

• BlueSmacking is a bluetooth denial of service attack.
• Bluejacking is sending unwanted data to a bluetooth device.
• Bluesnarfing is a way to gain access to a bluetooth device.
• Bluebugging is an attack that installs a backdoor into a device.
• Btlejuice is a framework used to perform man-in-the-middle attacks using a bluetooth device.
• Super Bluetooth Hack is an application that can be used to view files on another bluetooth device. It is an android application and you need to have JBED running on your device in order to use it.

Mobile Devices

• Rooting is overriding security features on an Android device to modify, remove, or change applications, run apps with admin privileges, change system settings, and gain low-level access to device hardware.
• Jailbreaking is essentially rooting but on iOS devices. 
• Hackode: The Hacker's Toolbox is an android application that can perform reconnaissance, scanning, and Google dorking.

Article

The article I read was about a security breach at Nintendo that compromised 160,000 accounts. Attackers hacked a legacy login system. Personal information as well as credit card numbers were leaked. I chose this article because I had gotten an email saying my Nintendo account was accessed from a strange location and I had to go in and change my password.

 https://threatpost.com/nintendo-confirms-breach-of-160000-accounts/155110/

Blog 12

This chapter was about web servers, web applications and SQL injections.

Web Servers

• A web server is a computer used to store and distribute web pages to clients.
• Web servers have many vulnerabilities.
• There are different types of server attacks.
• Website defacement: A website is vandalized or defaced. The hacker could also change the site's content.
• Directory traversal: This is when hacker tries to get into other folders and directories on a web server that are restricted.
• Cross-site scripting: Takes advantage of website's scripting defects. An attacker can alter the XSS to send malicious code to a user. 

 Web Applications

•  A web application is software that has been installed on top of a web server.
• They process, store, and distribute information.
• Upload bombing uploads a lot of files onto a server to crash it.
• Poison null byte attack sends special characters to the script
•  Cookies are a vulnerability as well

• Web application hacking methodology
• Start with footprinting the web infrastructure. 
• Whois lookup
• DNS interrogation
• Port Scanning
• Next scan for vulnerabilities using a vulnerability scanner
• Begin attacks to target those vulnerabilities, or even do a DOS or DDOS attack.
• Analyze web applications
• Identify entry point for user input.
• Identify which applications are provided to the client.
• Attack authentication mechanism by targeting implementation and errors in web applications.
• Attack authorization scheme
• Attackers modify input fields in http requests. 
• Query String
• HTTP header
• Attack session management mechanisms
•  Session token prediction
• Session Hijacking
• Man-in-the-middle attacks 
• Perform injection attacks
• Injects malicious code into an input string to modify a database or alter a website.
• Code injection when the hacker inputs code that is executed by the application.
• Command injection when the hacker inputs code that alters the functionality of execution commands.
• Attack flaws in application logic
• Attack database connectivity
• Attack the web client application

•  Penetration Testing Methodology
• Information gathering about target system or network
• Active and cached web pages
• Error Messages
• Entry points 
• Web applications
•  Check configuration settings
• Complete application configuration management 
• Use CGI scanners
• Review web server content, configuration files, and log files.
• Test for hidden file extensions and check locations of old backup and configuration files.
• Administrative Interfaces
• Review HTML and source code. Watch for comments and coding tags.
• Authentication Testing
• Password reset
• Session timeout
• Browser cache
• Password error or lockout feature

• Session Management Testing
• Cookies
• Session fixations
• Exposed session variables
• Cross-site forgery requests.
• Denial-of-service testing
• Account lockouts
• Buffer overflows
• User object allocation
• Data validation
• Input vulnerabilities
• Character type or count
• Authorization testing
• Document all findings during the test

SQL Injections

•  A language that was designed to request data from a database.
• SQL injection is an attack that attacks a web application by manipulating SQL statements entered into a web page.
• They target flaws in web applications.
• They exploit input vulnerabilities.
• They use existing code.

