This article analyzes Darknet Diaries Episode 36, “Jeremy from Marketing,” highlighting social engineering, internal penetration testing, and insider threat risks. It examines techniques such as network enumeration, Responder credential harvesting, PowerShell reconnaissance, and the importance of monitoring tools like Sysmon and SIEM systems in detecting anomalous behavior.
Stuxnet: Cyberwarfare and the Natanz Attack
This article analyzes Darknet Diaries Episode 29, “Stuxnet,” exploring the first known state-sponsored cyberweapon to cause physical destruction. It examines the targeting of Iran’s Natanz nuclear facility, the use of zero-day exploits and stolen certificates, and the geopolitical implications of Operation Olympic Games.
ZeuS Banking Trojan & Global Botnet Takedown
This article analyzes Darknet Diaries Episode 111, “ZeuS,” examining the banking Trojan that infected millions of systems worldwide. It explores credential theft, botnet architecture, Gameover ZeuS, and coordinated takedown efforts such as Operation Tovar. The discussion highlights challenges in dismantling decentralized malware networks and the evolving threat of financial cybercrime.
Salt Typhoon: China’s Persistent Telecom Espionage Campaign
An analysis of Salt Typhoon’s state-sponsored breach of U.S. telecom
infrastructure, exposing how unpatched devices enabled large-scale Chinese espionage.
Alberto: Ethics, Extortion & Legal Risks in Hacking
This article analyzes Darknet Diaries Episode 25, “Alberto,” exploring the fine line between ethical hacking and cybercrime. It examines unauthorized access, data exfiltration, extortion allegations, and the legal consequences of operating without proper authorization. The story highlights responsible disclosure, cybersecurity ethics, and the importance of clear legal frameworks.
Darknet Diaries: Human Hacker
This assignment examines Darknet Diaries Episode 69, “Human Hacker,” highlighting real-world social engineering and physical penetration tactics. It analyzes a Jamaican bank breach, credential exploitation, network segmentation failures, and the role of multi-factor authentication. The article also explores how disguised physical access attempts demonstrate the critical importance of layered security and employee awareness training.
Linux: Lab 3 -VI Editor (VM)
This lab demonstrates hands-on practice with the VI editor in a Kali Linux virtual machine. It covers file navigation, text insertion and deletion, search commands, substitution syntax, copying and pasting lines, and file management. The assignment reinforces command mode versus insert mode operations while strengthening Linux command-line proficiency.
Digital Steganography: Hiding Secrets in Images
A hands-on lab embedding secret messages inside bitmap images using steghide, and exploring how steganography differs from cryptography in cybersecurity.
The Dual-Hat Debate: Why CYBERCOM and NSA Never Split
An analysis of why CYBERCOM and NSA never split their dual-hat leadership despite years of debate, political pressure, and national security concerns.
Olympic Destroyer Malware and Sandworm’s Cyberattack
This assignment analyzes the Olympic Destroyer malware attack on the 2018 Winter Olympics. It explores Sandworm’s tactics, including domain controller destruction, worm-like propagation, and deceptive attribution techniques. The article also examines the incident response effort by AhnLab and global threat intelligence teams to restore systems and contain the breach.
Wi-Fi Password Cracking: WEP & WPA2 Analysis
A hands-on lab using aircrack-ng and Wireshark to crack WEP and WPA2
Wi-Fi traffic, revealing how weak passwords expose entire networks to decryption.
The Human Element: Why Cybersecurity Is Never Perfect
A reflection on Mark Burnette’s TEDx talk examining how human behavior drives both cyber attacks and defenses, and why technology alone is never enough.
Shadow Brokers, NSA Exploit Leaks, & Network Security
This assignment explores foundational network operating system concepts and analyzes Darknet Diaries Episode 53 on the Shadow Brokers. It examines the leak of NSA hacking tools, including EternalBlue, and discusses the broader implications for government cybersecurity, offensive versus defensive security postures, and the global impact of exploit disclosure.
Darknet Diaries: NotPetya Attack
This article analyzes the NotPetya cyberattack as discussed in Darknet Diaries Episode 54. It examines the tools used—Mimikatz, EternalBlue, and worm-based ransomware—the strategic targeting of Ukraine, and the unintended global spread that disrupted multinational companies and critical infrastructure worldwide.
Designing the Public Sphere with Intelligification
This essay analyzes Peter-Paul Verbeek’s concept of intelligification and its impact on governance in a hyperconnected society. It explores how markets, businesses, communities, and individuals should adapt regulation and ethical design practices as state authority diminishes and smart technologies increasingly mediate public life.
