Webinars
- SANS – Transition to Cyber Security From a Non-Cyber Role: Creative Ways to Impress to Land Your Dream Cyber Role
- Inside (ISC)2 – Quarterly Board Update Q1 2023
- Addressing the Cyber Skills Gap – Bec McKeown will explore the cyber skills gap from both perspectives – as well as talking more broadly about the issues around generating and retaining talent and what the future cybersecurity workforce might look like.
Articles
- NIST Picks IoT Standard for Small Electronics Cybersecurity – NIST announces that it will use Ascon as a cryptography standard for lightweight IoT device protection.
- Toyota Global Supply Chain Portal Flaw Put Hacker in the Driver’s Seat – The automaker closed a hole that allowed a security researcher to gain system administrator access to more than 14,000 corporate and partner accounts and troves of sensitive data.
- Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide – 2 year old patch was not applied on thousands of servers.
- LockBit ransomware gang claims Royal Mail cyberattack – forced the company to halt its international shipping services due to “severe service disruption.”
- Crypto Drainers Are Ready to Ransack Investor Wallets – Cryptocurrency drainers are the latest hot ticket being used in a string of lucrative cyberattacks aimed at virtual currency investors.
- Reddit cyberattack let hackers steal source code and internal data – hackers used a phishing lure targeting Reddit employees with a landing page impersonating its intranet site. This site attempted to steal employees’ credentials and two-factor authentication tokens.
Podcasts
- Chat-GPT Seinfeld, QNAP, Google FI, Headcrab, Banner, GoodRx, Oracle, & GoAnywhere – SWN #271 – Security News Doug Chides: Chat-GPT, QNAP, Google FI, REDIS, Headcrab, Banner, GoodRx, Oracle, GoAnywhere, & more!
- Malicious Life 206 – The (Other) Problem with NFTs
- Smashing Security 307: ChatGPT and the Minister for Foreign Affairs
- Security Now 909 – How ESXi Fell – EU Internet Surveillance, QNAP returns, .DEV is always HTTPS
Projects
TryHackMe – Completed the “Walking and Application Room”
PluralSight Learning
Risk Management and Information Systems Control: Risk and Control Monitoring and Reporting – 48m – Addresses the risk management lifecycle.