There are a lot of different fields within cybersecurity. How do you know which one is right for you. Many people will tell you this is one of the first steps to do. It is important in order to apply for the right jobs for you. SANS has created a tool to help identify what roles would be right for you and define where your strengths are. Here is a sample of what mine looks like:

Webinars

• Hacker’s Guide to VIP Security – Rachel Tobac
• API Security Best Practices in the Hybrid, Multi-Cloud Digital World – The challenges of API security in a hybrid, multi-cloud digital world, How to get a handle on API and tool sprawl, Insights on trends and solutions for API security
• Proofpoint: Getting Started with Insider Threats

Articles

• Shein’s Android App Caught Transmitting Clipboard Data to Remote Servers – Fast fashion seller has already fixed with a new version.
• Police Raid Rounds Up Core Members of DoppelPaymer Ransomware Gang – This is the latest in a line of law-enforcement actions busting up the ransomware scene.
• Acer confirms breach after 160GB of data for sale on hacking forum – threat actors hacked a server hosting private documents used by repair technicians.
• Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears – More than 4% of employees have put sensitive corporate data into the large language model, raising concerns that its popularity may result in massive leaks of proprietary information.
• Ransomware gang posts video of data stolen from Minneapolis schools – The Medusa ransomware gang is demanding a $1,000,000 ransom from the Minneapolis Public Schools (MPS) district to delete data allegedly stolen in a ransomware attack.
• FBI investigates data breach impacting U.S. House members and staff – The FBI is investigating a data breach affecting U.S. House of Representatives members and staff after their account and sensitive personal information was stolen from DC Health Link’s servers.
• Bitwarden flaw can let hackers steal passwords using iframes – Bitwarden’s credentials autofill feature contains a risky behavior that could allow malicious iframes embedded in trusted websites to steal people’s credentials and send them to an attacker.
• AT&T alerts 9 million customers of data breach after vendor hack – AT&T is notifying roughly 9 million customers that some of their information was exposed after a marketing vendor was hacked in January.
• Inside Threat: Developers Leaked 10M Credentials, Passwords in 2022 – More than five out of every 1,000 commits to GitHub included a software secret, half again the rate in 2021, putting applications and businesses at risk.

Podcasts

• Security Now 912 – The NSA @ Home – Hosted by Steve Gibson, Leo Laporte LastPass hack details, Signal says no to UK, more PyPI troubles, QNAP bug bounty
• Smashing Security 311 – TikTok, wiretapping, and your deepfake voice is your password
• Security Now 913 – A Fowl Incident, Hosted by Steve Gibson, Leo Laporte, DDoS’ing Fosstodon, Strategic Objective 3.3, CISA’s Covert Red-Team

Projects

Splunk – Using Fields

Webinars

• ChatGPT – good or evil? AI impact on cybersecurity – the business community is concerned about the AI’s potential to change the game for cyber criminals and wreak havoc in the world of defense organizations. Should businesses soon expect a wave of even more advanced cyber-attacks or simply more attacks? Will current cybersecurity solutions be enough? Or will ChatGPT instead provide cybersecurity specialists with more efficient and smarter defensive and threat hunting tools?
• Splunk Training – As part of its $100 million Splunk Pledge, Splunk has committed to supporting nonprofit organizations that provide skills training to individuals from communities that have been traditionally underrepresented in the technology industry. It is our hope that the Splunk training you receive through WSC helps prepare you for a successful career in our increasingly data-driven economy.