• SQL Injection Methodology
• Information Gathering
• See if web application is connected to a database server
• Inject codes into fields to generate error messages

•  Test for SQL injection vulnerabilities. 
• Launch an SQL injection attack
• In-band: One communication channel to attack and gather results.
• Error-based: Depends on error messages
• Union-based: Uses the UNION operator to combine results of multiple SELECT statements into one result.
• Blind SQL: You receive true or false results.
• Content-based blind SQL: Uses a query to alter the HTTP response differently for a true or false answer.
• Time-based blind SQL: Alters the HTTP response time for a true or false answer.
• Advanced SQL Injection: Database, table, and column enumeration. Password grabbing.

Article

The article I read was about a security breach at Beaumont Health. 112,000 people's information was leaked nearly a year ago. Details leaked included names, dates of birth, social security numbers, medical conditions, bank account information, and drivers licenses. Doesn't say they caught the hacker but they have implemented better training and education for their employees.


 https://www.freep.com/story/news/health/2020/04/17/beaumont-health-security-breach-personal-information/5155716002/

Blog 11

This chapter was about IDS, firewalls, and honeypots

IDS

• There are different types of intrusion detection systems. 
• Network Intrusion Detection
• Host intrusion detection
• Signature-based: compares network traffic to known signatures
• Anomaly-based: compares network and host behavior to baseline profiles
• Protocol-based: detects anomalies specific to a given protocol

Firewalls

• Packet-filtering firewalls distinguish between good and bad traffic.
• A bastion host is a boundary firewall, which lets public and internal interfaces connect. 
• A screened hubnet uses a single firewall to protect multiple interfaces.
• Firewalking is using TCP and UDP packets to determine configuration of ACL's.
• There are many evasion techniques that can be used to avoid a firewall.
• Spoofing is when the hacker changes addressing information in the IP packet header to trick the firewall into thinking its from a trusted host.
• Source routing is when a packet is sent to different places first before getting to the target destination. This attempts to evade the firewall.

Honeypots

• A honeypot is a physical or virtual device designed to look like a legitimate network resource to draw in a hacker.
• There are different levels of honeypots.
• Low-Level: Simulates a number of services and applications.
• Medium: Simulates a real OS, applications, and services.
• High: Simulates all services and applications.

Article

 The article I read was about a company called Wappalyzer. They disclosed this security breach after the attacker starting emailing users offers to sell the company's database. The attacker had accessed one of the databases that had a misconfiguration. The hacker was not caught.


 https://www.zdnet.com/article/wappalyzer-discloses-security-breach-after-hacker-starts-emailing-users/

Blog 10

This chapter was about sniffers, session hijacking, and Denial of Service

Sniffing

• Promiscuous mode gives the network interface permission to grab every frame that comes its way. 
• Popular sniffing tools include Wireshark, TCPDump, Cain and Abel, etc.
• ettercap is an easy tool to use to do ARP poisoning, or man in the middle attack.
• DNS Spoofing is an attacker redirecting DNS traffic. It redirects a target system to another site.
• Invest in reliable security tools to protect against sniffing and attacks.
• Use more secure protocols for Internet traffic.
• Use switched networks to better isolate segments of the network.

Session Hijacking

• Taking over a session between a host and a web server. 
• Five steps to hijacking a session.
•  Sniffing
• Monitor Traffic
• De synchronize the current session 
• Predict the session ID
• Inject commands that target the server

•  Cross-site scripting is injecting malicious code into web applications. This is usually done through user-created content that has not been checked. For example, a Craigslist post could have malicious code attached that is not visible, but is able to steal cookie information.
• Burp Suite is really useful and has many different tools. It's a Linux program.
• Really have gotten the hang of using Session ID's to use cookies to login to a site. It's really easy.

