Cyber Frontiers

Honey Haven: Creating Research HoneyPots In the Cloud – CF038

Listen Mobile: Cyber Frontiers is all about Exploring Cyber security, Big Data, and the Technologies Shaping the Future Through an Academic Perspective!   Christian Johnson, a student at the University of Maryland will bring fresh and relevant topics to the show based on the current work he does. Please leave a REVIEW (iPhone or iPad) – ;type=Podcast&ls=1&mt=1 Support the Average Guy Tech Scholarship Fund: WANT TO SUBSCRIBE? We now have Video Large / Small and Video iTunes options at You can contact us via email at Full show notes and video at This week on Cyber Frontiers Christian and Jim take a hands on approach to standing up honeypots in the cloud! We discuss no-cost and low-cost methods for the average guy or up and coming security researchers to design and deploy basic honeypot configurations to the cloud in a safe manner. We discuss why honeypots are used in the enterprise today, how to consider safe and ethical practices when utilizing honeypots, and provide a brief introduction to analyzing data results from honey pot collection. We outline one of many example frameworks that can be safely used in a non-enterprise setting to learn how to use and leverage honeypots for personal learning or to augment enterprise network defenses. An Academic History Lesson in Honeypots: The Seminal Work Software of Choice: Kippo Basic Installation Guide [This guide loosely follows our approach, but we’ve provided our command list below as there are several deviations discussed on the show] Basic Port Configuration sudo iptables –list sudo nano /etc/ssh/sshd_config sudo systemctl reload ssh sudo -s apt-get install python-dev openssl python-openssl python-pyasn1 python-twisted apt-get install subversion useradd -d /home/kippo -s /bin/bash -m kippo -g sudo apt-get install authbind touch /etc/authbind/byport/22 chown kippo /etc/authbind/byport/22 chmod 777 /etc/authbind/byport/22 su kippo apt install python-pip Basic Kippo Install svn checkout ./kippo cd kippo cd trunk ls -lA mv pip install -Iv twisted== . cd log tail -f cat | grep “attempt” cat   | grep “login” Further Reading: Analytics and Configuration In Kippo Jim’s Twitter: #!/jcollison Contact Christian: Contact the show at Find this and other great Podcasts from the Average Guy Network at Music courtesy of Ryan King. Check out the Die Hard Cafe band and other original works at: / 
Continue Reading »
Cyber Frontiers

Cyber Exploitation with SSRF & CMS Swiss Cheese – CF037

Listen Mobile: Cyber Frontiers is all about Exploring Cyber security, Big Data, and the Technologies Shaping the Future Through an Academic Perspective!   Christian Johnson, a student at the University of Maryland will bring fresh and relevant topics to the show based on the current work he does. Please leave a REVIEW (iPhone or iPad) – ;type=Podcast&ls=1&mt=1 Support the Average Guy Tech Scholarship Fund: WANT TO SUBSCRIBE? We now have Video Large / Small and Video iTunes options at You can contact us via email at Full show notes and video at This week on Cyber Frontiers Christian and Jim delve into new approaches in Server Side Request Forgeries (SSRF) that have played an increasing role in vulnerability disclosure for common web applications such as WordPress. Before diving in, we review the BitDefender Box product, a consumer-based device to protect IoT devices and enable home security for the average guy. After wrapping up our review, we dive deep into SSRF and some of the new ways in which hackers have bypassed common protections as featured in an upcoming talk at DEFCON 25. From the deep dive we explore some of the recent malicious activity taking place on the interwebs – targeting major CMS platforms and taking advantage of some of the earlier techniques we discuss. And as the internet continues to show its similarities to swiss cheese, the internet relies on listeners like you to help stay savvy and keep your organizations and peers safe and secure.   SSRF: A New Injection Favorite of Hackers #Tsai “We propose a new exploit technique that brings a whole-new attack surface to bypass SSRF (Server Side Request Forgery) protections” Speaking of which… DEFCON 25 talks are up! July 27th – July 30th WordPress Black SEO Spam BitDefender Box $129 for the box. More funding for AI cybersecurity: Darktrace raises $75M at an $825M valuation     Jim’s Twitter: #!/jcollison Contact Christian: Contact the show at Find this and other great Podcasts from the Average Guy Network at Music courtesy of Ryan King. Check out the Die Hard Cafe band and other original works at: / 
Continue Reading »
Cyber Frontiers

