Category: Training

“Ultimate Cybersecurity Career” Book Bundle, from Humble Bundle!

In this book bundle from Humble Bundle, you will get 21 books, published by Packt, to improve your Cybersecurity career.

Full list of books:

  • Practical Cybersecurity Architecture
  • Enhancing Your Cloud Security with a CNAPP Solution
  • Automating Security Detection Engineering
  • AWS Certified Security – Specialty (SCS-C02) Exam Guide
  • Pentesting Active Directory and Windows-based Infrastructure
  • Ghidra Software Reverse-Engineering for Beginners
  • Resilient Cybersecurity
  • Incident Response for Windows
  • Zero Trust Overview and Playbook Introduction
  • The OSINT Handbook
  • Microsoft Defender for Identity in Depth
  • PowerShell Automation and Scripting for Cybersecurity
  • Mastering Microsoft 365 Defender
  • Effective Threat Investigation for SOC Analysts
  • Python for Security and Networking
  • Security Monitoring with Wazuh
  • Cryptography Algorithms
  • Hack the Cybersecurity Interview
  • The Ultimate Kali Linux Book
  • CISA – Certified Information Systems Auditor Study Guide
  • Adversarial AI Attacks, Mitigations, and Defense Strategies

Get the bundle now! Take advantage of this deal as this offer expires in less than one week! I already bought mine!

At the same time, you are supportting the publishers that provide books in DRM-free format!

I just completed the course: eID (Electronic Identification) and Electronic Certification

I’m happy to report I just completed the course eID and Electronic Certification, from the National Institute of Administration of Portugal (Instituto Nacional de Administração), in partnership with the National Security Cabinet of Portugal (Gabinete Nacional de Segurança).

Course outline

Module 1 – The digital world
Module 2 – Security and Reliability
Module 3 – Electronic Identification (eID)
Module 4 – Trust Services
Module 5 – National cases
Module 6 – Before and after eIDAS

Certificate

I just completed the course: CSIRT in a Box: Initial Training for Incident Response Teams!

I’m happy to report I just completed the course CSIRT in a Box: Initial Training for Incident Response Teams

CSIRT = Computer Security Incident Response Team

Course outline

Module 1 – My CSIRT
Module 2 – Incident Response
Module 3 – Coordination and Collaboration
Module 4 – Tools
Module 5 – Training
Module 6 – Audit and Forensic Analysis

Certificate

I completed my initial training at Microsoft!

I’m happy to report I have completed the intensive internal training at Microsoft, related to Microsoft Defender for Endpoint (MDE), of about 70 hours!

This means that soon I will start taking real cases from customers!

Wish me luck!

Certificate of the 1 hour assessment I just passed.

The full course outline is below:

MDE – Foundational Training – General Certificate link

  • Foundational Training – Getting started
  • Internal Tools and Customer Communication
  • Initial Scoping

MDE Lab Creation Certificate link

  • Create Your Azure Labs
  • Local Virtual Machines
  • Creating local VM’s – Hyper-V

Basic Portal overviews / General cross platform features Certificate link

  • M365 Converged Portal
  • MDE – Threat and Vulnerability Management (TVM)
  • MDE Alerting
  • MDE – Tagging and Grouping
  • Defender Antivirus – Network Protection
  • MDE – Microsoft Threat Experts
  • MDE – Response Actions
  • MDE – Indicators
  • Microsoft Defender Endpoint licensing requirements & offering plans
  • Defender for Cloud Integration, Onboarding and Offboarding
  • Action Center
  • Device inventory and Timeline
  • Basic Connectivity Information
  • Defender AV (Compatibility with 3rd party AV)
  • Malware Submissions WDSI
  • Microsoft Defender for Office Integration
  • Live Response
  • Intune Integration
  • Advanced Hunting
  • Region Reset
  • Azure Permissions + MDE RBAC
  • Suppression Rules
  • Tenant Attach
  • Device Discovery
  • Contain Device
  • EDR Network Device Discovery
  • Device Health and Compliance Report
  • False Positives
  • MDE – Troubleshooting Mode

