Think Positive Cyber

      A Dream Cybersecurity Opportunity and My Security+ Studies

      Today, I received some incredible news! My resume has been reviewed by the City of San Diego’s HR team and has officially been referred to the hiring manager! My job coach tailored my resume to highlight my qualifications for their cybersecurity roles, and now, I’m eagerly waiting to hear back. This is a dream job for me, and I can’t contain my excitement—Yay! 🎉

      This opportunity aligns perfectly with my passion for network security, cybersecurity operations, and problem-solving. If I get this job, it would be a huge step toward advancing my career in cybersecurity and IT infrastructure security. I cannot wait to hear back from the City of San Diego!

      Continuing the Momentum: Applying for More Cybersecurity Roles

      While I wait for updates, I’m staying proactive. I plan to apply for a Cyber Security role with Infozeal Solutions. Expanding my job search ensures that I’m keeping my options open and increasing my chances of landing a great role in cybersecurity.

      Diving Deeper Into Virtualization Security

      In the meantime, I’ve been continuing my CompTIA Security+ studies, and today’s focus was on Virtualization Vulnerabilities. Watching Professor Messer’s SY0-701 lesson on virtualization security, I learned about the critical risks organizations face when deploying virtual machines (VMs) in production environments.

      Here are some key takeaways from my study session:

      1. Virtual Machines Need the Same Security as Physical Machines
        • VMs can run Windows, Linux, or other OSes, and they require patching, firewalls, and security configurations just like physical devices.
        • They can be spun up and shut down rapidly, making it easy to overlook security settings.
      2. VM Escape Attacks Are a Major Concern
        • One of the biggest threats in virtualization is VM escape, where an attacker breaks out of one VM and gains control of the hypervisor or other VMs on the same system.
        • In 2017’s Pwn2Own competition, security researchers exploited a combination of a JavaScript engine bug, a Windows 10 Kernel flaw, and a VMware hardware simulation vulnerability to jump from one VM to another! VMware patched it quickly, but this proves how serious these vulnerabilities can be.
      3. Memory Management and Resource Reuse Risks
        • A hypervisor allocates resources like CPU and RAM across multiple VMs. If misconfigured, a hypervisor might incorrectly share memory between VMs, leading to potential data leaks.
        • Some VMs might even read from other VMs’ memory due to poor isolation controls, which is a significant risk in multi-tenant cloud environments.

      Looking Ahead

      As I wait to hear from the City of San Diego, I’m keeping my momentum strong by continuing my Security+ studies, applying for roles, and refining my cybersecurity skills. Whether it’s securing virtualized environments, analyzing threats, or hardening network defenses, I’m excited about the path ahead.

      🚀 Fingers crossed for the City of San Diego and my application to Infozeal Solutions! Let’s see what the future holds!