I read a blog over at thinkphd.com the other day that inspired me to chart my own path at Northcentral University (NCU) in pursuit of my Doctorate. When I was first looking at schools, much like Cindy over at thinkphd.com, I kept coming back to NCU. I was in need of a GOOD school offering [...]
I just posted this over at INFOSECIsland.com… The cosmetics company Lush Cosmetics was the target of a successful data breech discussed several days ago: The Real Business Impact of Being Hacked. Unfortunately it’s happened again… as predicted. Lush operates many web portals around the world providing beauty supplies. After their last breech, I decided to find [...]
Since I have NOTHING but time on my hands, I created another blog site at INFOSECSchool.com. This one aims a bit differently than the LeesWeblog.com. INFOSECSchool is focused on security educational information and resources. This is just the start to a much larger endeavor. Stay Tuned! Coming Soon: Blog: Protecting yourself on FaceBook My Hacker [...]
Back by popular demand! I updated the Linux STIG SRR Viewer originally released here to incorporate some of the community requests. New Features: Fancy Splash Screen (not a request, but still new) Added an POA&M export based on the DIACAP portal template. Fixed CSV output to, well, work properly Created Quickstart Instructions Outstanding issue: I [...]
The Washington Post launched Top Secret America today. Aside from the fact that there’s a lot of conjecture, this is still American media, so I’ve learned to accept it. The site is supposed to focus on the boom in intelligence spending since 9/11, which we can debate all day. However one thing in particular that [...]
I recently took (and passed) one of the most controversial IT certifications last week – the CEH – mostly because it fulfilled the DoDD 870.01 baseline certification for CND, but also because I wanted to see what this exam was all about! The last time someone posted about the CEH the comment thread was insanely [...]
There’s been a lot of talk on the island about the “Cyberwar” term and this is yet another example… The Wallstreet Journal reported that the NSA allegedly awarded a contract to Raytheon for an Information Security program called “Perfect Citizen”. The details are sketchy – as they should be – but the idea is that [...]
After trying to maintain two blogs and realizing that barely have the time for ONE blog I’ve decided to merge DaLeeMan.com into LeesWeblog.com. I tried a bunch of blog applications that help you manage multiples, but then I realized something pretty important…both of my blogs are the same… a mix of business and geek. So [...]
Fingerprinting servers for OS details has been a common practice in the hacker community for years. However, little attention has been given to the fingerprinting of the specific applications. I’m not talking about determining what server or OS you run, I want to know specifically what CMS, portal package or even what API you use! [...]
At least that’s the impression you might get if you believe everything you read. I spend quite a bit of time reading academic and business forums and inevitably I see the same misconceptions everywhere I go. As an MBA graduate (and a DBA student) I take offense to many of the comments I read, some [...]