On Cybersecurity and Ransomware – CF036

Listen Mobile: Cyber Frontiers is all about Exploring Cyber security, Big Data, and the Technologies Shaping the Future Through an Academic Perspective!   Christian Johnson, a student at the University of Maryland will bring fresh and relevant topics to the show based on the current work he does. Please leave a REVIEW (iPhone or iPad) – ;type=Podcast&ls=1&mt=1 Support the Average Guy Tech Scholarship Fund: WANT TO SUBSCRIBE? We now have Video Large / Small and Video iTunes options at You can contact us via email at Full show notes and video at This week on Cyber Frontiers Christian is joined by Jim to dive into news of the latest Petya Ransomware attack. We step back from the buzz around it and focus on what distinguishes ransomware from ordinary malicious code, and what data sets and resources can be used to investigate if ransomware evolves into something more than what it is today. We also discuss steps that the average consumer can take to reduce the likelihood of being impacted by these types of attacks. We also take the time to analyze profit motives, how cyber criminals target individuals and organizations, and what the future may hold for corporate responsibility in responding to these attacks. We specifically review Microsoft’s patch management strategy under Windows 10 in comparison to previous operating systems, and what some email providers are or aren’t doing to shut-down cybercrime in ways that could actually harm the consumer. After taking stock of the latest challenges in cybersecurity, we take a detour to explore major headlines regarding the billion dollar ruling the European Union handed to Google over the assertion that Google picked winners and losers for comparison and competitor shopping online. We explore the data issues for major corporations navigating international law, and how legal systems are generally struggling to keep up with the pace of technology. On Cybersecurity and Ransomware Ransomware Continues to Be Pervasive on the Cheap But is the profit worth it? Providers enter the fray of corporate responsibility University Spotlight: Analyze Malware and Ransomware Samples for yourself! Data and Legal Challenges A Preview of Our Next Show How do you feel about AV in a box?  Are security appliances in the home a good deterrent for consumers?   Jim’s Twitter: #!/jcollison Contact Christian: Contact the show at Find this and other great Podcasts from the Average Guy Network at Music courtesy of Ryan King. Check out the Die Hard Cafe band and other original works at: / 
Continue Reading »
Cyber Frontiers

Essential Cybersecurity Science with Josiah Dykstra – CF035

Listen Mobile: Cyber Frontiers is all about Exploring Cyber security, Big Data, and the Technologies Shaping the Future Through an Academic Perspective!   Christian Johnson, a student at the University of Maryland will bring fresh and relevant topics to the show based on the current work he does. Please leave a REVIEW (iPhone or iPad) – ;type=Podcast&ls=1&mt=1 Support the Average Guy Tech Scholarship Fund: WANT TO SUBSCRIBE? We now have Video Large / Small and Video iTunes options at You can contact us via email at Full show notes and video at Introduction: Josiah Dykstra – Author of Essential Cybersecurity Science Publication Date: 12/15 Book:   Interview: What was the impetus that led to the publication of this book? What are the core tenants / issues discussed? A lot of the book frames core problems in cybersecurity as being best framework through the lense of the scientific method. What aspects of the field today are scientific, and what areas are lacking in this approach? Is the scientific approach similar or different to the academic approach taken by cybersecurity researchers in major academic institutions leading in the field? How does your approach to cybersecurity overlap and/or intersect with visualizations in cybersecurity? Are data visualizations in the field difficult to make, and can they paint different insights than raw data? Topics of Conversation: Core problems in the field today. Case Study: Where does IoT fit into the model of essential cybersecurity science. How do we promote individuals to be involved in the field? Are we driving different populations of qualified individuals who know only applied cybersecurity instead of having a theoretical understanding as well?   Jim’s Twitter: #!/jcollison Contact Christian: Contact the show at Find this and other great Podcasts from the Average Guy Network at Music courtesy of Ryan King. Check out the Die Hard Cafe band and other original works at: / 
Continue Reading »
Cyber Frontiers

