Category Archives: cyber forensics and information security

Dr. Karen Paullet presents NSF-funded research on Mobile Forensics & Security at the RMU Research & Grants Expo

paullet-nsf-grant-expoOn April 24, 2017, RMU held a Research & Grants Expo highlighting a variety of faculty research and grant projects.  All of the RMU campus was invited to attend this event.  Dr. Karen Paullet presented the Mobile Forensics and Security Project, an NSF-funded grant.  Dr. Paullet is the PI on the grant, along with Dr. Jamie Pinchot (Co-PI), Dr. Sushma Mishra (Co-PI), and Dr. Fred Kohun.  Mobile security and forensics is an underrepresented area of study that is increasingly important in our current society.  This research will advance knowledge in the field of mobile cybersecurity and mobile forensics through a train-the-trainer program for 50 faculty members from universities across the United States.  Twenty-five faculty were trained in July 2016 and the remaining half will be trained this year.  Dr. Paullet also highlighted a new online certificate offered by RMU in Mobile Forensics and Security (MFS).  This certificate is now available and you can learn more about it here: Mobile Forensics and Security Certificate Program.

Risk Assessment for TEKsystems

Top Three Skills:
1) Conduct Information Risk Assessments as assigned to the team. Request and analyze documentation necessary to perform appropriate assessment and conduct necessary interviews in order to collect and review relevant materials necessary to produce results of the assessment.
2) Clearly and concisely document and communicate risk assessment results with requestor, security architects and management, as appropriate. (Be able to be that liason between the business and technical people).
3) Conduct and formulate appropriate risk scoring, as it relates to threat, vulnerability, likelihood, impact, security controls/counter-measures, etc. (Rank risk/inherent risk score).

Looking for an individual to come in with an information security background to look at documentation, review findings, and write risk assessments. This person will act as the liason between technical people and the business as they analyze data and rank risk based on their findings. Preferred knowledge of the HITRUST framework is encouraged, not required.

Qualifications:
1) Ability to communicate with technical and non-technical people.
Apply to Brian Jendesky at bjendesk@TEKsystems.com

Cats Being Used in the IT Field

In this year’s Def Con convention this year showcase had a different twist on IT work. One that merged animals and IT working together. It sounds like a crazy combination and a highly unlikely one that would work well but it did. Gene Bransfield used his friend’s cat, he put on the cat’s color a kit that had Spark Core Wi-Fi development board and had Internet connectivity where ever the cat ended up going.

Now this may sound stupid because cats are going to wander around and do whatever they want to do. But the purpose of the experiment was to see how many people had unsecured, or weak Wi-Fi in their homes. In simple terms who could easily access their Internet just from being on their street.

When the cat was sent out, there was 23 Wi-Fi hotspots found and what they found was more interesting. Four of the networks had been completely open with no security what so ever and four using WEP rather than the WPA-2 standard. The purpose of this was to show that people need to be more aware of the fact that when it comes to Internet you have to have the right safety and protective measures when using the Internet. You never know when a cat or dog with a pack on them will be lurking around to see if you have secure Internet.

Practice Interviews for Computer-related majors with Federated Investors

Federated Investors will be on campus Monday, April 3 to conduct practice interviews specifically for Computer-related Undergraduate students. These majors include:

BS (Bachelor of Science) or BS in Information Sciences
Computer Information Systems
Cyber Forensics Info Security (Fully Online)
Cyber Forensics and Information Security
Data Analytics

Students should treat these mock interviews as real interviews, dressing professionally and researching the company. The practice interview times will be on a first-come, first-serve basis. They will be conducted in the Career and Professional Development Center (aka Career Center), which is located in Benjamin Rush, the building near the back entrance of campus.

To sign up for these interviews:

  1. Go to the ON-CAMPUS INTERVIEW tab on the top toolbar of ColonialTRAK and select ‘Sign up for Interviews or Resume Drops
  2. Select Schedule 770 / PRACTICE INTERVIEW – IS/IT/COMPUTER-related Undergraduate MAJORS ONLY- Federated Investors Company Name: Mock.
  3. Click on the ‘Sign Up‘ button centered near the top of the page.  The list of available interview times will appear.  Select the time desired for the practice interview.

Students should only sign up if they are committed to attend the practice interview. For more information, go to the ColonialTRAK website. If anyone has questions, please contact Carole Weldon at weldon@rmu.edu.

Internship Opportunity – Spanish fluency National Cyber-Forensics & Training Alliance (NCFTA)

The National Cyber-Forensics & Training Alliance (NCFTA) are looking for a candidate who is fluent in the Spanish language. As an intern, you will work with a senior analyst on specific research and data collection using various tools and applications as well as proactive research in open sources. You will also engage in collaboration with NCFTA partners and peers and be expected to participate in program meetings.

Required Qualifications 
• Must be legally authorized to work in the United States and be eligible for a U.S. Government security clearance
• Major studies in areas of consideration: International Affairs/Politics/Relations; Intelligence/Security Studies; Computer Science; Information Security; Business Intelligence or related fields. Other majors are considered on a case by case basis.
• SPANISH FLUENCY REQUIRED – Excellent Verbal and Writing Communication Skills in the Spanish Language
• Minimum GPA of 3.0

To apply for this internship, please click on the link below.

https://www.myinterfase.com/rmu/Job/Detail/b2wvYUd1dDNiaGRZbjlZcG1TWGt5ZjlaUjZGc2lHYWY3NVB4Y21OQWdQST01

New Products Inviting Hackers to Get More of Your Information

In the beginning of February, the Top Secret Colonial officers hacked into a Furby Connect. Furby Connect is a children’s toy that is now on sale. These new Furbies have a new feature that has Bluetooth connection. While it seems like a cool new product it is product along with many other children’s toys and new appliances that are putting your personal life into danger.

Most people do not realize that having that having all these products hooked up to Wi-Fi and Bluetooth connection is giving anyone access basically into your home. While these new children’s toys may be convenient and easy to keep your child entertained. They keep all this information stored every time it is being used. Hackers can end up getting your mailing address, e-mail, internet history, your birthday and even the child’s birth date, video recordings and pictures of the child or anything else. It is kind of like giving your child a camera that is on record the whole time and tracks everything you do. It is just like your cell phones, they recommend wiping your whole phone once you are done with it. It is definitely something to think about while you are connecting any devices up to unsecured networks.

Information Security Intern with Westinghouse

Westinghouse Electric is looking for an Information Security Intern. The internship will take place during the summer and will be focused around Cyber Forensics and Information Security. The initial project of the internship would be working in the company’s forensic and investigation area to consolidate systems images for archives. The intern will produce a prototype of a low cost intrusion detection system, using commercial “off the shelf” technology.

Qualifications:

  • Rising junior or senior
  • Line of study should be around Cyber Forensics and Information Security
  • Familiar with Systems and Network Administration
  • Software development background (but not an extensive developer)
  • Coursework completed in Network or Systems Administration

To apply for this internship, please send your resumes to: nolffca@westinghouse.com. The internship will take place in Cranberry Woods, PA. Students must apply by Sunday, April 30th. For more information, click here.