Articles

• Stanford University discloses data breach affecting PhD applicants – a data breach after files containing Economics Ph.D. program admission information were downloaded from its website between December 2022 and January 2023.
• LassPass breach: Hackers put malware on engineer’s home computer to steal their password – The fallout from the LastPass hack continues, with the company revealing attackers gained access by hacking a senior engineer’s home computer.
• US Marshals Service Hit By Major Ransomware Attack – In response to the ransomware attack, the Marshals Service disconnected the affected system, and the Department of Justice initiated a forensic investigation.
• ‘Hackers’ Behind Air Raid Alerts Across Russia: Official – Russian authorities said that several television and radio stations that have recently broadcast air raid alerts had been breached by hackers.
• Hackers Claim They Breached T-Mobile More Than 100 Times in 2022 – Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests.
• Dish Network confirms ransomware attack behind multi-day outage – Satellite broadcast provider and TV giant Dish Network has finally confirmed that a ransomware attack was the cause of a multi-day network and service outage that started on Friday.
• Critical Vulnerabilities Allowed Booking.com Account Takeover – Booking.com recently patched several vulnerabilities that could have been exploited to take control of a user’s account.
• Critical Flaw in Cisco IP Phone Series Exposes Users to Command Injection Attack – CVE-2023-20078, is rated 9.8 out of 10 on the CVSS scoring system and is described as a command injection bug in the web-based management interface arising due to insufficient validation of user-supplied input.
• Chick-fil-A confirms accounts hacked in months-long “automated” attack – Chick-fil-A has confirmed that customers’ accounts were breached in a months-long credential stuffing attack, allowing threat actors to use stored rewards balances and access personal information.

Podcasts

• Smashing Security: 310: Verified blue ticks and horny AI chatbots
• Security Now 911 – A Clever Regurgitator – GoneDaddy, Section 230, NPM malware, Hyundai Kia mess, Meta Verified

Projects

Splunk – Pursuing Splunk Certified User Certificate

• Completed What is Splunk Training
• Completed Intro to Splunk Training

Pluralsight – Introduction to Information Security (2:53)

Alyssa Miller is a CISO at Epiq. She has been in the cyber security industry for 15 years. She has created 28 days of helpful youtube videos covering how to get hired in the cyber security field. You can find the playlist here and the below video is an introduction.

Articles

• Microsoft Outlook flooded with spam due to broken email filters – Outlook inboxes have been flooded with spam emails because email spam filters are currently broken.
• Sensitive US military emails spill online – A government cloud email server was connected to the internet without a password
• Insider Threats Don’t Mean Insiders Are Threatening – By implementing tools that enable internal users to do their jobs efficiently and securely, companies reduce insider threat risk by building insider trust.
• Data center logins for Apple and others obtained by hackers; could have facilitated physical access – They were also able to access surveillance cameras remotely, and the privileges they had could even have allowed physical access to servers.
• NSA shares guidance on how to secure your home network – A good article for all those now working from home
• TELUS investigating leak of stolen source code, employee data – Canada’s second-largest telecom, TELUS is investigating a potential data breach after a threat actor shared samples online of what appears to be employee data
• Student Medical Records Exposed After LAUSD Breach – “Hundreds” of special education students’ psych records have turned up on the Dark Web. School records like these are covered by FERPA, not HIPAA, so parents have little recourse.
• Pirated Final Cut Pro for macOS Offers Stealth Malware Delivery – The number of people who have made the weaponized software available for sharing via torrent suggests that many unsuspecting victims may have downloaded the XMRig coin miner.
• News Corp says state hackers were on its network for two years – Mass media and publishing giant News Corporation says that attackers behind a breach disclosed in 2022 first gained access to its systems two years before, in February 2020.

Projects

TryHackMe – Working Through SOC Level 1 path, Pyramid of Pain and Cyber Kill Chain are my most recent completions.

