Resources

Regulations and Frameworks

• https://www.cybok.org/
• https://www.nist.gov/cyberframework

General information

• One of the best sources for cybersecurity news: https://www.sans.org/newsletters/newsbites
• Free resources from SANS: https://www.sans.org/free
  • Some great posters from SANS: https://www.sans.org/security-resources/posters/appsec/
• A good, Windows-centric, intro: https://decentsecurity.com/
• Latest Verizon data breach report: https://enterprise.verizon.com/resources/reports/dbir/
• El Reg: https://twitter.com/TheRegister
• Set up a Google Alert https://www.google.com/alerts for “computer security”.
• MITRE ATT&CK™ is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. https://attack.mitre.org/

Careers

• Data on jobs available, job titles, relevant education and certificates and career paths: https://www.cyberseek.org/
• The resource for Colorado cybersecurity folks: https://www.colorado-security.com/. Join the Slack channel.
• Federal cybersecurity jobs in Colorado: https://www.usajobs.gov/Search/Results?l=Colorado&k=cyber

Certifications

• Security+
  • https://www.youtube.com/user/professormesser
  • https://www.youtube.com/playlist?list=PLG49S3nxzAnkijp3VBQ5CPf19bK-5hmec

Twitter feeds to follow

• @SwiftOnSecurity
• @ExploitDB

More advanced information

• Very deep dives into exploits: https://googleprojectzero.blogspot.com/
• Videos of OWASP’s conferences: https://www.youtube.com/user/OWASPGLOBAL

Lockpicking

• https://www.lockpickshop.com/
• https://www.southord.com/
• https://s3.amazonaws.com/lockpick/Ebook+Instruction.pdf
• http://www.lockpickguide.com/MITguidetolockpicking.html
• https://www.withoutakey.co.uk/lock-picking-pdfs/
• https://www.art-of-lockpicking.com/how-to-pick-a-lock-guide/

Past Events

Paranoid Mind

• Angel I.
• November 7th 2019, 1900 – 2015, King Center 313

Bio: Currently contracted as a Senior CyberSecurity Engineer by the State; previous employment includes IBM and Arrow Electronics. In the business for going on 13 years, starting from “Intern”. Knows a little bit about most things and a lot about a few things. Interests include AI, ML, Red/Blue/Purple teaming, forensics (digital and analog), and wavering between unfettered optimism and full-bore pessimism about the future.

BS in InfoSec, AA in Networking, and a CISSP among many other industry certifications.

Two-time presenter on Artificial Intelligence at DefCon’s Skytalks; now serving as Board Member for same. President of the Board for BSides Denver; volunteer since 2015.

Career in Security Workshop!

Thursday, October 24th, 2019
AES220 at 4:00pm
Learn the tools needed to have a career in Cybersecurity. We’ll cover basic up to some advanced tools. This is a workshop, beginners welcome!

Please come with the following tools installed (run best on Unix/Linux but Windows is just fine):

• Wireshark: Wireshark is the world’s foremost and widely-used network protocol analyzer
  

• Nmap: Nmap (“Network Mapper”) is an open source tool for network exploration and security auditing
  

• Kali Linux VM: The premier hacker Linux OS with builtin hacking and testing tools
  • Download a target system: Metasploitable3
  • Both run as a Virtual Machine in Virtualbox or Parallels (MacOS) or VMWare (Windows)

Capture The Flag - Bandit

Thursday, September 19th, 2019
AES220 at 4:00pm
Come learn new skills or test your knowledge! Beginners welcome, prizes available!!

Bandit - Practice and learn new command line tools while hacking.

• Windows users: download and install PuTTy, then test access to overthewire’s server.
• Mac users: test shh access to overthewire’s server. OverTheWire.org
  Please feel free to reach out to the ACM club on our Facebook Page for any questions.
  

Kali/Metasploitable

Penetration Testing by Dr. Beaty
Friday, February 15th, 2019
12:00 - 1:00pm

• Presentation will cover Networking Basics and how to setup and run Kali and Metasploitable 2. No experience required.
• Recommended: a running Virtual Machine on your computer. USB drives to download Kali and Metasploitable will be provided.
• Instructions for installing/running virtual machines can be found here.

EMOTET Presentation

Mike Hart: Director of Security, Infrastructure, and Network Services
Download EMOTET Presentation