Denial Of Service

• When a computer is used to flood a server with more packets than it can handle.
• Distributed Denial Of Service is when numerous computers are used to overload target systems.
• Limit access points the network
• Reduce unnecessary services 
•  Use anti-malware, threat prevention, and intrusion protection

Article


 The article I read was about a company called RigUp. The breach exposed more than 70,000 files. The files belong to US energy sector clients. If it had been exposed to malicious hackers or the general public, it would have been devastating. These files included human resources information, such as social security numbers, resumes, photos, paperwork, birth dates, insurance, etc. The company is going to do a root cause analysis to find out why the leak happened.

Blog 9

This chapter was about malware.

• A crypter is software that prevents the malware code from being analyzed and reverse-engineered. It also prevents detection from anti-virus software.
• Sheep dipping is analyzing emails, files, and systems for malware.
• Terminate and stay resident is a virus that sits in RAM and infects anything opened on the system until the computer is shut down or rebooted.
• Learned about different kinds of viruses, back doors, worms, and malware. 
• I learned about malware analysis, including sheep dipping, static analysis, and dynamic analysis
• Heuristic algorithms generate fairly accurate results in a short amount of time. It focuses on speed instead of accuracy and completeness.
• I learned the commands to use with netstat.

Article

The article I read about was a security breach at Marriott Hotels. Information exposed was emails, names, addresses, phone numbers,and birthdays. This was accessed using login credentials of two employees at a franchise property. 5.2 million guests information were compromised. Didn't say if they caught them.

https://www.cnet.com/how-to/marriott-data-breach-exposes-over-5-million-people-latest-major-security-hack/

Blog 8

This chapter was about system hacking.

System Hacking

• A rainbow attack is a password hash cracking technique that uses pre-computed word lists and their hashes in tables.
• Password salting is adding random bits of data to a password before it is stored as a hash to make password cracking more difficult.
• Pass the hash allows an attacker to get into a workstation, and then continue using hashes to get into other workstations, until they reach an administrator account.
• One of the most popular password cracking programs is John the Ripper.
• Cain and Abel is also very popular to use dictionary attacks and brute force attacks.
• Configuring password policies is very important. It can help prevent or mitigate risks with weak passwords.

Privilege Escalation

• Kerberoasting:  An offline brute force attack to crack a Kerberos ticket to reveal the service account password in plain text.
• DLL hijacking: Loading a malicious DLL into the application directory 
• Security Account Manager (SAM): Database that authenticates local and remote users. LM hash or NTLM hash.
• Booting from a CD or USB allows you to easily remove passwords from user accounts.

 Maintain Access

• Path Interception: When a malicious file name is added to a service path without quotation marks and includes spaces in the code.
• Crackers: Software programs that crack code and passwords to gain unauthorized access to a system. 

Cover Your Tracks

• Rootkit: A program attackers use to establish root level permissions.
• Steganography:  Embedding data into files to hide it from everyone but the receiver

Article

The article I found was about a possible data breach at Princess Cruises. Could be names, social security numbers, address, government identification number, and data about health. They are fixing up their security to try to prevent this in the future. They did not find who was responsible.

 https://www.pymnts.com/safety-and-security/2020/princess-cruises-discloses-possible-data-breach/

Blog 7

This chapter was about analyzing vulnerabilities.

• An active assessment is obtained by actively testing the network for weaknesses.
• A passive assessment is obtained by looking for weakness through observation without directly interacting with the network. 
• An external assessment is obtained by testing external systems and testing from outside the network.
• An internal assessment is obtained by testing and analyzing processes and systems inside the network.
• An active scan transmits packets to the nodes within a network to find exposed ports and can repair security flaws.
• In vulnerability research, there are several areas to research. First is misconfigurations, commonly caused by human error. Second is default configurations, such as default SSID's and passwords. Third is buffer overflows, when a user tries to store more data than a program was written for. Next are unpatched servers. Then there are design flaws, operating system flaws, and application flaws. Last are open services, such as ones run by certain ports. 

