LSW

If you do not understand why I think the repeal of Net Neutrality by the FCC is bad for us, or you simply do not understand what Net Neutrality is all about, Burger King will help you understand it while you wait on your whopper: Video from Twitter: https://twitter.com/BurgerKing/status/956166686054408192 You can see more on the subject here: The Issue of Net Neutrality

Skype Microsoft Won't Patch a Severe Skype Vulnerability Anytime Soon [2/14/2018]

Microsoft Issues Security Patch Update for 14 New Critical Vulnerabilities https://thehackernews.com/2018/02/microsoft-patch-update.html

No, not at all. Found it funny considering yourself to old at 40 something. I think that age thing is a myth and a crutch used by older generations. Then again... what people see in social media is truly beyond me. Why would I care where you are or doing right now or what your food looks like. I am more interested in why you updating everyone that you are not home, come rob me? Maybe there is an age limit... anyone have a crutch I can borrow? Python really is easy, you would not be feeling so positive if it were Java most likely. But once you comprehend one language, you will note traits in all others. Stef is a good teacher. I learned Python back in 2000 and used to write code in my head speaking it to get my kid to sleep, worked like a charm... even I fell asleep during it! I like Python and keep nagging my boss to ditch Java for it.

Oui! Who are you suggesting is old here!? I will have you note young whipper-snapper that I am in my 50s and entering Cybersecurity by golly! 40s, ha! Many here may consider me an @$$, but none think of me as an old @$$... at least I don't think so. Seriously though, I don't think Stephan was Python when we met, he was a serious Java type. I think he is older than you, or at least close. Andrea will kill me if I suggest she is anything older than 29, then there was Limey, not sure where he disappeared, retired military, then got into IT. Actually I think you may fit in near the average age here. Not that many teens, I would say that back in the 90s and early 2000s our average age was 30s. So welcome to the forum and mind you don't trip over my walker young man.

Good to hear. This forum was opened for beginners, not experts. Most of the regulars here like Andrea got their start building web sites by coming here. I am one of the few who actually learned this in a school, but even then I have picked up many tricks here and actually taught myself stuff while helping others. So never apologize for dumb questions, we all started out there and asked our own fair share. This is what Killersites was started for. Cheers!

Your Windows Security Updates Might Stop!? https://www.stationx.net/windows-security-updates-might-stop/ The the Excel sheet he links to to see if your AV is covered or not.

WordPress Update Breaks Automatic Update Feature - Apply Manual Update https://thehackernews.com/2018/02/wordpress-update.html

Top web browsers 2018: Microsoft's IE and Edge shed share as Chrome gains https://www.computerworld.com/article/3199425/web-browsers/top-web-browsers-2018-microsofts-ie-and-edge-shed-share-as-chrome-gains.html

Oh, OK. That taxes me out then. Good luck with it.

Although I consider Pi a Trump stooge for his actions destroying Net Neutrality, nice to see he is none simply a "Yes Man." He is at least picking the right side of this fight in my opinion. Of course this does not Verizon in any way like the Net Neutrality decision. FCC Head and Wireless Lobby Oppose U.S. Bid to Build a 5G Network https://www.bloomberg.com/news/articles/2018-01-29/u-s-is-said-to-consider-building-5g-network-amid-china-concerns

Lenovo Vulnerabilities Hard-coded Password Lets Attackers Bypass Lenovo's Fingerprint Scanner [1/29/2018]

Nearly 2000 WordPress Websites Infected with a Keylogger https://thehackernews.com/2018/01/wordpress-keylogger.html I hope none of you are using other peoples computers to make money for yourself. It is unethical and you deserve what you get in the end.

You might want to pass this to any soldiers you know regardless of the country. Internet of Things (IoT) people, the Internet and your friends do not need to know where you are and what your are doing. Fitness apps, GPS geo-logging on photos you take, it all gives out info bad guys do not need to know. US soldiers are revealing sensitive and dangerous information by jogging https://www.adn.com/nation-world/2018/01/28/us-soldiers-are-revealing-sensitive-and-dangerous-information-by-jogging/

I think it is a good call. I really liked Python and I have been dealing a bit with Debian and Kali and like them well enough, just takes getting used to when you have always worked with Windows. Helps that the GUIs have improved since the first time I opened one.

