“Fernando is a wealth of knowledge when it comes to Cyber Security / Forensics & Malware Analysis. His expertise and valuable knowledge is put to the test on the daily basis. His sounding voice has become a gold standard within his professional community, I have seen it first hand. His dedication and loyalty to professional service will take him great places, especially as he exits uniformed services. Keep up the great work “Nando”, keep setting the bar high!!”
Sign in to view Fernando’s full profile
Welcome back
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
or
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
Greater Augusta Area
Contact Info
Sign in to view Fernando’s full profile
Welcome back
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
or
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
3K followers
500+ connections
Sign in to view Fernando’s full profile
Welcome back
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
or
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
View mutual connections with Fernando
Welcome back
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
or
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
View mutual connections with Fernando
Welcome back
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
or
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
Sign in to view Fernando’s full profile
Welcome back
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
or
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
Recommendations received
1 person has recommended Fernando
Join now to viewView Fernando’s full profile
Sign in
Stay updated on your professional world
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
People also viewed
-
Aaron Miller
Albany, New York Metropolitan AreaConnect -
Nader Zaveri
Houston, TXConnect -
Matt Boyle, MBA CISSP
Information Technology Security Professional
Greater Tampa Bay AreaConnect -
Ryan Magaw
Boerne, TXConnect -
Robert Palmer
Forest, VAConnect -
Jennifer B.
Mountain View, CAConnect -
Marc Lopez
Greater Augusta AreaConnect -
Alyssa Glickman
Denver, COConnect -
Kirk Carter
Cybersecurity Professional | Penetration Tester | Instructor | Reading/Writing Enthusiast
Grovetown, GAConnect -
Patrick Garrity 👾🛹💙
Plymouth, MIConnect -
Jesse Miller
St Paul, MNConnect -
Jason Rebholz
McLean, VAConnect -
Jason Firch, MBA
Washington, DCConnect -
Ray Letteer, D.Sc.
Retired
Stafford, VAConnect -
Jose Arrieta
New Alexandria, VAConnect -
James Finlayson, JD, PhD
Intelligence Officer at U.S. Air Force/Attorney licensed in Nevada
Dayton Metropolitan AreaConnect -
Joseph Daum
Tampa, FLConnect -
Lekshmy Sankar
Denver Metropolitan AreaConnect -
Garrett Berntsen
Washington, DCConnect -
Brian M. Clark, Ed.D, PMP, RBLP-T
Director of Education @ College of Biomedical Equipment Technology | USAF Veteran
San Antonio, TXConnect
Explore more posts
-
Vincent Scott
The DoD Procurement Toolbox FAQ for Cyber is a must read for Defense Industrial Base cyber professionals. Tremendous amount of good clarifying information in there. This is also explicitly linked out of the DFARS as a place to receive more clarifying information. The last update was a few years ago. Although at first glance I do not see any huge or surprising changes, the overall document is a significant resource that should be on everyone's hot list who is implementing or assessing NIST 800-171 and CMMC.
23
1 Comment -
Tim Black, CISSP PMP TS/SCI
Since February 2024, I’ve had the incredible opportunity to pursue two industry-recognized penetration testing certifications: INE Security (FKA eLearnSecurity) Junior Penetration Tester (eJPT) and the CompTIA PenTest+. Why the interest in penetration testing? As an Army Military Intelligence and Counterintelligence officer, I’ve always been drawn to identifying vulnerabilities and understanding the associated risk. That’s the essence of penetration testing—methodically finding potential vulnerabilities and communicating risks to decision-makers to enhance an organization’s security posture. It might not be for everyone, but for me, it’s fun and offers the chance to help safeguard the confidentiality, integrity, and availability of business and people’s data. Each course was pursued deliberately and is unique for its own reasons. If you’re interested in pursuing them, here are some key takeaways from each certification: INE Junior Penetration Tester (eJPT) (https://lnkd.in/g2CTM-Ej) ------------------------------------- ------------------------------------------ ⚙ Hands-on Training... All... Day... Long: The course offers extensive hands-on training for nearly every section of the material. Students gain significant exposure to vulnerability scanners, host/port/web scanners, specialty tools, and more. Tools used include Nmap, Wireshark, Burp Suite, Metasploit, Hydra, Nessus, ZAP, and many more. ⚙ Metasploit Proficiency: The course takes you from “newb” to capable user. The INE team does an exceptional job guiding you from the initial launch to post-exploitation. The command "service postgresql start && msfconsole" will be forever etched in my mind. ⚙ Pentesting Lab Examination: Completing the material is great, but you’ve got to prove you can do it in the virtual lab exam to earn the certification. The exam runs the whole gamut to include enumerating, exploiting, and pivoting within a test lab to earn the certification. CompTIA PenTest+ (https://lnkd.in/gZEx947C) ------------------------------------------------------------------------- ⚙ Comprehensive Understanding of Penetration Testing Phases: Penetration testing is more than just exploiting vulnerabilities. A thorough pentest starts with establishing the scope and ends with test cleanup and a satisfied client. ⚙ Emphasis on Legal and Compliance Requirements: There are many legal and ethical considerations in penetration testing. CompTIA introduces these requirements in greater depth to ensure appropriate understanding. ⚙ Reporting and Communication Skills: Penetration testing is more than just “poppin’ shells”. It also requires effective oral and written communication skills which are essential for conveying risks and remediation strategies to the client. If you’re interested, just go for it. You’ll learn an incredible amount—and likely have fun in the process.