2017 Cybersecurity Outlook and 2016 Reflections – CF034

Listen Mobile: Cyber Frontiers is all about Exploring Cyber security, Big Data, and the Technologies Shaping the Future Through an Academic Perspective!   Christian Johnson, a student at the University of Maryland will bring fresh and relevant topics to the show based on the current work he does. Please leave a REVIEW (iPhone or iPad) – ;type=Podcast&ls=1&mt=1 Support the Average Guy Tech Scholarship Fund: WANT TO SUBSCRIBE? We now have Video Large / Small and Video iTunes options at You can contact us via email at Full show notes and video at This week on Cyber Frontiers Christian and Jim recap on how 2016 shaped up for cyber security, and whether any of our past predictions came true. Based on the headlines of this year and academic research, we discuss the outlook for 2017 and where we are likely to see flows and ebbs in the type of cyber security intrusions impacting us all. A Happy New Year to all of our Cyber Frontier listeners, and we look forward to having you with us for 2017! The world is moving towards a fully encrypted internet, slowly but surely. Malicious adversaries are already taking advantage of this in the delivery of new malware payloads. How badly are companies’ reputations impacted after a cybersecurity breach? See if you can measure for yourself by seeing how many of the below breaches you remember hearing about this year: Yahoo rounded out a year’s worth of horrendous data breaches that show we are still the same glide path for similar headlines next year. Law enforcement provided Yahoo in November 2016 with data files that a third party claimed was Yahoo user data. We analyzed this data with the assistance of outside forensic experts and found that it appears to be Yahoo user data. Based on further analysis of this data by the forensic experts, we believe an unauthorized third party, in August 2013, stole data associated with a broader set of user accounts, including yours. We have not been able to identify the intrusion associated with this theft. We believe this incident is likely distinct from the incident we disclosed on September 22, 2016. Malware is changing, and changing fast. This was one of the best examples of how IoT devices can be used to do the same old thing in new and clever ways.   Jim’s Twitter: #!/jcollison Contact Christian: Contact the show at Find this and other great Podcasts from the Average Guy Network at Music courtesy of Ryan King. Check out the Die Hard Cafe band and other original works at: / 
Continue Reading »
Cyber Frontiers

A Case Study in Webserver Malware for Admins and Users Alike – CF033

Listen Mobile: Cyber Frontiers is all about Exploring Cyber security, Big Data, and the Technologies Shaping the Future Through an Academic Perspective!   Christian Johnson, a student at the University of Maryland will bring fresh and relevant topics to the show based on the current work he does. Please leave a REVIEW (iPhone or iPad) – ;type=Podcast&ls=1&mt=1 Support the Average Guy Tech Scholarship Fund: WANT TO SUBSCRIBE? We now have Video Large / Small and Video iTunes options at You can contact us via email at Full show notes and video at This week on Cyber Frontiers Christian is joined by Jim to walkthrough new and exciting malware that had a real-world impact recently on the Maplegrove network. Christian describes the forensic process of identifying the manifestation, reverse engineering the foreign code, putting defenses in place, and triaging potential impacts. We discuss the ways in which malware like this becomes an issue for many blogger enthusiasts on extensible platforms like WordPress, and we discuss what users can do about it in addition to administrators protecting the hosting companies that run and manage your websites and data. It’s a great show that highlights real-world malware in the wild with learning points throughout. Base-64 Encoder/Decoder We discussed this being a common technique for attackers to evade signature detection by encoding their PHP files multiple times. This site will help you untangle that spider web. Malware Payload WSO is the Web Shell that eventually ends up getting deployed when the malware is successful for future command and control operations. Here’s a pretty close example of what the malware looks like unpaced from the decoder: If you aren’t inclined to view the code, checkout a user tutorial of what the actual page looks like once its loaded and in the attacker’s’ hands. (Access to security info, file manager, terminal/console, SQL, etc.). Point of Entry The subject plugin that exposed the vulnerability on a customer container: Google Analytics Counter Tracker v. WordPress Security Plugin Resources Here are some of the common solutions we discussed for tracking file system changes, detecting vulnerable versions of plugins, and more: All in One WordPress Security Centrora Security WordFence Google Authenticator (for 2FA) Jim’s Twitter: #!/jcollison Contact Christian: Contact the show at Find this and other great Podcasts from the Average Guy Network at Music courtesy of Ryan King. Check out the Die Hard Cafe band and other original works at: / 
Continue Reading »
Cyber Frontiers

Reflection on Cyber Culture: Societal Impact and Living (In)Securely In the Modern Age – CF032

Listen Mobile: Cyber Frontiers is all about Exploring Cyber security, Big Data, and the Technologies Shaping the Future Through an Academic Perspective!   Christian Johnson, a student at the University of Maryland will bring fresh and relevant topics to the show based on the current work he does. Please leave a REVIEW (iPhone or iPad) – ;type=Podcast&ls=1&mt=1 Support the Average Guy Tech Scholarship Fund: WANT TO SUBSCRIBE? We now have Video Large / Small and Video iTunes options at You can contact us via email at Full show notes and video at This week on Cyber Frontiers Jim and Christian pause to reflect on 9/11 (the day of recording), and how cybersecurity has impacted our nation’s wellbeing over the past decade. From here we branch into some of the many challenges associated with the future of information warfare, and introduce research concepts that are being pioneered for thwarting the evolving threats of our time. We uncover some interesting themes and conclude the show with a discussion of useful tools that any cyber researcher should know about for studying malware and its footprint on systems and networks. Jim’s Twitter: #!/jcollison Contact Christian: Contact the show at Find this and other great Podcasts from the Average Guy Network at Music courtesy of Ryan King. Check out the Die Hard Cafe band and other original works at: / 
Continue Reading »