Oh, I thought you were down on it, but hadn't dropped the idea yet. My bad.

I have not looked at Studio Web for Python... but yea, Stef does good work. I checked it out when he first started it. Besides all languages are common, so knowing one will help learning others as you see the common elements.

LOL - Oh, don't get me started on degrees. I am ex-military, ex-public affairs for the US Army Berlin Brigade, ex-bodyguard for Daimler-Benz, worked in a corporate headquarters with people from 13 different nations... but lost out on a job in Detroit with a big company as a web developer that their HR department OK'd me for... just because the supervisor thought I could not handle stress as I had not been to college, seriously? No, I served my country instead of college. Grrrr. It really comes down to where you are of course. Here in Alaska, no real industry, so yea, this is one of the worst places for cybersecurity jobs. Age, now that is kinda quirky. You would think, like on TV, Young folks who have had phones and computers in their cribs would be best. In fact, depending on what you read or who you talk about, older folks with computer experience are preferred as we have a deeper knowledge of operating systems and programming languages. Also being ex-military is helpful, we have an inbred sense of strategy and defense. Cyber soldiers from the military have it made. I would not put much weight in degrees, yours will come in handy later for getting supervisory or management positions in a company. It can also help you in an advisory role as a contractor helping businesses lock down their security if you land a job with a security start-up company. *Growl* - Oh, don't get me started on certificates. Yea, very expensive and some you have to get renewed continually, most also require regular extra credits as the industry changes so fast, your knowledge is out of date in a heartbeat. The extra credits are easy, lots of 1 hour webinars will give you those. The certificates themselves, they are expensive but really required to work in the industry. I will add some links at the end. Personally, I live in Juneau, to get the certificates I want, I have to fly almost 600 miles to Anchorage at my cost, pay for the testing, and likely a hotel. But if you walk into a interview with the right certificates, they are worth more and likely cheaper than a degree. Python is good to know, it was not common when I learned it in 2000, but most of the common tools of the trade are written in it. Java is more common but is really a security nightmare with massive vulnerabilities. I have tried, unsuccessfully, to get my boss to change us from a Java shop to a Python shop. KaliLinux is a great tool and it will help you learning to use it and the Linux operating system inside and out. Many of the cyber security tools we use are included in it. Place it on your machine in a virtual machine so you don't muck anything up playing with it... unless you have a second machine. As far as jobs go - start training yourself now. College courses in general are not bad, I had a networking course that has helped me better understand the networks and how they work that I need to secure. So look for singular classes that can help you understand the world Cybersecurity works in. Sign up for news letters, I like The Hacker News, many of my headline here come from there. There is another site, Dark Reading that has an app for mobile devices. Keep up on the industry with blogs and news letters like the "NewsBits" from SANS.org. This way you can walk into interviews with confidence, you know the players, threats and tools if asked. Remember it is a new field, their are not enough experts around, so they want people who can learn quick, you will show you may not have all the technical knowledge yet, but you know the industry and the threats. Volunteer, once you know some stuff and have a base idea, help local businesses understand the threat and they are