Vulnerability Management Life Cycle

• Creating a baseline is first. This includes defining effectiveness of current policies and procedures. It also includes setting up for the assessment.
• Vulnerability assessment is testing the network for vulnerabilities.
• Risk assessment is evaluating the found vulnerabilities for threat level.
• Remediation is patching, hardening, and correcting weaknesses.
• Verification is retesting the system to verify patching and hardening was effective.
• Monitoring is where continuous monitoring of systems is implemented.  
• Three basic steps in penetration testing:
• Locate the live nodes on the network. You must know where each live host is.
• Itemize each open port and service in the network.
• Test each open port for known vulnerabilities.

Vulnerability Scoring Systems

• Common Vulnerability Scoring System (CVSS): Categorizes vulnerabilities by threat level.
• CVSS calculator: Determines risk level of vulnerabilities based on base, temporal, and environmental metrics.
• Cybersecurity and Infrastructure Security Agency (CISA) : Provides many resources for cyber security.
• National Vulnerability Database (NVD) : Detailed database of known vulnerabilities.
• Full disclosure: Forum for discussing vulnerabilities and threats. Has tools, papers, news, and events related to vulnerabilities. 
• A good site that is for CISA is us-cert.gov.
• seclists.org/fulldisclosure

 Vulnerability Assessment Tools

• Qualys Vulnerability Management
• Nessus Professional
• Open Source Tools
• OpenVAS 
• Nikto
•  Mobile Tools
• Retina CS, it's for smartphones, mobile devices, and tablets. It can scan, prioritize, and fix vulnerabilities.
• SecurityMetrics Mobile
• Nessus
• Net Scan
• Network Scanner

Article

T-Mobile suffered a security breach, says customers' financial data was accessed. Their email vendor was the target of the attack, which exposed some employees emails that contained customer information. They set up two different support pages, one for less information stolen, and one for more sensitive information stolen. They said they quickly identified and shut down the attack. They have begun an investigation with cybersecurity forensic experts. They have not found the hacker yet.

https://www.phonedog.com/2020/03/04/t-mobile-security-breach-customers-financial-details

Blog 6

This chapter was about enumeration.

• Enumeration is gathering of information about a system to learn about its configurations, software, and services.
• You can gather information such as usernames, group names, machine names, routing tables, network shares, and applications.
• You can do brute force directory attacks, where your software will continue to run possibilities for usernames and passwords until something works.
• Linux Enumeration
• User accounts are stored in the /etc/passwd file. Passwords are stored as hashes in the /etc/shadow file. 
• finger -s will obtain login names, real names, terminal names, write statuses, idle times, login times, office locations, and office phone numbers for all users.

• Superscan is for Windows systems and does a really good job of enumerating. 
• You can perform enumeration with nmap.
• SoftPerfect network scanner can be used to get information about devices on a network.

Enumeration Countermeasures

• SNMP countermeasures include monitoring traffic on SNMP ports.  Another way is to turn off the SNMP service. If you keep the service, update to the latest version and change default passwords.
• DNS countermeasures include using DNS zone restriction to ensure a server only provides copies of zone files to specific servers. 
• SMTP countermeasures include ignoring messages to unknown recipients instead of sending back error messages. Also configure your server to block open SMTP relaying.
• Securing LDAP by reviewing and implementing security settings and services available with your server software.
• ls -d is the command to use to get domain information that includes all the hosts on the domain. For example, ls -d google.com will show you all the hosts in that domain.

Article

This article was about data that was stolen from an AI company. Many of the customers are law enforcement agencies. The data stolen was its entire list of customers, the number of searches the customers made, and how many accounts the customers had set up. The company said they patched the flaw that led to this breach, but they wouldn't disclose what the flaw was. The company didn't seem to care too much, reportedly "shrugging and saying that data breaches happen". They did not find the person who hacked the company.

 https://www.cnet.com/news/clearview-ai-had-entire-client-list-stolen-in-data-breach/#

Blog 5

This chapter was about scanning.

