Mike Kavka @siliconshecky@infosec.exchange
- Blog
- siliconshecky.com
Just another Infosec person
Joined Jan 2019
Today is PancakesCon! Check it out at https://pancakescon.com/ and learn about security and hobbies!
Mike Kavka
boosted
The theme of the Diana Initiative 2021 conference is “Spark a Journey”
First Round End Date - March 21st
Second Round CFP Start Date - March 22nd
Second Round CFP End Date - May 7th
Virtual Conference Dates - July 16th and July 17th
What happens if a third party limits password safety on financial accounts?
The every day person will be less secure.
https://www.siliconshecky.com/the-one-about-banking-passwords/
Mike Kavka
boosted
Check out the latest "Smashing Security" podcast with me, Carole Theriault, and special guest Alan Woodward, discussing:
⭐ Data bungles
⭐ SolarWinds
⭐ Lockdown love scams
⭐ My penchant for the late Dame Diana Rigg
⭐ Much much more...
Why would you not get events all in one place and set ip properly to find correlations?
I constantly feel like I am fighting just to get basic data for threat detection and hunting, let alone put it all into a SIEM together.
*Headesks*
If you throw out the simple just because it is simple, then you have most likely overlooked the proper answer.
Free summit geared to new people to the #infosec #cybersecurity field coming in April from SANS:
https://www.sans.org/event/newtocyber-summit-2021/
The holiday season is over, and so are the competition portions of the Holiday CTFs. This year I did
@RealTryHackMe
Advent of Cyber and
@KringleCon
. Here is a brief overview and rating of both.
Infosec certs are not just about showing employers or the community/world at large that you have knowledge. They can help one feel like they actually do know things and can contribute. This is what happened for me.
I think it is time that certs stop getting such a bad rap.
So, while reading a book called Sandworm, I have been noticing things: https://www.siliconshecky.com/solarwinds-sunburst-havent-we-been-here-before/
New Blog Post:
The One About Chained Exploits and Pentest Results
https://www.siliconshecky.com/the-one-about-chained-exploits-and-pentest-results/
The more I learn the more I shake my head and wish I didn't know.
New Blog Post: My experience taking a SANS class and going through a GIAC certification:
https://www.siliconshecky.com/passing-the-cert-sans-notes-and-thoughts/
Fantastic Guide to the E5 tier of Microsoft.
https://frankmcg.com/2020/09/purchased-microsoft-365-e5-now-what/
Nothing as frustrating as taking a practice exam and rushing through it, forgetting everything that you learned about taking said exam.
Taking my first SANS course at the end of the month. Now trying to go through and make sure I have done some pre-studying just to make sure I feel somewhat comfortable or at least not a total n00b.
Any tricks on how to keep focused during online courses? I'm trying with some free stuff, but man is it tough. Afraid to spend money on one if I am not going ot actually maintain focus and learn.
Mike Kavka
boosted
The 2020 DFIR Summit is Live, Online and FREE! Register now. If you’re interested in computer forensics, you don’t want to miss this!
Thu, Jul 16 - Sat, Jul 25, 2020 @SANSInstitute https://www.sans.org/event/digital-forensics-summit-2020
Imposter Syndrome is in full effect... *headdesks*
Every company, every piece of software has security issues. The making of a good company IMHO is how they react to finding out about these issues? Do they try to keep them quiet, do they try to fix them immediately, do they go after people who find the issues?
Security is NOT a destination, it is a process.
- Blog
- siliconshecky.com
Just another Infosec person
Joined Jan 2019
