howtoithttps://howtoit.org/Recent content on howtoitHugoenWed, 03 Jun 2026 00:00:00 +0000Building a physical security monitoring system — and what it taught me about SOC workhttps://howtoit.org/posts/unifi-surveillance-deployment/Wed, 03 Jun 2026 00:00:00 +0000https://howtoit.org/posts/unifi-surveillance-deployment/How I designed and deployed an 11-camera 4K Unifi surveillance system with AI detection across a 40-room nonprofit facility — and why the lessons map directly to security operations.TeamPCP published their own malware on GitHub — with an instruction manualhttps://howtoit.org/posts/shai-hulud-open-source/Fri, 29 May 2026 00:00:00 +0000https://howtoit.org/posts/shai-hulud-open-source/On May 12, TeamPCP posted the full source code for the Shai-Hulud worm to GitHub under the MIT license. Copycat actors were forking it within hours. Here&#39;s what happened and what it means.How a poisoned VS Code extension breached GitHub — and the npm attack that started it allhttps://howtoit.org/posts/teampcp-supply-chain-attack/Thu, 21 May 2026 00:00:00 +0000https://howtoit.org/posts/teampcp-supply-chain-attack/A breakdown of the TeamPCP supply chain campaign — from the TanStack npm compromise to the Nx VSCode extension that breached 3,800 GitHub internal repositories.How I built this site for free (and how you can too)https://howtoit.org/posts/about/Thu, 07 May 2026 00:00:00 +0000https://howtoit.org/posts/about/A beginner-friendly guide to building a free cybersecurity blog using Hugo and GitHub Pages — no coding experience required.How to actually make a strong password (and why most advice is wrong)https://howtoit.org/posts/password-strength/Thu, 07 May 2026 00:00:00 +0000https://howtoit.org/posts/password-strength/Most password advice focuses on complexity rules that don&#39;t work. Here&#39;s what actually makes a password hard to crack.About Mehttps://howtoit.org/about/Mon, 01 Jan 0001 00:00:00 +0000https://howtoit.org/about/<h2 id="hey-im-daniel">Hey, I&rsquo;m Daniel</h2> <p>I&rsquo;m a cybersecurity analyst based in Winston-Salem, NC. I graduated from UNC Pembroke in December 2025 with a BS in Computer Science (Cybersecurity concentration) and hold CompTIA Security+ and CySA+ certifications.</p> <p>I&rsquo;m not a purely academic candidate. Last summer I interned at North Carolina&rsquo;s Electric Cooperatives — a NERC CIP-regulated utility — where I worked on real security operations: monitoring SIEM alerts via CrowdStrike Falcon and ArcticWolf MDR, deploying Tenable Nessus across the fleet, co-authoring security policies, and responding to an active Tycoon2FA phishing campaign that targeted employees. That response involved pulling affected users from SIEM, reverse-engineering the obfuscated HTML payload, tracking how the attack evolved across multiple waves, and recommending full containment — laptop disposal, account deletion, and rotating the company&rsquo;s email format to block the attacker from re-targeting.</p>