1. War Dialing is used to dial a large amount of phone numbers to try to locate systems connected to a modem. If the scan gets a response, it accepts the connection, giving you an access point into the network.
2. A stealth scan only sends a SYN packet to a port, so no security log is made on the target computer showing that it was scanned.
3. If you type telnet followed by an IP address and port number, you could receive a response that can give you information about the targets system.
4. You need to make decisions about how you want to do your scans as an ethical hacker, such as time of day, scans to use, etc.
5. You need to use different techniques to scan if your attempts are being blocked by a firewall.
6. Have companies do regular vulnerability scans.
7. Preventing banner grabbing is as easy as disabling them.

Article

The article was about a company that makes vinyl covers. They had a data breach relating to their customers. The company is called Slickwraps.  Customer's names, email address, and addresses were compromised. A security researcher had been warning this company for several days about a massive vulnerability on their website. They ignored him and even blocked his account. An ethical hacker used this vulnerability to send out a mass warning email to all the customers about this breach. The culprit wasn't found.

https://www.engadget.com/2020/02/21/slickwraps-data-breach/

Blog 4

This chapter was about reconnaissance, which is the act of gathering information about a target.

• You can start with the Internet to search the company and/or the target.
• Social Engineering is another way to get information about employees or the company.
• Dumpster diving is still another method of gathering information.
• Once you have employee names, you can turn to social media to find out even more about them.
• Whois is used to gain information about a target network.
• Nslookup queries DNS servers to gain information about the host network.
• Arin is a website that will provide information about a network.

 The second section was about reconnaissance countermeasures. How a company can protect itself against reconnaissance.

• Develop information sharing policies in your business.
• Policies related to sharing of company information on social media.
• DNS hardening is also important.
• Search for services.msc to get to all services running on the system. 
• Disable IIS banner broadcasting.

The article I read was about a company called Rutter's that was hacked. The hackers gained access to the stores' network system and planted malware. This malware collected information about customers' cards as they were processed. They didn't catch the hackers.

 https://www.zdnet.com/article/rutters-store-chain-discloses-security-breach-involving-pos-malware/

Blog 3

This chapter was about social engineering, physical security, and countermeasures and protection.

Social Engineering

• Foot-printing is like stalking, but in social engineering.
• Pretexting is a made up situation to get someone to give information or do something.
• Elicitation is a way to get information from someone with alerting them.
• Preloading is influencing someone's thoughts, emotions, or opinions before something happens.
• Spim is spam, but sent through an instant message.

Steps in Social Engineering

• Research
• The attacker starts gathering information about the company they will attack. Dumpster diving, company tours, browsing the company's websites, etc.
•  Development Phase
• This is when the attacker will select targets within the company and form a relationship with them.
• Exploitation
• This is when the attacker takes advantage of the relationships made to get information. 

Other Social Engineering Techniques

• Shoulder Surfing and Eavesdropping
• USB flash drives and keylogging
• Spam and Spim
• Hoax
• When an email or message is displayed on the computer alerting you to a virus that has been downloaded. Viruses don't want to be found, so this is a dead giveaway.

Types of Attackers

• Insiders 
• Hackers
• Hacktivist, script kiddies, white hat, black hat, gray hat, cyber criminal

• Nation States

Types of Motivation Techniques

• Authority
• Social Proof
• Scarcity
• Likeability
• Urgency
• Common ground and shared interest

Social Engineering Techniques

• Opportunistic attack
• Motivated by making quick money, so will jump in and out without covering their tracks.

• Target Attack
• Much more dangerous. The attacking entity uses unknown exploits to expose information and covers their tracks when done.

• Elicitation
• Getting information from someone without them knowing.

•  Pharming is when an attacker uses malicious programs on a targets computer so that any URL typed in redirects traffic to the attackers malicious website.
• DNS cache poisoning is when the attacker attacks the DNS server. The attacker then changes the target's website IP address to a fake website. 
• Host file modification is when the attacker sends malicious files in an email attachment. These files change the local host files on the PC. These altered host files automatically redirect traffic to the attackers malicious website.