targets regardless of how small they are. I learn a lot my teaching others what I know here. talk to computer teachers at local schools, they may not cover it and allow you to work with a computer club etc. The next suggestions can be good for any nation, but assuming you are in the US. Canada has many of the same organizations. Also if there is an election, volunteer to work with the IT team to lock it all down. They likely focus on people and getting the candidate out there, so someone needs to oversee security, just remind them of the Democratic party attack. What data is available that another candidate could use against them if leaked. That will go a good ways in an interview as experience. There is also the Red Cross for whatever nation you are in. The American Red Cross (ARC) has Disaster Services Technology (DST), we are the ones who respond to a Hurricane Harvey and set up disaster headquarters with servers, networks, printers, laptops, internet, phones, radios, and other tech the aid workers need to do their jobs helping people. The ARC also has IT End User Services (IT EUS), we are the IT support for the Red Cross in normal non-disaster times. Help desk, setting up communications and computers, everything IT for chapters and offices. Talk to your local Red Cross chapter. Then there is the Civil Air Patrol (CAP), it is a private civilian organization under the US Air Force. They are the primary means of Search & Rescue in the US. They have to be secure as they also do drug interdiction work with the feds, so squadrons need good IT personnel. Many squadrons also have a cadet program, so you can teach teenage cadets security. Then there are also security competitions. High schools and military type units for teenagers, such as ROTC, CAP, etc take part in a yearly National Youth Cyber Education Competition called CyberPatriot that you can volunteer for to help coach teams. I just heard of another one for females, Girls Go Cyber Start that likely accepts volunteer coaches. Then there is the college version, the Collegiate Cyber Defense Competition (CCDC) which needs volunteers. Again you can learn a lot while helping these teams and if you are taking college courses you may be able to join a CCDC team, or just as a coach. If nothing else, it looks good on a resume and gives you experience. Go military - including Coast Guard. Even if just National Guard, Air National Guard, etc.. Then there are reserves, Army Reserve. Coast Guard Reserve, etc. All branches of the military need cyber warriors, for protecting combat nets etc., if not your thing, then the guard etc. If you are close, try state government jobs. Many are just now getting into cyber security. For training, I would strongly suggest StationX as Nathan has some excellent training tutorials. I am finishing up his 4 part Complete Cyber Security Bundle. It is more on your own security, but he does a lot on tools. Again, the more you know the more you can talk the talk in interviews and maybe get by without immediately having expensive certificates. Also check out The Hacker News training courses. I found StationX through them taking courses I got here. It is Hit and Miss, I had some good courses and some not so good, but all are affordable. Data Breach Today resources - Data Breach is just one of many "Theme Sites" by ISMG. You get involved with their mailing list and you will get notifications for free webinars from many retailers as well as their own instructors. Some are extra credit. Even the retailer ones you can learn about threats as well as the software to fight them. Another good source, I watch webinars multiple times a week. Just be careful, many of the retailers want telephone/email and the sales people WILL contact you. Use fakes when you can, same with downloading white papers etc. BleepingComputer is another good site. So this is long enough and I really do need to do some work... Cheers and feel free to ask any more questions.

Critical Flaw in All Blizzard Games Could Let Hackers Hijack Millions of PCs https://thehackernews.com/2018/01/dns-rebinding-attack-hacking.html

As the security guy here, the answer is easy, "secure server side web programming" and considering the degree. Java is the most common programming language, but it is a god-awful security risk, it is the Titanic of security risks. Python is coming on strong and is more secure..., but not offered apparently. C++ and C# are older and more high level programming type stuff ASP.Net is just a framework and uses other languages like C#/ASP.net, Python/ASP.net, it is not a true language of it's own, it just uses other languages. Mobile devices are growing and security is a nightmare with them. That would be my No. 2 for you.

I mentioned it to my wife, she says look at "Booster" & "Bonfire". One of the two is used by "Puppy Rescue" where we got two of our dogs from Afghanistan. They use it for fund raising.

Redbubble may be an option. I don't know much about it, my daughter just started selling her art there. But of course hard to attract people to it as a fundraiser.

International Cybersecurity Related News Cyber news from around the world. PyeongChang 2018 Winter Olympics Opening Ceremony Disrupted by Malware Attack [2/13/2018] Australia Hack Attack Breaches Australian Parliament Network [2/8/2019] Hacker Uses Australian Early Warning Network to Send Spam Alerts [1/8/2019] Pencil manufacturers rejoice: Oz government doesn't like e-voting [12/11/2018] Australia Passes Encryption-Busting Law [12/11/2018] Australia now has encryption-busting laws as Labor capitulates [12/11/2018] Wow, what a lovely early Christmas present for Australians: A crypto-busting super-snoop law passes just in time [12/11/2018] Australia Passes Anti-Encryption Bill—Here's Everything You Need To Know [12/7/2018] Australian Government Contractor Exposed 50,000 Records [11/6/2017] China Chinese Hackers Used NSA Hacking Tools Before Shadow Brokers Leaked Them [5/8/2019] China Blocks Microsoft's Bing Search Engine, Despite Offering Censored Results [1/24/2019] Chinese Quantum Satellite Sends First ‘Unhackable’ Data to Earth China Enforces Real-Name Policy to Regulate Online Comments China Shuts Down Popular VPN Services to Make Great Firewall Stronger Europe Kazakhstan Begins Intercepting HTTPS Internet Traffic Of All Citizens Forcefully [7/19/2019] Hacker Breaks Into French Government's New Secure Messaging App [4/23/2019] German Police Seek Help In Finding Parcel Bomber With MAC Address [1/9/2019] 20-Year-Old Man Arrested For Carrying Out Germany's Biggest Data Leak [1/9/2019] Hackers Leak Personal Data from Hundreds of German Politicians On Twitter [1/4/2019] GDPR: 8,000 Data Breach Reports Filed So Far in UK [12/17/2018] Ireland's Privacy Watchdog Probes Facebook Data Breaches [12/17/2018] Dutch and British Governments Slam Russia for Cyberattacks [10/8/2018] Nearly Half of the Norway Population Exposed in HealthCare Data Breach [1/22/2018] 75,000 Turks Arrested So Far for Downloading Encrypted Messaging App European Parliament Proposes Ban On Encryption Backdoors Sweden Accidentally Leaks Personal Details of Nearly All Citizens Mystery surrounds malware attack that forced German state parliament offline Middle East/Africa Ransomware Attack Caused Power Outages in the Biggest South African City [7/26/2019] Attacker Tracking Users Seeking Pakistani Passport [3/20/2019] Egyptian 'Fake News' Law Threatens Citizens with 5000-plus Followers [7/23/2018] ISPs Caught Injecting Cryptocurrency Miners and Spyware In Some Countries [3/12/2018] - This may be happening overseas now, but it can easily be done by your ISP as well. Ethiopia Deployed Israeli-Made Spyware Against Dissidents [12/8/2017] APT33: Researchers Expose Iranian Hacking Group Linked to Destructive Malware North Korea Korea in the Crosshairs [1/18/2018] Trump Administration: 'North Korea Launched WannaCry' [12/20/2017] Was North Korea Behind Ransomware Cyberattack? HIDDEN COBRA – North Korea’s DDoS Botnet Infrastructure US Warns of 'DeltaCharlie' – A North Korean DDoS Botnet Malware Watch Out for Malware If You're Interested in North Korean Missile Program Russia 22-Year-Old Hacker Pleads Guilty to 2014 Yahoo Hack, Admits Helping Russian Intelligence [11/30/2017] Russia's Accused Hacker Repeat Play: Extradition Tug of War [11/29/2017] Russia military acknowledges new branch: info warfare troops Russia Bans Proxy Services And VPNs To Purge Extremist Content CNN Exclusive: US suspects Russian hackers planted fake news behind Qatar crisis Russia Threatens to Ban Telegram Messaging App, Says It Was Used By Terrorists India Over 100 Million JustDial Users' Personal Data Found Exposed On the Internet [4/17/2019]

Another article explaining your worth to bad actors. Hackers don’t care who you are — but they will sell your identity on the Dark Web - TheNextWeb.com

Torrent Issues uTorrent Flaw in Popular μTorrent Software Lets Hackers Control Your PC Remotely [3/1/2018] BitTorrent Flaw in Popular Transmission BitTorrent Client Lets Hackers Control Your PC Remotely [1/16/2018] MediaGet Trojanized BitTorrent Software Update Hijacked 400,000 PCs Last Week [3/15/2018]