Articles

• Pepsi Bottling Ventures suffers data breach after malware attack – an unknown party accessed [our internal IT systems] on or around December 23, 2022, installed malware, and downloaded certain information contained on the accessed IT systems
• Russian hacker convicted of $90 million hack-to-trade charges – Vladislav Klyushin was found guilty of hacking into U.S. computer networks to steal confidential earnings reports, which helped $90,000,000 in illegal profits.
• Hyundai, Kia patch bug allowing car thefts with a USB cable – popularized on TikTok, increasing thefts targeting its vehicles without push-button ignitions and immobilizing anti-theft devices
• Report Reveals Record-Breaking Year for Cyber Threats – Exploit activity grew by 105% in Q4 2022, Malware jumped nearly 35% in Q4, Botnets jumped by 30% in 2022
• 5th State of CCPA, CPRA, and GDPR Compliance Report Shows More Than 90% of Companies Are Not Compliant – As CPRA went into effect on January 1, latest CYTRIO research says 91% of companies still uncompliant with GDPR; 92% not compliant with CCPA and CPRA.
• City of Oakland declares state of emergency after ransomware attack – Interim City Administrator G. Harold Duffey declared a state of emergency to allow the City of Oakland to expedite orders, materials and equipment procurement, and activate emergency workers
• Cloudflare blocks record-breaking 71 million RPS DDoS attack – The majority of attacks peaked in the ballpark of 50-70 million requests per second (rps) with the largest exceeding 71 million rps
• FBI says it has ‘contained’ cyber incident on bureau’s computer network – The FBI has been investigating and working to contain a malicious cyber incident on part of its computer network in recent days
• GoDaddy: Hackers stole source code, installed malware in multi-year breach – Web hosting giant GoDaddy says it suffered a breach where unknown attackers have stolen source code and installed malware on its servers

Podcasts

• Smashing Security – 308: Jail after VPN fail, criminal messaging apps, and wolf-crying watches
• Security Now 910 – Malicious ChatGPT Use, Google Security Key Giveaway, OTPAuth

Projects

TryHackMe – I paid for premium access and completed the Introduction to Cybersecurity and Pre Security learning paths.

PiHole – I used this great tutorial to create a PiHole.

Webinars

• SANS – Transition to Cyber Security From a Non-Cyber Role: Creative Ways to Impress to Land Your Dream Cyber Role
• Inside (ISC)2 – Quarterly Board Update Q1 2023
• Addressing the Cyber Skills Gap – Bec McKeown will explore the cyber skills gap from both perspectives – as well as talking more broadly about the issues around generating and retaining talent and what the future cybersecurity workforce might look like.

Articles

• NIST Picks IoT Standard for Small Electronics Cybersecurity – NIST announces that it will use Ascon as a cryptography standard for lightweight IoT device protection.
• Toyota Global Supply Chain Portal Flaw Put Hacker in the Driver’s Seat – The automaker closed a hole that allowed a security researcher to gain system administrator access to more than 14,000 corporate and partner accounts and troves of sensitive data.
• Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide – 2 year old patch was not applied on thousands of servers.
• LockBit ransomware gang claims Royal Mail cyberattack – forced the company to halt its international shipping services due to “severe service disruption.”
• Crypto Drainers Are Ready to Ransack Investor Wallets – Cryptocurrency drainers are the latest hot ticket being used in a string of lucrative cyberattacks aimed at virtual currency investors.
• Reddit cyberattack let hackers steal source code and internal data – hackers used a phishing lure targeting Reddit employees with a landing page impersonating its intranet site. This site attempted to steal employees’ credentials and two-factor authentication tokens.

Podcasts

• Chat-GPT Seinfeld, QNAP, Google FI, Headcrab, Banner, GoodRx, Oracle, & GoAnywhere – SWN #271 – Security News Doug Chides: Chat-GPT, QNAP, Google FI, REDIS, Headcrab, Banner, GoodRx, Oracle, GoAnywhere, & more!
• Malicious Life 206 – The (Other) Problem with NFTs
• Smashing Security 307: ChatGPT and the Minister for Foreign Affairs
• Security Now 909 – How ESXi Fell – EU Internet Surveillance, QNAP returns, .DEV is always HTTPS

Projects

TryHackMe – Completed the “Walking and Application Room”

PluralSight Learning

Risk Management and Information Systems Control: Risk and Control Monitoring and Reporting – 48m – Addresses the risk management lifecycle.