Security in Color Newsletter: #43

Happy New Year!

Welcome to the Security in Color Newsletter, a weekly guide on news, events, and resources in the cybersecurity community. Curated and written by Dominique West.


The TL;DR:

  • Checking in: Happy New Year, Security in Color First Anni Giveaway

  • News: Attackers bypassing Cloud MFA, More Solarwinds info, Vulnerabilities in IoT

  • Events, Jobs, Scholarship Programs, Free Study Resources


Checking In

Happy New Year!

I know, I know - we’re already halfway through the month, but better late than never! It’s been a minute since the last newsletter - ya girl was taking a much-needed break (even though I feel like I already need another one).

Now that 2021 is in full swing, I have so much in store for Security in Color - including upcoming events to practice your #cybersecurity skills, new podcast episodes, and of course, more resources for you via this newsletter. Speaking of podcast episodes…Episode 46 of Security in Color dropped today and I am doing a CompTIA Security+ Voucher giveaway as part of my thank you for reaching 1 year in podcasting. More information is in the episode, see here for the form.

In other news, I am still studying for the AWS Solutions Architect Associate Exam (you can find the youtube study sessions here). The test is scheduled for the end of January, so if you are still studying as well let me know. The next study group will either be GCP Security or Security+, not sure yet, but I will keep you posted.

Anywhoo, enjoy the newsletter!

~ Dominique ~

This Week’s Cybersecurity News

Here’s the cyber tea for this week. Want your news in audio format? Check out our latest podcast episode. Also available on Apple Podcast, Spotify, Google Podcasts, and more.

  • Is Enabling MFA enough in the Cloud? The US Cybersecurity and Infrastructure Security Agency (CISA) said today that threat actors bypassed multi-factor authentication (MFA) authentication protocols to compromise cloud service accounts. "CISA is aware of several recent successful cyberattacks against various organizations’ cloud services," the cybersecurity agency said on Wednesday.

  • SolarWinds Hack Potentially Linked to Turla APT: Researchers have spotted notable code overlap between the Sunburst backdoor and a known Turla weapon. New details on the Sunburst backdoor used in the sprawling SolarWinds supply-chain attack potentially link it to previously known activity by the Turla advanced persistent threat (APT) group.

  • Understanding TCP/IP Stack Vulnerabilities in the IoT: Internet of Things devices are highly susceptible to attacks, breaches, and flaws emanating from issues within the TCP/IP network communications architecture. Here's an overview of what you need to know to mitigate risks.

Cybersecurity Events Happening Around The Globe

Check out the full calendar line-up here and add it directly to your Google Calendar. Have an event you want to be added to? Leave a comment or reply directly to this newsletter.

Cyber / Tech Job Postings

Go secure that bag! The jobs posted here I have either been directly contacted to post or have come across them in my network. Either way, apply anyway even if you don’t check every box.

Role: Information Security Analyst (Remote) | Company: Strategic Financial Solutions | Apply here

Role: Security Operations Analyst | Company: Deltek  | Apply here

Role: Cyber Security Analyst / Engineer II - Remote | Company: Ingalls Information Security, LLC  | Apply here

Role: Senior Security Engineer - Remote | Company: Grubhub  | Apply here

Role: Staff Software Engineer, Security | Company: Gatsby  | Apply here

Role: Applications Security Engineer (Remote) | Company: RedRiver Systems | Apply here

Role: Information Security Analyst | Company: Yumi Brands | Apply here


Support This Newsletter

A very big thank you to every single one of you who has subscribed to this email list and reads this newsletter! If you can spare a couple of $$, please consider contributing to our Patreon (there are perks included!). It helps maintain this newsletter and platform.

You can also send a one-time donation by Buying us a Coffee or via Paypal or Venmo.


Scholarships/Programs

Free Study Resources


Suggestions?

Have something you want to contribute to the next newsletter? Know of a way to improve this newsletter for our audience? Feel free to provide us some feedback here or leave a comment below.

Leave a comment