Cyber Kill Chain methodology

The “Cyber Kill Chain” methodology is a framework developed by Lockheed Martin to describe the stages of a cyberattack, from initial reconnaissance to data exfiltration.

Basically the author applied the structure of a military kill chain (F2T2EA) to information security

It helps organizations understand and detect malicious activities at various stages to improve their defensive measures. Here are the seven stages of the Cyber Kill Chain:

  1. Reconnaissance:
    • The attacker gathers information about the target organization. This can include identifying potential vulnerabilities, researching employee roles, and understanding the network structure. Footprinting
    • Social media profiling, website analysis, dns reconnaissance, phishing target identification, open source intelligence
  2. Weaponization:
    • The attacker creates a deliverable payload (e.g., malware, exploit) by coupling malicious code with a legitimate file or software. This stage involves create or obtain the actual attack tools.
    • Developing malware, embedding malware in documents, setting up exploit kits, preparing command and control servers, packaging payloads with droppers, creating delivery mechanisms (phishing email, drive-by download, malicious link…)
  3. Delivery:
    • The attacker sends the weaponized payload to the target.
    • sending phishing emails, deploying malicious link and attachments, compromised websites, delivering (for free also) USB and physical media, and so on
  4. Exploitation:
    • Once the payload reaches the target, it exploits a vulnerability to execute the malicious code.
    • exploiting software vulnerabilities, leveraging social engineering, executing malicious code (the one downloaded previously or installed with the USB or similar) or using zero-day exploits.
  5. Installation:
    • The malicious payload installs a backdoor or other persistent mechanism on the victim’s system, allowing the attacker to maintain access.
    • installing a backdoor, setting up a remote access trojans, creating a scheduled task or service, adding new user account,…
  6. Command and Control (C2):
    • The attacker establishes a communication channel with the compromised system. This enables them to issue commands, exfiltrate data, or download additional tools.
  7. Actions on Objectives:
    • The attacker achieves their goals, which can include data theft, system disruption, financial gain, or espionage. This stage involves executing the final intent of the attack, such as exfiltrating data or causing damage.

By understanding these stages, organizations can develop more effective detection, prevention, and response strategies to disrupt the attacker’s progress at various points along the kill chain.

Getting Started with Angular: Installing the Latest Version from Scratch

If you’re new to Angular and want to get started with the latest version, you’re in the right place! This guide will walk you through every step to install Angular from scratch.

What You’ll Need

  1. Node.js (includes npm): Node Package Manager (npm) is necessary for installing Angular and its dependencies.
  2. A code editor: Visual Studio Code is popular and free, but feel free to use any editor you prefer.

Step 1: Install Node.js and npm

Angular requires Node.js and npm. Here’s how to get them:

  1. Go to the Node.js website: https://nodejs.org/
  2. Download and install Node.js: Choose the “LTS” version (recommended for most users).
  3. Verify the installation: Open a terminal (Command Prompt on Windows, Terminal on macOS or Linux) and type:
    node -v
    If Node.js is installed, it will show a version number.
    Next, check for npm:
    npm -v
    You should see a version number if npm is installed.

Tip: npm comes with Node.js, so installing Node.js automatically installs npm.

Step 2: Install the Angular CLI

Angular CLI (Command Line Interface) is a tool to manage Angular projects, create new applications, and run them.

  1. Open your terminal.
  2. Run the following command to install the Angular CLI globally:
    npm install -g @angular/cli

Note: Adding -g installs Angular CLI globally, meaning you can use it from any location on your computer. And most probably you need “sudo” permission to do it.

  1. Verify the installation:
    ng version
    This command should show the Angular CLI version if it’s installed correctly.

Step 3: Create a New Angular Project

Now that the Angular CLI is set up, let’s create a new Angular project.

  1. Choose a location in your terminal where you want to create the project.
  2. Run the following command:
    ng new my-first-angular-app
  3. Follow the prompts:
    • Angular will ask if you’d like to add Angular routing. Type y (for “yes”) if you want to use routing (you can add it later if you’re not sure).
    • Then, select CSS as your preferred stylesheet format (you can choose another option, but CSS is the most common).

Angular will generate a new project with the necessary files and folders.

Step 4: Navigate to Your Project and Start the Development Server

  1. Navigate into your new project directory:
    cd my-first-angular-app
  2. Start the Angular development server:
    ng serve
    or
    npm start
    These commands compile the app and launches a local server.
  3. Open your browser and go to http://localhost:4200.
    You should see the default Angular welcome page.

Tip: The Angular development server automatically reloads the page when you make changes to the code.

Step 5: Explore the Project Structure

Here are a few important files and folders to be aware of:

  • src/app: This folder contains all of your application’s code.
  • src/app/app.component.ts: This file contains the main component of the application.
  • src/app/app.module.ts: This file declares which components are part of your app.
  • angular.json: This configuration file tells Angular how to build and serve your project.

