🔏 Simplifying Cybersecurity Issue #6

Welcome to the latest issue of Simplifying Cybersecurity!

This newsletter is packed with info to help you up your cybersecurity game. Whether you're just getting started or a seasoned cybersecurity professional, I've got you covered with tips, tools, and resources to help you keep growing and keep your career moving forward.

In this issue:

• Cybersecurity news stories you should read

• Active professionals you should engage

• Tips to stand out in your next interview

• Training resources to improve your skills

• Career opportunities you can apply for today

• Recommended reading from The Bookstore

👕 Anybody want a peanut hoodie?

The Simplifying Cybersecurity store is live? Inconceivable!

I wanted some cybersecurity swag of my own that I could start wearing to hacker cons, but I’m not the biggest fan of swag that’s covered with vendor logos. 🤷

So I decided to design some swag of my own. 😉

I’ve got a handful of designs in the store now, and I’m planning to add more soon. Oh! And stickers! I haven’t uploaded any sticker designs just yet, but they’re on their way.

If you want to grab your own hoodie or tee, head on over to the store today!

📰 Cybersecurity in the News

Ferrari exec foils deepfake attempt by asking the scammer a question only CEO Benedetto Vigna could answer. Deepfake technology is increasingly being used to impersonate high-profile executives, posing a significant threat to businesses. Security awareness and employee vigilance to the rescue! A simple question about a recent conversation between the two IRL was enough to shut down the attack immediately.

Meta to pay $1.4 billion to settle Texas facial recognition data lawsuit. Meta Platforms has agreed to pay $1.4 billion to Texas to settle a lawsuit alleging the company illegally collected biometric data of millions of Texans without their consent through its facial recognition technology. This settlement is the largest ever reached by a single state over biometric privacy violations.

North Korean hacker got hired by US security vendor, immediately loaded malware. A North Korean hacker using a stolen US identity and AI-enhanced photo was hired by KnowBe4, a US security vendor, but was caught trying to install malware on the company's network shortly after receiving their work computer. KnowBe4's security software flagged the suspicious activity, leading to an investigation by the company and the FBI, highlighting the ongoing threat of sophisticated cyberattacks.

Bipartisan Senate bill would promote cybersecurity apprenticeship programs. A bipartisan Senate bill proposes to expand cybersecurity apprenticeship programs through Department of Labor grants, aiming to address the industry's workforce shortage and equip participants with technical instruction, on-the-job training, and industry-recognized certifications. The bill follows a series of congressional efforts to bridge the cybersecurity skills gap and provide career pathways for individuals with or without college degrees.

Nicole Dove, Director Of Security Engineering At Riot Games, Wants To Help Individuals Within Or Seeking A Career In Cybersecurity Explore The Endless Possibilities. Dove, a cybersecurity expert with 20 years of experience, is passionate about helping others explore careers in the field, especially as AI technology continues to evolve. She will be speaking at the 2024 AFROTECH Conference about how to think like a hacker, cybersecurity career paths, and the importance of adapting in an ever-changing technological landscape.

🤝 Professional Networking

➡️ Follow or connect with these security leaders on LinkedIn.

• J. Nicole Dove - Cybersecurity Leader | Podcast Producer | University Lecturer

• Rachel Tobac - CEO, SocialProof Security, Friendly Hacker, Security Awareness Videos and Live Training

• Stu Sjouwerman - CEO at KnowBe4. (A Vista Equity Company)

• Matt Johansen - Helping Secure the Internet

• Mike Privette - CISO and Cybersecurity Economist at Return on Security

💼 Interview Tips

Taking practice exams before the real exam is a tried and true method for effective exam preparation.

The same can be said about practice interview questions before the real interview.

I did some digging on GitHub and found 10 repositories that I recommend you bookmark or star before your next interview.

1️⃣ 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗘𝗻𝗴𝗶𝗻𝗲𝗲𝗿 𝗜𝗻𝘁𝗲𝗿𝘃𝗶𝗲𝘄 𝗤𝘂𝗲𝘀𝘁𝗶𝗼𝗻𝘀
2️⃣ 𝗔𝗽𝗽𝗹𝗶𝗰𝗮𝘁𝗶𝗼𝗻 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗘𝗻𝗴𝗶𝗻𝗲𝗲𝗿 𝗜𝗻𝘁𝗲𝗿𝘃𝗶𝗲𝘄 𝗤𝘂𝗲𝘀𝘁𝗶𝗼𝗻𝘀
3️⃣ 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗜𝗻𝘁𝗲𝗿𝘃𝗶𝗲𝘄 𝗤𝘂𝗲𝘀𝘁𝗶𝗼𝗻𝘀
4️⃣ 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗜𝗻𝘁𝗲𝗿𝘃𝗶𝗲𝘄 𝗤𝘂𝗲𝘀𝘁𝗶𝗼𝗻𝘀 - 𝗰𝘆𝗯𝗲𝗿𝗰𝗹𝗼𝘂𝗱.𝗴𝘂𝗿𝘂
5️⃣ 𝗣𝗲𝗻𝘁𝗲𝘀𝘁𝗶𝗻𝗴 𝗜𝗻𝘁𝗲𝗿𝘃𝗶𝗲𝘄 𝗤𝘂𝗲𝘀𝘁𝗶𝗼𝗻𝘀
6️⃣ 𝗪𝗲𝗯 𝗦𝗲𝗰 𝗜𝗻𝘁𝗲𝗿𝘃𝗶𝗲𝘄
7️⃣ 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗔𝗿𝗰𝗵𝗶𝘁𝗲𝗰𝘁 𝗮𝗻𝗱 𝗣𝗿𝗶𝗻𝗰𝗶𝗽𝗮𝗹 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗘𝗻𝗴𝗶𝗻𝗲𝗲𝗿𝗶𝗻𝗴 𝗜𝗻𝘁𝗲𝗿𝘃𝗶𝗲𝘄 𝗤𝘂𝗲𝘀𝘁𝗶𝗼𝗻𝘀
8️⃣ 𝗜𝗻𝗳𝗼𝗦𝗲𝗰 𝗜𝗻𝘁𝗲𝗿𝘃𝗶𝗲𝘄 𝗤𝘂𝗲𝘀𝘁𝗶𝗼𝗻𝘀
9️⃣ 𝗥𝗲𝗱 𝗧𝗲𝗮𝗺 𝗜𝗻𝘁𝗲𝗿𝘃𝗶𝗲𝘄 𝗤𝘂𝗲𝘀𝘁𝗶𝗼𝗻𝘀
🔟 𝗔𝗽𝗽𝗹𝗶𝗰𝗮𝘁𝗶𝗼𝗻 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗜𝗻𝘁𝗲𝗿𝘃𝗶𝗲𝘄 𝗤𝘂𝗲𝘀𝘁𝗶𝗼𝗻𝘀

➡️ Check out the original post here!

💡 Training Opportunities

Given the recent attack against a high profile Ferrari exec using deepfake technology, I have 2 courses to share with you from LinkedIn Learning.

If you’ve got a Premium profile, or if your company has a LinkedIn Learning subscription, you can check out these courses anytime you’d like.

But even if you don’t have a LinkedIn Learning subscription, you can use these links to take these courses for FREE. The links themselves shouldn’t expire, but as soon as you click on them, you have 24 hours to complete the courses. You can bookmark them for a rainy day.

• Understanding the Impact of Deepfake Videos

• The Cybersecurity Threat Landscape

➡️ Knock out a course over lunch or bookmark them all for a rainy day.

🚀 Career Opportunities

If you’re looking for an Entry Level or Associate role, you might want to check out these opportunities:

• Puzzle Maker AI Data Trainer, Invisible

• Risk and Compliance Analyst, Legato Security

• Teaching Assistant: Cybersecurity, Good Jobs, Correlation One

• IT Security Specialist, Alpha Omega

• DevSecOps Engineer Associate, SAIC

If you’re looking for a Mid-Senior Level role, you might want to check out these opportunities:

• Enterprise Security Sales Engineer - US West, Datadog

• IAM Engineer, Cardinal Health

• Director of Software Security, Visual Matrix

• VP of Cybersecurity, Covera Health

• Director/Head of Information Security, NMI

📚 The Bookstore

Deepfakes: The Coming Infocalypse by Nina Schick explores the alarming rise of deepfakes, AI-generated media that convincingly mimic reality, and the potential consequences for society. Schick warns of an impending "Infocalypse," a crisis of misinformation where distinguishing truth from falsehood becomes impossible, threatening democracy, national security, and personal trust. The book examines the political implications, manipulation tactics, and the unpreparedness of governments and tech companies for this evolving threat.

That's it for this week. If I’m doing my job right, you’re a few steps closer to making the career moves you want to make.

If you’re digging this newsletter, I’ve got two quick asks:

➡️ Share it with a friend or colleague who might like it as well. We’re all in this together, and sharing what we learn along the way helps everyone.

➡️ If someone forwarded this to you, subscribe here.

➡️ Connect with me on LinkedIn! I'm always up for chatting about all things cybersecurity and career growth.

Stay safe out there, and keep learning!

Jerod

You found it! You can use the promo code LEET1337 to save 25% on any order in the Simplifying Cybersecurity store. This promo code will self-destruct in… well, you know the rest. Nicely done!