Windows – MDE Foundational Certificate link

  • Microsoft Defender Antivirus
  • Microsoft Defender Antivirus
  • Antimalware Extension (IAAS)
  • MDE – Run Client Analyzer
  • MDE – Machine Isolation
  • MDE – Offboarding Machines
  • MDE – Client Analyzer II
  • MDE – Onboarding Machines
  • MDE – Indicators
  • Defender Antivirus – Exploit Protection
  • SCCM / SCEM Enrolment, Onboarding and Offboarding
  • Defender AV Updates
  • Defender AV – Log Collection
  • MDE – API Offboarding
  • Modern Unified Solution for 2012R2 / 2016
  • System Center Endpoint Protection logs
  • Troubleshooting SmartScreen
  • MDE – Web Content Filtering (WCF)
  • MSRT – Microsoft Safety Removal Tool
  • Defender Antivirus – Attack Surface Reduction (ASR)
  • Potentially Unwanted Applications (PUA)
  • MDE Security Configuration Management
  • Safety Scanner
  • Foundational – Controlled Folder Access (CFA)
  • MDE Troubleshooting Device Control for Windows
  • Troubleshooting Device Control for Windows
  • Automated Investigation and Response (AIR)
  • Host Firewall Reporting
  • Device Groups and Tags
  • EDR in Block Mode
  • Azure ARC (windows)
  • On / Offboarding with Group Policy

MDE Log Collection Methods Certificate link

  • MDE Client Analyzer Logs
  • Defender Log Collection
  • ASR Log Collection
  • Linux and macOS Log Collection
  • Android and iOS Log Collection

Linux – MDE Foundational Certificate link

  • MDE – Linux onboarding
  • MDE – Client Analyzer for Linux Servers / macOS
  • Configuring AV Exclusions on Linux
  • TVM on Linux
  • Running AV Scans on Linux
  • Cloud Protection – Linux
  • Managing Updates
  • Configuring AuditD Exclusions on Linux
  • Licensing – Linux
  • Configuring Network Protection on Linux
  • Deploying Defender for Linux

Mac – MDE Foundational Certificate link

  • Internal Mac Test Machines
  • MDE – macOS Onboarding

Android / iOS – MDE Foundational Certificate link

  • MDE for Android – Hands on lab
  • MDE for iOS – Hands on lab
  • Android / iOS Network Protection
  • Android / iOS Network Protection

Endpoint Protection Foundational assessment Certificate link

  • The final exam

Workshop – Reverse Engineering of Malicious Scripts on Windows

Today, as part of the C-Days Conference, I attended a very interesting Workshop, related to reverse engineering of malware, presented by a member of CERT.PT (Computer Emergency Response Team), part of the Portuguese National Cybersecurity Centre.

Description

This workshop offers a hands-on approach to reverse engineering malicious scripts on Windows systems, covering JavaScript, VBS, and Powershell. Aimed at cybersecurity technicians, this workshop ranges from static and behavioral analysis to manual deobfuscation techniques using Python. The objective is to enable participants to identify, analyze and collect IoCs of these threats, thus enabling them to mitigate what is one of the most common types of malware used as an entry vector to compromise organizations.

Contents

  • Strings static analysis with strings, pestr and FLOSS
  • Execute and deobfuscate JavaScript using SpiderMonkey
  • Powershell deobfuscation and debugging with Cyberchef and PS IDE
  • Capturing malware events by tracing AMSI
  • Layout and Data deobfuscation using Python

Certificate of participation.

Heading to C-Days 2024, Cybersecurity conference!

Its next week that C-Days 2024, the biggest Cybersecurity conference in Portugal, organized by the Portuguese National Cybersecurity Centre will happen in Coimbra, Portugal, on the 18th, 19th and 20th of June!

Under the theme of “More Prevention”, this event marks the 10 years of the Portuguese National Cybersecurity Centre, and there will be a talk “looking back” at the past and looking forward towards the future of the organization.

I’m also particularly interested in the “Reverse Engineering Malicious Scripts on Windows” Workshop, presented by Duarte Mortágua from CERT.PT!

I’m already registered for the conference, and looking forward to ti!
Anyone interested can register at the official website:
www.c-days.cncs.gov.pt

Cybersecurity Book Bundle, by Humble Bundle!

UPDATE: This bundle is no longer available!

In this book bundle from Humble Bundle, you will get 18 books related to Cybersecurity, published by Pearson, ranging from topics like CompTIA Security+, Network Security, Zero Trust Architecture, Microsoft Sentinel and Microsoft Defender for Cloud.

Full list of books:

  • CompTIA Security+ SY0-701 Cert Guide
  • Network Security
  • Zero Trust Architecture
  • Cybersecurity Myths and Misconceptions
  • In Zero Trust We Trust
  • Database and Application Security: A Practitioner’s Guide
  • Ransomware and Cyber Extortion
  • Designing and Developing Secure Azure Solutions
  • The Modern Security Operations Center
  • A Practical Guide to Digital Forensics Investigations
  • Data Breaches
  • Microsoft Defender for Cloud
  • Microsoft Sentinel
  • Effective Cybersecurity
  • Information Privacy Engineering and Privacy by Design
  • Building a Career in Cybersecurity
  • Microsoft Azure Network Security
  • Securing 5G and Evolving Architectures

Get the bundle now! It expires in less than 48 hours!