Welcome to the Security in Color Newsletter, a guide on news, events, and resources in the cybersecurity community. Curated and written by Dominique West.
The TL;DR:
Checking in: Happy Friday! Please help me by filling out this survey.
News: Honestly, ransomware has been dominating the news, at the point something needs to change. We lost a pretty controversial pioneer (McAfee) recently. Also, with the government being more active with pushing cyber initiatives, keep on the lookout for those jobs and keep working on your skills!
Events: Friday night hacking labs, Beginner friendly CTF practice, BIC CFP @ Defcon
Checking In
What’s up everyone - how you doin *Wendy Williams voice*
I hope you are safe and healthy. It’s officially summer and the world is about to get whatever body we produce and that’s a-okay you hear me?
The cyber world isn’t quiet per say - ransomware is still dominating out here and is not getting off of any of these companies’ necks (The City of Tulsa is the latest victim). I included an article below by Checkpoint talking about how enterprises can handle these attacks. If you are in/interested in cyber you should def know how to talk about this because it more than likely will be a question in the interview process.
June is ending soon and a couple of my favorite orgs are having some events, including Black Girls Hack, OWASP Devslop, and Women’s Society of Cyberjutsu. Check it out and register below.
Alright, I’m out. Have a good weekend and enjoy the newsletter!
~ Dominique ~
Cybersecurity News
Catch up on the latest technology and cybersecurity news. Links to the latest news below or check out our podcast or blog for a quick, informative, and fun-to-listen summary.
——
Wondering how enterprises can prevent and deal with ransomware attacks?
Check Point Research (CPR) recently revealed that the average weekly number of ransomware attacks has increased 93% over the past 12 months. Every week, more than 1,200 organizations worldwide fall victim to a ransomware attack, and all enterprises without exceptions are at risk. According to Cybersecurity Ventures, the damage caused by ransomware will reach approximately $20 billion this year, a 57-fold increase from 2015. By 2031, the cost of ransomware incidents could even surpass the hard-to-believe figure of $265 billion.
——
A COVID-19-Themed Campaign Delivering Agent Tesla
An unsophisticated campaign has been discovered to be spreading Agent Tesla RAT. It is a phishing campaign that used COVID-19 vaccination schedules as a lure. It focuses on the communications that organizations have with their employees.
——
Shame culture is the biggest roadblock to increasing security posture
Cybersecurity culture is nearly impossible to quantify due to an absence of measurement tools. Many businesses attempt to quantify the human element of their security posture by sending employees simulated attacks to find out how susceptible workers are to phishing, social engineering, spoofing, and other similar attacks. The flawed logic security leaders use to justify these tactics is that simulations help identify high-risk users and secure additional funds for improving cybersecurity. However, the negatives may outweigh the benefits as simulations embarrass workers – and embarrassment rarely accomplishes anything positive – and position security teams as antagonists rather than allies.
——
Apple warns of sideloading risk as lawmakers consider third-party app stores
Apple released an information booklet Wednesday morning warning about the dangers of unvetted iPhone app downloads hours before lawmakers were slated to discuss tearing down walled gardens like Apple’s App Store. The House Judiciary Committee will today markup legislation from Rep. Pramila Jaypal, D-Wash., to restrict digital platforms from keeping a stranglehold over the businesses that feed into them. This would include a company like Apple that runs the only approved app store for iOS.
——
Cybersecurity Events Happening Around The Globe
Check out the full calendar line-up here and add it directly to your Google Calendar. Have an event you want to be added to? Leave a comment or reply directly to this newsletter.
June
July
7/9: BIC Village @ Defcon Call for Papers Deadline. Submit here
Cyber / Tech Job Postings
Go secure that bag! The jobs posted here I have either been directly contacted to post or have come across them in my network. Either way, apply anyway even if you don’t check every box.
Role: IT Support Analyst | Company: VaynerMedia LLC | Location: Los Angeles, CA | Apply here
Role: IAM Engineer | Company: Whole Foods Market | Location: Austin, TX | Apply here
Role: SOC Engineer | Company: Chewy | Location: Dania, FL | Apply here
Role: Entry Level Engineer | Company: Aerotek | Location: Atlanta, GA | Apply here
Role: Entry Level Software Engineer | Company: LaunchCode | Location: O’Fallon, IL | Apply here
Role: Engineer | Company: American Express | Location: Pheonix, AZ | Apply here
Role: TechOps Engineer | Company: Bottle Rocket | Location: Dallas, TX | Apply here
Role: Partner Engineer | Company: Substack | Location: Remote | Apply here
Support This Newsletter
A very big thank you to every single one of you who has subscribed to this email list and reads this newsletter! If you can spare a couple of $$, please consider contributing to our Patreon (there are perks included!). It helps maintain this newsletter and platform.
You can also send a one-time donation by Buying us a Coffee or via Paypal or Venmo.
Suggestions?
Have something you want to contribute to the next newsletter? Know of a way to improve this newsletter for our audience? Feel free to provide us some feedback here or leave a comment below.