Byte by Byte: My Path into Cyber

  Introduction Looking online this time at the hacker news a website I like for cyber security news articles. I find them to be clear and concise. Which is where   I found this article ( Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw ) on a vulnerability in Fortinet switches. The Vulnerability A vulnerability with a 9.3 out of 10 CVSS score, the CVE can be found here ( https://nvd.nist.gov/vuln/detail/CVE-2024-48887 ). A 9.3 CVSS score indicates a critical vulnerability with severe risks, including unauthorized access, system compromise, and service disruptions. Immediate action is crucial for mitigation. Prompt patch management is necessary to protect infrastructure integrity and safeguard clients and stakeholders who depend on secure and reliable services. The article identifies a vulnerability in the switches, where an attacker can alter the administrative password through a specifically crafted request. What is being done For...

  I chose to use Wazuh for my home lab for a few reasons. ·         Easy to use, though my last experience was uncertain. The intuitive interface ensures that even beginners can navigate the system with minimal training, although occasional uncertainties may still arise.   ·         Being a free and open source makes Wazuh an ideal solution to learn and master the basics of a SIEM. This accessibility allows individuals and organizations to experiment and develop their security monitoring skills without financial barriers.   ·         Scalable, allowing the SIEM solution to grow with my cyber needs. As your organization expands and the complexity of your cybersecurity demands increases, this SIEM solution can easily accommodate additional data sources and increased workloads.   ·         Comprehensive features, offer...