Next Steps

Now that you’ve successfully installed Angular, you can start building components, services, and other features that make Angular a powerful framework for creating dynamic web applications. Here are a few ideas for what to learn next:

  • Components: Understand how Angular components work.
  • Routing: Set up navigation between different parts of your app.
  • Services and Dependency Injection: Learn how to manage data across your application.

Happy coding! Remember, practice is key, and don’t hesitate to reach out with questions as you learn.

How to Rollback a Git Push and Revert to a Previous Commit: A Guide

When working with Git, it’s common to accidentally push changes to the remote repository that you might want to undo. Fortunately, Git provides several methods to roll back a git push and revert to a previous commit. In this guide, we’ll walk through the steps to achieve this, ensuring that your repository stays clean and up to date.

The first step in rolling back is identifying the commit you want to revert to. You can do this by using the git log command. This command displays a list of previous commits, allowing you to locate the specific commit hash (a unique identifier) that corresponds to the version you want to revert to.

git log

Look through the log and copy the hash of the desired commit (e.g., abc1234).

Once you have the commit hash, you can reset your local repository to that commit. The git reset command offers different options, but to completely revert your repository and discard any changes, you’ll want to use the --hard flag. This ensures that the index and working directory are updated to match the target commit.

git reset --hard abc1234

This command will reset your repository to the state of the commit abc1234, including both tracked and untracked changes.

Since you’ve already pushed the unwanted commits to the remote repository, a regular git push won’t work. To synchronize your local repository with the remote one, you need to perform a forced push. This action rewrites the history in the remote repository to match your local one.

git push origin HEAD --force

The --force flag tells Git to overwrite the remote history with your local changes. Be careful when using this option, especially if other collaborators are working on the same branch, as it can remove commits they might depend on.

If you want to keep the Git history intact but undo the changes introduced by a specific commit, consider using git revert. This command creates a new commit that undoes the changes from a previous commit, without rewriting the commit history. Here’s how you can use it:

git revert abc1234

This command will create a new commit that effectively reverses the changes made in abc1234. This method is safer when working in a collaborative environment, as it avoids rewriting the history and minimizes the risk of conflicts.

Key Considerations

  • Use --force with caution: A forced push can overwrite the remote history, which can impact other developers working on the same branch. Always communicate with your team before using this option.

  • Consider git revert: When working in a shared repository, using git revert instead of git reset might be the safer choice, as it doesn’t rewrite the commit history.

  • Backup important work: Before making any destructive changes, consider creating a backup branch with git branch backup-branch-name to ensure you have a safety net.

Rolling back a git push and reverting to a previous commit can be achieved through various methods, depending on the complexity of the situation and the collaboration model in your team. Using git reset with a forced push is effective for quick fixes, while git revert is ideal for keeping the commit history clean and intact.

Whether you’re a beginner or an advanced Git user, mastering these rollback techniques is essential for effective version control in your projects.

Development checklist

The idea behind the following checklist is to ensures that all development tasks are properly documented, reviewed, and tested, maintaining a high standard of quality and clarity throughout the project

Guidelines for Development

  • Version Control:
    • Ensure that all changes are pushed to the appropriate branch following the branching strategy.
    • Commit changes regularly and use descriptive commit messages.
    • if it’s a UI change, or a new script, then update release page with the new ui branch to deploy or the script to execute for each env
  • API Integration Documentation in Confluence:
    • Provide a detailed description of any web service integration or Kafka events (see Mandatory Documentation section).
    • Include examples of request payloads and response payloads (see Mandatory Documentation section).
    • Document any callback responses, if applicable (see Mandatory Documentation section).
    • Provide an example of events sent or received, specifying their structure and content (see Mandatory Documentation section).

Code Review

  • Submit Code for Review:
    • Ensure that all implemented features and fixes are submitted for code review through the project’s code review tool.
  • Review Checklist:
    • Check for code efficiency, performance, and readability.
    • Ensure that the code is secure and free of vulnerabilities.
    • Confirm that appropriate test coverage is included (unit tests, integration tests, etc.), and not waiting for testers bugs 🙂
    • Validate that all required documentation has been created or updated in Confluence.
  • Feedback Implementation:
    • Address all feedback received during the code review.
    • Make necessary changes and update the code accordingly.
    • Resubmit the code for further review if required.

Testing and Validation

  • Unit Testing:
    • Create unit tests for all new functions or classes implemented.
    • Ensure that all unit tests pass before marking the task as complete.
  • Integration Testing:
    • Develop integration tests for any new integrations (APIs, services, Kafka events).
    • Confirm that the integration works as expected in the testing environments.
  • End-to-End Testing:
    • Execute end-to-end tests to validate the complete workflow and user interactions.
    • Ensure that all tests pass without errors or issues.