Physical Security

•  NIST: An institute that standardizes security controls and assessment procedures.
• Bump Key is cut to the number nine position with some of the front and shank removed.
• Scrubbing is a lock-picking method that is running a pick over all the pins with careful pressure.
• Lock shim is a thin and stiff piece of metal used to open a padlock.

Countermeasures and Protection

• Bollard is a physical barrier to deter intruders.
• Strip-Cut shredder cuts paper into long, thin strips
• Crosscut shredder cuts paper vertically and horizontally, making confetti
• Full backup backs up every single piece of an organizations data
• Incremental backup backs up changes since the last full or incremental backup
•  Differential backup backs up any changes since the full backup

Article

This was about stolen health information which led to theft of member's PII.  Someone broke into a vendor of Health Share of Oregon and stole a laptop. Medicaid member data was exposed. It included names, addresses, phone numbers, dates of birth, social security numbers, and Medicaid ID numbers. They have not caught the burglar as of yet.

 https://www.zdnet.com/article/health-share-of-oregon-discloses-data-breach-theft-of-member-pii/

Blog 2

This week was about an introduction to penetration testing.

Penetration Processes and Types

• Ethical hacking is exploiting vulnerabilities in a system so that weaknesses can be found and remedied.

• There is a red team and a blue team. The red tries to break into a system and the blue team tries to keep them out. 
• There are five phases in ethical hacking.
•  First is reconnaissance, which includes gathering information about the network or system to be hacked. This can include finding passwords, social engineering, and publicly accessible information.
• Next is scanning/enumeration. This is using tools to gain information about open ports, computer systems, etc. Extracting information like usernames, computers systems. etc., is called enumeration.
• Gaining access is when the hacker exploits the vulnerabilities to gain access to the system. 
• Maintaining access is when the hacker installs a backdoor in the system to achieve permanent access. 
• Clearing your tracks is when the hacker overwrites log files to hide that they were there.
• The last stage in penetration testing is not clearing your tracks, it is reporting. You must report your findings.  
• There are three types of penetration testing.
• A black box test is when the ethical hacker has no information about the target or the network. This is great for completely outside attacks with no inside information. 
• A white box test is when the ethical hacker is given all information for the systems, network, and infrastructure. 
• A gray box test is when the ethical hacker is given partial information about networks and systems. 

Threat Actors

• A white hat hacker is an ethical hacker. They help companies find vulnerabilities and fix them.
• A black hat hacker gains access for malicious, illegal purposes.
• A gray hat hacker usually has good intentions but may cross ethical lines.
• A suicide hacker is only concerned with taking down their target for a cause. They don't care if they get caught or go to jail.
• A cyber terrorist is motivated by religious or political beliefs and only wants to create disruption or fear.
• A state sponsored hacker is employed by a government to hack other governments.
• A hacktivist gains access to protest other companies or campaigns.
• A script kiddie uses other's programs to hack computers as they have limited knowledge themselves on how to do it. 

The Article

• This was about Nation-State actors that breached two US municipalities. They used a vulnerability in Microsoft Sharepoint servers. It doesn't really say if the hackers were caught. 
•  https://www.zdnet.com/article/fbi-nation-state-actors-have-breached-two-us-municipalities/

Blog 1

1. I didn't really learn much in this chapter, just how to use the simulator and new features in it.
2. The only thing that I didn't understand was the commands in Linux, I guess I need a refresher on those.
3. For my current issue, I read an article about a security breach at Microsoft of their customer service database. Five servers were exposed. However, four were mirroring one server. IP addresses, email addresses, and information about support cases were leaked.
4. Nobody was caught because it was an accidental leak due to misconfigured Azure security rules.

https://www.zdnet.com/article/microsoft-discloses-security-breach-of-customer-support-database/