13
3 Comments -
Industrial Cyber
"The selection of security controls for DoD’s implementation of zero trust across the enterprise is based on DoD’s Zero Trust Reference Architecture, along with the DoD’s Zero Trust Strategic Principles and Tenets." https://lnkd.in/gwxqWpts #dod #cybersecurity #zerottrust #informationsecurity #defenseindustrialbase #industrialcyber #icssecurity #ics
2
-
BasisPath, Inc.
Announcement: DoD Cybersecurity Reciprocity Playbook Released The Department of Defense CIO has announced the public release of the DoD Cybersecurity Reciprocity Playbook. This essential document provides comprehensive guidance on employing cybersecurity reciprocity within DoD systems. The playbook includes: 🔍 A precise definition of cybersecurity reciprocity ⚖️ An analysis of its benefits and risks 📚 Practical use cases to demonstrate its application This playbook is a valuable resource for cybersecurity professionals engaged with DoD systems. Explore the full playbook here! #Cybersecurity #DoD #Reciprocity #InformationSecurity #DoDCIO
2
-
Rachelle Channell
Insider Threat – Reporting On Yourself My previous posts summarized SEAD 4 and the Adjudicative Guidelines, which revolve around insider threats and clearance-level adjudication. The next few posts will be about Security Executive Agent Directive 3 (SEAD 3), which covers the activities that covered individuals (people who are cleared or undergoing the clearance process) must report on themselves and on others. Today’s SEAD 3 post will go over reportable activities and situations than an individual must self-report. Some of these activities are more or less stringent dependent on security level, but for this post, they will be listed together. Activities to be reported by all covered individuals are of utmost importance and include foreign travel; foreign contacts; foreign activities (applying/receiving foreign citizenship and passports); attempted elicitation, exploitation, blackmail, coercion, or other efforts to obtain information; media contact where media seeks access to classified or protected information; arrests; bankruptcy; delinquent debt of 120 or greater days; alcohol and drug-related treatment; foreign bank accounts; involvement in foreign business; ownership of foreign property; adoption of non-US citizen children; financial anomalies (infusion of assets of $10,000 or greater); foreign national roommate; cohabitant; marriage; and change of name. Covered individuals who experience these situations should contact the company FSO. Feel free to reach out to me with any questions. #govcon #federalcontracting #ITPSO #insiderthreat #titaniuminfrastructure
7
-
Timothy Lawn, M.A.
CHINA CYBER ESPIONAGE - SugarGh0st: China-linked espionage malware found targeting diplomatic circles - Researchers at one of the largest commercial threat intelligence teams globally, Cisco Talos, have uncovered a sophisticated cyber-espionage operation targeting global diplomatic circles. - The group, dubbed “SneakyChef,” has been found to target ministries of foreign affairs and embassies spanning Africa, and Europe. Their modus operandi involves deploying “SugarGh0st,” a customized version of Gh0st RAT— a malware that has been around for over 15 years. - This remote access trojan gives the attackers unprecedented access to victim systems, allowing them to snatch sensitive diplomatic communications and intelligence. Gh0st RAT has been a popular tool of choice for state-sponsored cyber attacks. - While Cisco Talos researchers discovered SugarGh0st’s activity as early as August 2023 while observing targets in South Korea and Uzbekistan, the operation has since expanded. - Once it finds its way into a victim machine, SugarGh0st collects details about the machine, including hostname, filesystem structure, and operating system information. Remarkably, the malware can even capture screenshots and navigate between multiple windows. - Furthermore, researchers at Proofpoint recently detected SugarGh0st being used against US organizations involved in the development of artificial intelligence. This finding has led to speculation that SneakyChef’s nefarious ambitions may extend beyond traditional diplomatic espionage. - https://lnkd.in/edq3hcYZ
1
-
Gerardo Rivera
This is a great article by Tech Republic Security. I wanted to fill in some of the gaps and expand on it. Proactive and Reactive Measures 1. Use robust endpoint protection platforms. 2. Implement managed detection and response. 3. Ensure BitLocker has a strong password and securely store recovery keys. 4. Limit user privileges. 5. Enable network traffic logging and monitoring. 6. Monitor for VBScript and PowerShell execution events. 7. Make frequent backups, store them offline, and test them. Indicators of Compromise 1. Presence of a new boot partition created by shrinking all drive partitions by 100MB. 2. Renaming of boot partitions with the attacker’s email. 3. Deletion of all BitLocker key protectors. 4. Creation of a new random 64-character encryption key. 5. Transmission of the encryption key and some system information to the attacker’s server via an HTTP POST request to a randomly generated subdomain of ‘trycloudflare[dot]com.’ Best Practices 1. Maintain a complete inventory of all IT assets. 2. Conduct regular risk assessments. 3. Prioritize risk based on the assessment. 4. Monitor security metrics. 5. Evaluate and patch vulnerabilities regularly. 6. Run automated security solutions. 7. Educate employees about potential threats and safe practices. 8. Define ownership of risks within the organization. 9. Regularly analyze gaps in security controls. 10. Define key security metrics for regular monitoring.