Password Cracking (System Users)
This lab explores password cracking techniques across Linux and Windows systems. Using tools like John the Ripper and Cain & Abel, the assignment demonstrates dictionary and brute-force attacks on user password hashes. It highlights how weak passwords can be compromised and emphasizes the importance of strong authentication practices, secure password policies, and system hardening to defend against credential-based attacks.
Cyber Technology in Workplace Deviance
This article examines how cyber technology creates opportunities for workplace deviance, including insider threats, data exfiltration, cyberloafing, harassment, and digital sabotage. It explores how organizations mitigate these risks through Data Loss Prevention (DLP), access controls, Acceptable Use Policies, and collaboration between CISOs and Human Resources to detect and prevent insider misconduct.
Penetration Testing in Windows: Exploiting SMB Vulnerabilities
This lab demonstrates penetration testing techniques against Windows systems using Kali Linux and the Metasploit framework. The exercise includes scanning with Nmap, exploiting the MS08-067 SMB vulnerability on Windows XP, testing EternalBlue against Windows Server 2022, and generating a Meterpreter payload for Windows 7. The assignment highlights how legacy vulnerabilities, misconfigurations, and outdated systems can expose networks to remote exploitation.
Stuxnet: When a Worm Became a Weapon
This essay examines Stuxnet, one of the most sophisticated cyberweapons ever developed. The malware targeted Siemens SCADA systems controlling uranium enrichment centrifuges at Iran’s Natanz facility. By exploiting multiple zero-day vulnerabilities, using stolen certificates, and spreading through infected USB drives, Stuxnet demonstrated how cyberattacks can cause real-world physical damage to critical infrastructure.
ICS & SCADA: Securing Critical Infrastructure
This article explains Industrial Control Systems (ICS) and SCADA systems, outlining their components, workflow, and importance in managing critical infrastructure such as power grids and water systems. It examines common vulnerabilities—including legacy systems and weak network segmentation—and discusses how SCADA supports monitoring, defense-in-depth, and cybersecurity resilience.
Quantum Encryption & the Limits of Foolproof Security
This discussion explores quantum key distribution (QKD) and the idea of “foolproof” encryption. While quantum encryption may strengthen cryptographic defenses, major breaches like Equifax and Target demonstrate that operational failures—such as poor patch management and third-party risk—often cause data compromise. True cybersecurity requires both strong encryption and disciplined organizational practices.
Exploring Attacks on Availability: Rootkits
This article examines rootkits as a powerful form of attack on availability, explaining how they operate at the kernel level to evade detection and disrupt system functionality. It explores real-world examples, financial and operational impacts on organizations, and defensive strategies such as secure boot, endpoint monitoring, and external scanning for remediation.
Sword vs. Shield: Network Scanning and Firewall Security
This lab assignment covers network scanning techniques using Nmap and firewall configuration with pfSense. It explores the vulnerabilities discovered through the scanning process, such as open ports and potential exploitation, and demonstrates how configuring firewall rules can mitigate these risks. The exercise also evaluates the advantages and disadvantages of blocking ICMP traffic for network defense and operational efficiency.
The Five Laws of Cybersecurity and the Weakest Link Problem
Analyzes the Five Laws of Cybersecurity, exploring vulnerabilities, social engineering, emerging risks, and why security is only as strong as its weakest link.
The Critical Need for Cybersecurity in Today’s Economy
This essay examines the role of cybersecurity in today’s economy, highlighting its importance in protecting supply chains, critical infrastructure, and business continuity. It explores the readiness economy, workforce opportunities in cybersecurity, and the growing need for resilience against nation-state attacks and sophisticated cyber threats.
Autonomous Vehicles and Cybersecurity: Risks, Realities, and the Case for Transparency
Examines cybersecurity risks in autonomous vehicles, including remote hacking threats, regulatory oversight, and the debate over open-source transparency.
BioCybersecurity: Ethical Considerations of CRISPR Gene Editing
Ethical data handling is non-negotiable for online business. My paper explores the moral and legal liabilities of IP and user data, detailing the risks of collection, use, and security failure. Protect your brand trust and avoid lawsuits.
Traffic Tracing & Network Packet Analysis
This assignment explores traffic tracing and network packet analysis using Wireshark in a virtualized lab environment. It examines ICMP, DNS, and FTP traffic to understand packet flow, filtering techniques, response behavior, and the security risks of plaintext protocols through hands-on analysis.
Victim Precipitation in Cyber Victimization & Potential Remedies
How much does user behavior contribute to cyber losses? My paper analyzes Victim Precipitation in cyberattacks and provides proven, actionable remedies—from effective training to policy changes—to minimize your human risk factor. Full ODU analysis here!
