Welcome to the Security in Color Newsletter, a weekly guide on news, events and resources in the cybersecurity community. Curated and written by Dominique West.
The TL;DR:
News: Ransomware, iPhone bugs, IBM warnings…
Events: OWASP Devslop Game Day, Surviving Infosec Webinar, BIC Winter Conference
Jobs: Literally all the jobs, I went ham.
Scholarships, Podcasts and more
Checking In
Happy Friday Everyone!
We made it to the last month of the year! Insane. 2020 has been…nuts, to put it mildly. Nevertheless, I remain grateful to the amazing things that have happened and to each and every one of you who subscribe and read this newsletter. (Gang, gang).
Anywho, quick FYI - I am doing an AWS Solutions Architect Study Group for anyone interested in getting this certification. Monday’s I will do live study session on Twitter/Periscope, Twitch, Youtube. I will be doing AWS practice labs for my patreon members. And Sundays will be a zoom call for mini-practice tests. If interested, sign up and see you soon!
Enjoy the newsletter! See you next time!
~ Dominique ~
This Week’s Cybersecurity News
Here’s the cyber tea for this week. Want your news in audio format? Check out our latest podcast episode. Also available on Apple Podcast, Spotify, Google Podcasts and more.
Ransomware Group Steals 2M Credit Cards, Shut Downs South Korean Retailers
The Clop ransomware group is at it again. On Thursday, the gang claimed that it stole 2 million credit cards from South Korean retailer E-Land over a one-year period, in a campaign that culminated with a ransomware attack on the company’s headquarters in November. Operators of Clop ransomware reportedly said that they were responsible for the November attack that forced E-Land — a subsidiary of E-Land Global — to shut down 23 of its New Core and NC Department Store locations.
iPhone Bug Allowed for Complete Device Takeover Over the Air
Researcher Ian Beer from Google Project Zero took six months to figure out the radio-proximity exploit of a memory corruption bug that was patched in May. Details tied to a stunning iPhone vulnerability were disclosed by noted Google Project Zero researcher Ian Beer. Apple patched the vulnerability earlier this year. But few details, until now, were known about the bug that could have allowed a threat actor to completely take over any iPhone within a nearby vicinity. The hack could of been performed over the air without even interacting with the victim’s device.
IBM warns hackers targeting Covid vaccine 'cold chain' supply process
IBM is sounding the alarm over hackers targeting companies critical to the distribution of Covid-19 vaccines, a sign that digital spies are turning their attention to the complex logistical work involved in inoculating the world's population against the novel coronavirus
Companies need to be more proactive on cyber security measures
As the Covid pandemic has brought about a sea change in the operations of most companies with work from home becoming the trend over the past 8-10 months, cyber security experts are of the view that several companies still need to be more proactive in terms of strengthening their systems against cyber attacks.
Cybersecurity Events Happening Around The Globe
Check out the full calendar line-up here and add directly to your Google Calendar. Have an event you want to be added? Leave a comment or reply directly to this newsletter.
12/6: Game Day - Introduction to Containerization and Docker - OWASP Devslop
12/7: Government Risk & Compliance Webinar by Black in Cybersecurity
12/13: How Does Social Identity Guide Women To Become Great Leaders or Quite the Opposite?
12/16: From Scan to Fix, Start Measuring Remediation Outcomes Webinar
Cyber / Tech Job and Opportunities
Go secure that bag! The jobs posted here I have either been directly contacted to post or have come across them in my network. Either way, apply anyway even if you don’t check every box. Click the pink links to apply.
Role: Application Security Engineer | Company: Zoom | Apply here
Role: Data Engineer | Company: Zoom | Apply here
Role: Infrastructure Security Engineer | Company: Github | Apply here
Role: Infrastructure Security Engineer | Company: Github | Apply here
Role: Security Administrator | Company: RxBenefits, Inc. | Apply here
Role: Co-op / Internship - Cyber Physical | Company: Grimm | Apply here
Role: DFIR Analyst (US Remote Available) | Company: Splunk | Apply here
Role: Cybersecurity Media Strategist | Company: Mission North| Contact to email Shannon Hutto shutto@missionnorth.com
Support This Newsletter
A very big thank you to every single one of you who has subscribed to this email list and reads this newsletter! If you can spare a couple of $$, please consider contributing to our Patreon (there are perks included!). It helps maintain this newsletter and platform.
You can also send a one-time donation by Buying us a Coffee or via Paypal or Venmo.
Free Study Resources
Code Your First Game: Arcade Classic in JavaScript on Canvas (Free) - Udemy
Learn Amazon Web Services (AWS): The complete introduction (Free) - Udemy
Programming 101 (Free) - Udemy
Git & GitHub Crash Course: Create a Repository From Scratch (Free) - Udemy
Scholarships/Giveaways
Cybersecurity / Tech Podcasts
Security in Color Podcast: Episode 44 - Three Millions Unfilled jobs where?! Breaking down Cybersecurity Career Awareness Week
Colors of InfoSec Podcast: Episode 8 - Grand Closing, Season 1 Finale
The Next Tech Podcast: Episode 205 - Making Progress
Hacker Valley Studio Podcast: Episode 108 - Behind the Mic with Carole Theriault
Suggestions?
Have something you want to contribute to the next newsletter? Know of a way to improve this newsletter for our audience? Feel free to provide us some feedback here or leave a comment below.