-
Bruno Guerreiro Diniz
VULNERABILITY MANAGEMENT DOES NOT EXIST!!! Stop saying that you’re managing vulnerabilities. You should be managing Risks or Assets or both… And vulnerability is just one component of it. Assess, consider, evaluate, decide, act and that’s it. Focus where is important.
105
11 Comments -
BlackHays Group
SAFECOM Publishes 2023 SAFECOM Annual Summary Read more on the link below. #defense #sbir #military #jointwerx #cmmc #cyber #cybersecurity @jointwerx @blackhaysgroup #GovernmentContracts #InfoSec #CyberDefense #NationalSecurity #DigitalTransformation #PublicSector #Startups #TechInnovation
3
-
Kimberly Angel
In today’s digital landscape, where cyber threats are ever-evolving and increasingly sophisticated, organizations are turning to Zero Trust Architecture (ZTA) to bolster their security posture. However, implementing ZTA can often lead to concerns about potentially hampering usability. Striking a balance between robust security and a seamless user experience is essential. Join us at our next tech on tap, we can help!
10
-
Sudhir Walia
DISA Expands Thunderdome Zero Trust Program Deployment; Brian Hermann, Quoted. ExecutiveGov discusses the Defense Information Systems Agency's (DISA) expansion of the Thunderdome zero trust program. In 2023, the program was deployed to 15 sites and plans are underway to extend it to 60 more sites in 2024. The program involves four key components: 🔐 Customer security stacks 🔗 Software-defined wide area networking 📴 Secure access service edge capability, and 💯 Application security stacks. Brian Hermann, DISA's director of the cybersecurity and analytics directorate, emphasized the program's role in advancing zero trust architecture, which is crucial for organizational security. DISA has also finalized the contracting process to support the U.S. Coast Guard’s network security improvement efforts through Thunderdome. Versa Networks is at the forefront of enhancing cybersecurity with their pivotal role in DISA's Thunderdome project. Their cutting-edge solutions are setting new standards in securing our nation's digital infrastructure. For more details, you can read the full article here:-https://lnkd.in/gUJHtR6B #DISA #Thunderdome #ZeroTrust #Cybersecurity #versanetworks #channelpartners
7
-
Jacob Horne
Whether DoD and CISA learn to play nice, I don't see how DIB contractors can avoid a distinct increase in cyber incident reporting requirements The only thing a "CIRCIA Agreement" would do would limit incident reporting to one agency rather than two Current DoD incident reporting requirements orbit around CUI data CIRCIA requirements are much more broad and not limited to CUI Currently DoD contractors have incident reporting requirements under DFARS clause 252.204-7012(c): When the Contractor discovers a cyber incident that affects: - A "covered contractor information" system (handling CUI), or - The Covered Defense Information residing therein... The Contractor shall do two things: 1) Conduct a review for evidence of compromise of covered defense information, including, but not limited to: - Identifying compromised computers, servers, specific data, and user accounts This review shall also include: - Analyzing covered contractor information system(s) that were part of the cyber incident, and - Other information systems on the Contractor’s network(s) that may have been accessed as a result of the incident in order to identify compromised covered defense information, or - That affect the Contractor’s ability to provide operationally critical support; and 2) “Rapidly report” (within 72 hours) cyber incidents to DoD However, when it comes to CIRCIA, "covered incidents", critical infrastructure entities are required to report within 72 hours when they experience "substantial incidents": 1) Substantial Loss of Confidentiality, Integrity, or Availability 2) Serious Impact on Safety and Resiliency of Operational Systems and Processes 3) Disruption of Ability to Engage in Business or Industrial Operations 4) Unauthorized Access Facilitated Through or Caused by a: - Compromise of a CSP, MSP, or Other Third-Party Data Hosting Provider, or - Supply Chain Compromise The more I think about it the more the "duplication" issue is beside the point I don't see how CISA reduces the criteria for covered incidents to match the current language of DFARS 7012(c)
49
14 Comments
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore More