Weekly Cybersecurity Wrap-up 9/25/23

Webinars

I’m studying for the Security+ right now. This was a good overview, but I think anyone with any technical background can skip directly to the Security+.

I’ll watch anything with Rachel Tobac in it. She is a master of social engineering!

This certificate looks like it would be worth while to do after the Security+ as it covers CISSP a lot and I’ll need lots of time to review the topics for that more difficult certificate.

Articles

Podcasts

  • CyberWire Daily – Ep 1914 | 9.26.23 – Crooks phish for guests; spies phish for drone operators. ZenRAT is used in an info-stealing campaign. More MOVEit-related incidents (some involving Cl0p). DeFi platforms hit. The UK hunts forward.
  • CyberWire Daily – Ep 1916 | 9.28.23 -Buckworm APT’s specialized tools. Cyberattack against Johnson Controls. Oversight panel reports on Section 702. Cyber in election security, and in the US industrial base. Hacktivism versus Russia.
  • CyberWire Daily – Ep 1917 | 9.29.23 – Malicious ads in a chatbot. A vulnerability gets some clarification. Cl0p switches from Tor to torrents. Influence operations as an adjunct to WMD. And NSA’s new AI Security Center.
  • Smashing Security 341: Another T-Mobile breach, ThemeBleed, and farewell Naked Security

Projects

TryHackMe – SOC Level 1(75 % Complete): Windows Forensics 2 – In Progress