Wyatt Tauber
Image for post
Image for post

I created a tool to identify and generate common typos for popular Bitly links to prevent them from being used by scammers.

The free URL shortener is a convenient internet feature that frequently goes against basic tenets of information security training: only click links that you recognize, are expected to receive, and are owned by a company or service you trust. Despite this, popular free link shortening services process millions of new links and clicks .

Don’t get me wrong: URL shorteners are definitely useful and can be very safe when used properly (more on that later). They make…


Image for post
Image for post
The CASP+ is CompTIA’s advanced-level certification for technical cybersecurity professionals.

Today I’ll be reviewing the exam, which validates candidates’ ability to implement technical solutions within cybersecurity policies and frameworks. The exam covers advanced-level concepts in risk management, enterprise security operations, architecture, security integration, research, and collaboration.

Exam Information

The CASP+ CAS–003 exam contains five weighted sections:

  • 19% Risk Management — business and industry influences, policies and procedures, risk mitigation strategies, risk metrics
  • 25% Enterprise Security Architecture — network security components, host security components, mobile and small form factor device security, software vulnerabilities and controls
  • 20% Enterprise Security Operations — security assessments, incident response, forensics, and tools…


Image for post
Image for post

Dear customer. Your Account Has Been Blocked. Please check your account information by clicking the link below.

At this point, we’re all used to receiving a few (if not tens or hundreds of) scam emails a week. Modern email services do an outstanding job of keeping these messages relegated to the spam folder through , , and authentication. Still, a message or two will slip through on occasion. Such was the case when I found the following email in my inbox about a week ago.


Image for post
Image for post
The GIAC Incident Handler certification validates a practitioner’s ability to detect, respond, and resolve computer security incidents using a wide range of essential security skills.

Today I’ll be reviewing and its accompanying certification, the . SEC504 is a 6-day course that teaches step-by-step processes for incident response, how attackers undermine systems, detection and response strategies, and how to discover holes in computer systems and networks before the bad guys do.

The course leads up to the GCIH exam, which tests the knowledge needed to manage security incidents by understanding attack techniques, vectors, and tools, and how to defend against and respond to such attacks when they occur.

Exam Information

The GCIH covers a wide…


The Department of Energy CyberForce logo
The Department of Energy CyberForce logo
CyberForce is a workforce development competition that focuses on the defensive/hardening nature of energy cyberinfrastructure.

The is an annual red/blue team competition hosted by a coalition of national laboratories, government organizations, and industry sponsors. The fourth annual competition was held online on the weekend of November 14th and focused on defending cyber-physical energy infrastructure while simulating realistic utilities, users, anomalies, and constraints.

Over 180 blue team members were responsible for patching, maintaining, and recovering vulnerable infrastructure, while red team volunteers actively exploited these vulnerabilities to disrupt operations. The CyberForce competition also added a green team — volunteers that simulate users and verify the uptime and accessibility of business applications — and…


MetaCTF logo in front of a computer screen
MetaCTF logo in front of a computer screen
MetaCTF held its annual CyberGames competition on the weekend of October 24th.

This post is a collaborative effort between myself, Connor C., Tim E., and Tilden W. Together, we represented Northeastern University, the University of Cincinnati, the Rochester Institute of Technology, and the University of Virginia. Thanks for a great time, guys!

is an annual cybersecurity Capture The Flag (CTF) event, hosted online this year due to the COVID-19 pandemic. Teams of four from across the world, composed of students and non-students alike, competed in the event for a total prize pool of $5000. The 24-hour event began on October 24 at noon EST. …


Logos for conINT, The Many Hats Club, Trace Labs, and NCPTF
Logos for conINT, The Many Hats Club, Trace Labs, and NCPTF
The inaugural conINT Intelligence Conference was held on October 17th and 18th, 2020.

is a two-day INTelligence conference and fundraising event hosted by The Many Hats Club, Trace Labs, and the National Child Protection Task Force (NCPTF). Held live on Twitch this year, attendees had the opportunity to develop intelligence acquisition and analysis skills, learn about digital investigation, and more with the first full day of presentations and hands-on technical workshops. The second day of conINT allowed attendees to apply these skills by assisting international law enforcement agencies in locating missing persons from real cases using OSINT techniques during the six-hour Trace Labs OSINT Search Party CTF.

Trace Labs

is a nonprofit…


Image for post
Image for post
The Cisco Certified CyberOps Associate focuses on operational skills and knowledge needed in security operations centers.

Today I’ll be taking a look at the exam, an entry-level exam designed to validate the day-to-day tactical knowledge and skills that Security Operations Center (SOC) teams need to detect and respond to cybersecurity threats. The exam covers knowledge and skills related to security concepts, security monitoring, host-based analysis, network intrusion analysis, and security policies and procedures to help teach the essentials of preventing, detecting, and responding to incidents and breaches.

Exam Information

The CyberOps Associate’s corresponding exam is Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS 200–201), taken at one of Pearson VUE’s testing centers available worldwide (and online…


Image for post
Image for post
The CompTIA PenTest+ is a basic penetration testing certification emphasizing planning, scoping, and reporting on offensive engagements.

Today I’ll be reviewing the , a basic penetration testing certification with an emphasis on planning, scoping, and reporting on offensive engagements. The exam covers the knowledge and skills related to security concepts, security monitoring, host-based analysis, network intrusion analysis, and security policies and procedures to help teach the essentials of preventing, detecting, and responding to incidents and breaches.

Exam Information

The PenTest+ PT0–001 exam contains four weighted sections:

  • 15% Planning and Scoping — policies and procedures, legal concepts, contract types, and rules of engagement
  • 22% Information Gathering and Vulnerability Identification — vulnerability scanning and enumeration, exploit identification, identifying and…


Image for post
Image for post
The RIT Computing Security Lab

In RIT’s Computer System Forensics class, students learn basic incident response procedures as well as methods to uncover and investigate the activities of computer users. Students also learn to employ activities needed to gather and preserve evidence to be presented in court cases. Some of the concepts discussed in class are incident response reporting, forensic imaging, Linux and Windows file systems and steganography.

While the class is well-designed and the concepts presented are highly applicable, assignments and labs can grow a bit stale because the two professors that regularly teach the class are actively involved in research. Such was the…

Wyatt Tauber

DFIR, CTFs, disinformation, STEM education, and pretty much anything else that comes to mind. RIT Computing Security ’22.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store