Resources
Regulations and Frameworks
General information
- One of the best sources for cybersecurity news: https://www.sans.org/newsletters/newsbites
- Free resources from SANS: https://www.sans.org/free
- Some great posters from SANS: https://www.sans.org/security-resources/posters/appsec/
- A good, Windows-centric, intro: https://decentsecurity.com/
- Latest Verizon data breach report: https://enterprise.verizon.com/resources/reports/dbir/
- El Reg: https://twitter.com/TheRegister
- Set up a Google Alert https://www.google.com/alerts for “computer security”.
- MITRE ATT&CK™ is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. https://attack.mitre.org/
Careers
- Data on jobs available, job titles, relevant education and certificates and career paths: https://www.cyberseek.org/
- The resource for Colorado cybersecurity folks: https://www.colorado-security.com/. Join the Slack channel.
- Federal cybersecurity jobs in Colorado: https://www.usajobs.gov/Search/Results?l=Colorado&k=cyber
Certifications
- Security+
- https://www.youtube.com/user/professormesser
- https://www.youtube.com/playlist?list=PLG49S3nxzAnkijp3VBQ5CPf19bK-5hmec
Twitter feeds to follow
- @SwiftOnSecurity
- @ExploitDB
More advanced information
- Very deep dives into exploits: https://googleprojectzero.blogspot.com/
- Videos of OWASP’s conferences: https://www.youtube.com/user/OWASPGLOBAL
Lockpicking
- https://www.lockpickshop.com/
- https://www.southord.com/
- https://s3.amazonaws.com/lockpick/Ebook+Instruction.pdf
- http://www.lockpickguide.com/MITguidetolockpicking.html
- https://www.withoutakey.co.uk/lock-picking-pdfs/
- https://www.art-of-lockpicking.com/how-to-pick-a-lock-guide/
Past Events
Paranoid Mind
- Angel I.
- November 7th 2019, 1900 – 2015, King Center 313
Bio: Currently contracted as a Senior CyberSecurity Engineer by the State; previous employment includes IBM and Arrow Electronics. In the business for going on 13 years, starting from “Intern”. Knows a little bit about most things and a lot about a few things. Interests include AI, ML, Red/Blue/Purple teaming, forensics (digital and analog), and wavering between unfettered optimism and full-bore pessimism about the future.
BS in InfoSec, AA in Networking, and a CISSP among many other industry certifications.
Two-time presenter on Artificial Intelligence at DefCon’s Skytalks; now serving as Board Member for same. President of the Board for BSides Denver; volunteer since 2015.
Career in Security Workshop!
Thursday, October 24th, 2019
AES220 at 4:00pm
Learn the tools needed to have a career in Cybersecurity. We’ll cover basic up to some advanced tools. This is a workshop, beginners welcome!
Please come with the following tools installed (run best on Unix/Linux but Windows is just fine):
- Wireshark: Wireshark is the world’s foremost and widely-used network protocol analyzer
-
Nmap: Nmap (“Network Mapper”) is an open source tool for network exploration and security auditing
- Kali Linux VM: The premier hacker Linux OS with builtin hacking and testing tools
- Download a target system: Metasploitable3
- Both run as a Virtual Machine in Virtualbox or Parallels (MacOS) or VMWare (Windows)
Capture The Flag - Bandit
Thursday, September 19th, 2019
AES220 at 4:00pm
Come learn new skills or test your knowledge! Beginners welcome, prizes
available!!
Bandit - Practice and learn new command line tools while hacking.
- Windows users: download and install PuTTy, then test access to overthewire’s server.
- Mac users: test shh access to overthewire’s server.
OverTheWire.org
Please feel free to reach out to the ACM club on our Facebook Page for any questions.
Kali/Metasploitable
Penetration Testing by Dr. Beaty
Friday, February 15th, 2019
12:00 - 1:00pm
- Presentation will cover Networking Basics and how to setup and run Kali and Metasploitable 2. No experience required.
- Recommended: a running Virtual Machine on your computer. USB drives to download Kali and Metasploitable will be provided.
- Instructions for installing/running virtual machines can be found here.
EMOTET Presentation
Mike Hart: Director of Security, Infrastructure, and Network Services
Download EMOTET Presentation