Mandatory Documentation in Confluence

  • API/Web Service Integration:
    • Include a detailed example of a request (JSON or XML format) and the corresponding response.
    • Provide an example of the callback response, if applicable.
    • Document the structure and content of any Kafka events sent or received, including headers and payload.
  • Diagrams:
    • Sequence Diagram: Create at least one sequence diagram to illustrate the interaction flow between different components or services for each user story.
    • Architectural Diagram: Develop an architectural diagram to show the system’s structure, highlighting how the new features or integrations fit into the existing architecture.
Checklist for Clear Task Definition

The task has to be ready to be started only when all the conditions below have been verified.
This in order to oblige the developer to understand what he/she needs to implement.
Many times developers start working on tasks without knowing what is the context and why what they do is needed.

  1. Task Description
    • Does the task have a clear and concise description that explains its purpose and expected outcome?
    • Are all necessary details provided to understand the task’s context (e.g., links to documentation, technical specifications, etc.)?
  2. Objectives and Expected Outcomes
    • Are the task’s objectives specifically and measurably defined?
    • Does the task have clear acceptance criteria that define when it can be considered “completed”?
  3. Priority and Dependencies
    • Is the task’s priority clearly indicated (e.g., high, medium, low)?
    • Are the task’s dependencies listed (i.e., other tasks or requirements that must be completed first)?
  4. Assignment and Responsibility
    • Is the task owner aware of their assignment and has accepted the task?
  5. Deadline and Timing
    • Does the task have a defined deadline or timeframe for completion?
    • Has the deadline been agreed upon with the task owner?
  6. Resources and Support
    • Are all necessary resources (documents, access, tools, etc.) listed to complete the task?
    • Has someone been identified to provide support or clarification if needed?
  7. Fixed Version Number
    • Has the fixed version number been specified in which the task will be resolved or implemented?
  8. Risks and Mitigations
    • Have potential risks or obstacles been identified that could prevent task completion?
    • Are there mitigation strategies in place to handle potential problems?
Introduction to TOGAF 10: Essential Guide for IT Professionals

Welcome to the Nc6 blog, where we dive deep into the tools and frameworks that can elevate your career as an IT architect. Whether you’re already working in enterprise architecture or looking to break into the field, understanding TOGAF 10 could be the key to unlocking new opportunities and improving your effectiveness on the job.

TOGAF 10, the latest version of The Open Group Architecture Framework, is more than just a buzzword in the IT industry. It’s a comprehensive methodology that helps organizations design, plan, and manage their IT architecture in alignment with business objectives. For IT architects, mastering TOGAF 10 means being able to provide strategic value, ensuring that IT initiatives directly contribute to the business’s success.

Key Benefits of TOGAF 10 for IT Architects:

  • Strategic Alignment: TOGAF 10 ensures that IT strategies are fully aligned with business goals, which is crucial for IT architects who need to bridge the gap between technical solutions and business needs.
  • Career Advancement: For aspiring IT architects, a TOGAF certification is a strong credential that can help open doors to senior roles. For current architects, it’s a way to validate and enhance your skills with the latest industry standards.
  • Comprehensive Framework: TOGAF 10 provides a structured approach to architecture development, offering best practices, tools, and methodologies that can be adapted to any organization.

 

If you’re wondering whether TOGAF 10 is worth your time, consider this: IT architects are increasingly required to not only understand technology but also to drive business outcomes through effective architecture. TOGAF 10 equips you with the knowledge to do just that.

This introduction is just the beginning. We’ll be releasing more content that dives deeper into how TOGAF 10 can be applied in real-world scenarios, what the certification process involves, and how you can leverage this framework to enhance your career.

Question 1:
What does TOGAF stand for?
A) Technical Organization of General Architecture Framework
B) The Open Group Architecture Framework
C) The Operational Guide for Architectural Foundations
D) Total Operational Guidelines for Architecture Frameworks

Question 2:
Which of the following is a key benefit of using TOGAF 10 for IT Architects?
A) It provides a rigid structure that cannot be customized
B) It focuses solely on the technical aspects of IT
C) It helps align IT strategy with business objectives
D) It is only applicable to small organizations

Question 3:
TOGAF 10 is most relevant to which of the following roles?
A) Software Developers
B) Database Administrators
C) IT Project Managers
D) Enterprise Architects

Question 4:
What is one of the primary focuses of TOGAF 10?
A) Hardware design
B) Network administration
C) Architecture Development Method (ADM)
D) Graphic user interface (GUI) design

Question 5:
Why might an IT Architect consider getting TOGAF 10 certified?
A) It’s a widely recognized credential that can advance their career
B) It’s only useful for entry-level positions
C) It’s a requirement for all IT roles
D) It has no practical application in real-world scenarios

Correct Answers:
1B – 2C – 3D – 4C – 5A

Our short video below provides an introduction to TOGAF 10, highlighting what it is, why it matters, and how it can help you in your role as an IT architect.