How Linear Algebra and Probability Distributions Concepts Are Utilized in Various ML Models
This essay explains how linear algebra and probability distributions form the mathematical foundation of machine learning models. It explores how vectors, matrices, tensors, and probabilistic reasoning enable learning, prediction, and uncertainty handling in modern ML systems.
Components of a Business: What They Are & Their Relation to IT & Cybersecurity
Every component of a business—from R&D to Sales—is now digitized. This paper details how IT and cybersecurity must move from support roles to strategic partners to drive competitive advantage and control organizational risk. Download the full report!
Standing Desk Time Tracker
I built a simple Excel Standing Desk Time Tracker to create a quick, one-stop way to log standing sessions and clearly track week-to-week progress. ✅ Track up to 8 sessions/day (start/end time)✅ Auto-calculates durations + daily totals✅ Weekly summary (total hours + daily average)✅ Year-long “Master Tracking” sheet for quarterly + annual progress Excel keeps…
First Amendment Freedoms & Protections: The Cyber World and You
This paper analyzes First Amendment freedoms in the digital world, examining the roles of government institutions and private platforms in moderating misleading or harmful content. It explores legal limits on speech, platform responsibility, protest rights, and the impact of technology on democratic discourse and cybersecurity law.
“Going Dark”
The “Going Dark” debate: Should tech companies build backdoors into encrypted devices to aid law enforcement? My CYSE-406 paper analyzes the national security risks against the fundamental right to digital privacy. Where do you stand? Read my analysis!
Cybercrime: Using Psychological Theories to Understand & Prevent It
To beat cybercrime, you must understand the cybercriminal. My paper uses psychological theories—like Social Learning Theory and Rational Choice Theory—to model and predict criminal behavior. Learn how to build defenses that work.
Linux – Automation using Crontab & Scheduling Tasks
Overview of Linux crontab and task scheduling, including automated backups, user management, shell scripting, compressed archives, and recurring system tasks.
Opening & Protecting an Online Business & IP
Starting an online business? Your Intellectual Property (IP) is your most valuable asset. My ODU paper breaks down the critical steps to legally register and protect your brand, trade secrets, and customer data before you launch. Secure your future now!
Linux: Group & User Management
Overview of Linux user and group management, including account creation, permissions, ownership, access control, and best practices for secure system administration.
Hacking Humans
A zero-trust network isn’t enough. You need a human firewall. My research details the critical importance of human-centric defense, exposing how easily people are exploited in sophisticated attacks. Click for the Hacking Humans paper.
Linux: Cracking Passwords
Explores Linux password cracking concepts, including hashing, shadow files, attack methods, and how ethical testing improves authentication security.
The Threat of Deepfakes: An Overview of Human Ability to Detect Them
The biggest threat of deepfakes isn’t the AI—it’s your brain. I detail the psychological reasons (like the “seeing-is-believing” bias) why humans fail to detect these fakes. Don’t be fooled. Read the full research!
Ethernet Network Design Project
Designed a complete Ethernet network for a four-floor school with 148 Cat6 drops, a fiber backbone, VLAN segmentation, Wi-Fi 6 access points, PoE switches, and pfSense security.
Building Amazon’s Next-Generation Fulfillment Network
How did Amazon cut shipping costs & boost delivery speed? I break down the Project FC Network Initiative—the massive regionalization effort powered by network optimization, Edge Computing, and AWS cloud. See the business case for next-gen fulfillment. Read the full paper!
The CIA Triad & the AAA Framework
Dive into the essential backbone of cybersecurity. This paper breaks down the CIA Triad (Confidentiality, Integrity, Availability) and pairs it with the operational power of the AAA Framework (Authentication, Authorization, Accounting). Learn how these twin concepts form the non-negotiable foundation for securing any modern digital asset.
Building a Cybersecurity Career
Ready to break into cybersecurity? This paper maps the top career pathways—from Analyst to CISO—details the must-have certifications (CISSP, CompTIA Security+), and reveals the high-demand skills employers seek now. Download the full ODU guide!
Reducing Human Errors That Influence Data Breaches
95% of data breaches involve human error. My paper details the cognitive and organizational factors that lead to these errors and outlines technical and non-technical strategies to build a Human Firewall. Full ODU analysis here!
The Role and Necessity of the NIST Cybersecurity Framework
The NIST CSF is the gold standard for risk management. My paper breaks down the core Identify, Protect, Detect, Respond, Recover functions and explains how to integrate this framework into any organizational culture. Download the full ODU guide!
Artificial Intelligence in Digital Forensics: Opportunities, Risks, and Future Directions
Analysis of how artificial intelligence enhances digital forensics, including automation, threat detection, associated risks, and future trends in AI-driven investigations.
Determinism within Cybersecurity & Computer Hacking
An exploration of determinism in cybersecurity, examining how predictable system behavior influences hacking methods, defensive strategies, automation, and ethical considerations.
The NIST Cybersecurity Framework & the Importance of Proper Documentation
Overview of the NIST Cybersecurity Framework and why proper documentation is essential for risk management, compliance, incident response, and organizational security.
IPv6 Security: Enhancements, New Challenges, and Adoption Barriers
Explores IPv6 security enhancements, emerging challenges, and key adoption barriers, including built-in protections, deployment issues, and organizational considerations.
The Role of Baselines in Network Monitoring
Explains how baselines support effective network monitoring by establishing normal performance patterns, improving anomaly detection, security, and operational visibility
Managing Cybersecurity Change: Using Tactical Empathy to Overcome Resistance
Examines how tactical empathy improves cybersecurity change management by reducing resistance, strengthening communication, and supporting successful adoption of new security practices.
Security Polices from a CISO’s Perspective
Explores security policies from a CISO’s perspective, highlighting their role in governance, risk management, strategic decision-making, and building organizational security.
Malicious Code and Activity – Mitigation Methods
Overview of malicious code threats and mitigation methods, including detection, containment, system hardening, user awareness, and modern cybersecurity defenses.
Ransomware Mitigation Strategies for Windows Systems: Securing Servers and Endpoints
Explores ransomware mitigation strategies for Windows systems, including backups, hardening, access controls, monitoring, and endpoint protection for servers and endpoints.
Ensuring Accessibility when Implementing the CIA Triad
Examines how to preserve accessibility while implementing the CIA Triad, ensuring systems remain usable, resilient, and secure without disrupting organizational operations.
Human Factors Cybersecurity Engineering: Inclusive Design through Social Science
Explores how human factors and social science inform cybersecurity engineering, focusing on inclusive design, usability, error reduction, and stronger security outcomes.
Access Controls: Single Sign-On (SSO)
Explains how access controls and Single Sign-On (SSO) improve security and usability by centralizing authentication, reducing login friction, and strengthening identity management.
Network & Cyber Security: Tools, Costs, and Efficiency
Overview of network cybersecurity tools, comparing costs, efficiency, and how organizations evaluate firewalls, SIEMs, IDS/IPS, and other defensive technologies.
Phishing Campaigns: Protection Against Credential Theft
Explores how phishing campaigns target users for credential theft and outlines key protections including MFA, awareness training, email filtering, and zero-trust security.
IPv6 Cybersecurity Enhancements
Explores IPv6 cybersecurity enhancements, including improved routing security, built-in protections, simplified architectures, and reduced vulnerabilities compared to IPv4.
The NotPetya Cybersecurity Attack & Breach
Explains the NotPetya cybersecurity attack, how it spread, why it caused widespread damage, and the key lessons learned about resilience, segmentation, and global cyber risk.
Cybersecurity Incidents & Law Enforcement
Examines how law enforcement responds to cybersecurity incidents, including evidence collection, jurisdiction challenges, investigative processes, and interagency collaboration.
Cyber Threats vs. Cyber Attacks
Explains the difference between cyber threats and cyber attacks, how each affects risk, defense strategies, and organizational security planning.
IT Infrastructure: Internet of Things (IoT)
Examines how the Internet of Things (IoT) impacts IT infrastructure, including connectivity, automation, security risks, management challenges, and modern network requirements.
Internet of Things (IoT): Security Challenges
Explores key IoT security challenges, including weak authentication, poor patching, privacy risks, large attack surfaces, and vulnerabilities in connected devices.
Computer Security vs. Information Security
Explains the difference between computer security and information security, including their goals, scope, protective controls, and roles in organizational risk management.
Linux – Scripting
Overview of Linux scripting fundamentals, including automation, task efficiency, system management workflows, and how scripting improves technical productivity.
Linux – Storage Management
Explains Linux storage management concepts including partitions, file systems, LVM, RAID, and best practices for scalable, reliable system administration.
Linux Exercise – File Permission
Explains Linux file permission concepts, including read, write, execute rights, ownership, and how proper permission management enhances system security.
“Going Dark”
An Overview and Analysis of Former FBI Director James Comey’s Security Concerns aboutLaw Enforcement and Encryption