Welcome
Welcome
Hello and Welcome!
Please join our new ISC2CT Discord Server
Be sure to attend our meetings. Lots of good information there. Register for our December 5th meeting on our site ISC2CT.org
Upcoming events:
ISC2 Cybersecurity Events ISC2 cybersecurity events are an opportunity to connect with colleagues, learn new skills, earn continuing professional education (CPE) credits and advance your career. ISC2 offers various educational events globally for members and candidates such as in-person, virtual, live and on-demand webinars, workshops, spotlights and conferences.LearnMore
TryHackMe Advent of Cyber Starting Dec 1st, dive into beginner-friendly, daily gamified cyber security challenges and kickstart your cyber career! Advent of Cyber is your festive gateway into cyber security. Each day of this cyber security event leading up to Christmas, you'll face new byte-size challenges that will test and expand your cyber security knowledge. With over $100,000 worth of prizes up for grabs, you have every reason to get involved in the fun! Join for Free
SANS Holiday Hack Challenge 2024 Join the global cybersecurity community in the most festive and challenging event of the year! The SANS Holiday Hack Challenge offers FREE, high-quality, and super fun hands-on cybersecurity challenges designed for all skill levels. Play to learn or practice your skills and stand a chance to win exciting prizes for the top entries. Free to Play
Thank you to our Sponsors
Quinnipiac University is committed to helping advance the field of cybersecurity through its School of Computing & Engineering. To support the growth of professionals within cybersecurity and computing, Quinnipiac offers flexible online and on-campus opportunities that deliver practical skills you can immediately apply on the job. Both its MS in Cybersecurity and MS in Computer Science programs feature hands-on experience in lab settings that simulate real-world scenarios. To learn more about these exciting opportunities, Visit Quinnipiac University
ISC2CT
NEACS
Our Chapter, ISC2CT, co-partnered to host the NEACS (Northeast Annual Cybersecurity Summit) event at Quinnipiac University. The Chapter was the first to present and our membership chair, Jeff, opened the event introducing out Chapter, what we do, and the involvement we are moving towards. The Chapter also had a table and introduced many new prospects for our events. It was a pleasure to meet potential new members to the Chapter and also to meet in person many members who attend our virtual meetings.
ISC2CT
Member involvement
A long time member, and NEACS founder Pamela Gupta, presented a keynote on AI
ISC2CT
Cyber News
Critical Windows Kerberos Flaw Exposes Millions of Servers to Attack
The vulnerability is tracked as CVE-2024-43639 and has a CVSS score of 9.8 (critical severity) in the Windows Kerberos authentication protocol poses a significant risk to millions of servers. Microsoft addressed this issue in last week’s Patch Tuesday updates. Ensure these patches are installed to protect your systems.
hackread.com
NIST Drops New Deadline for PQC Transition
Read why NIST's new deadline for transitioning away from legacy encryption algorithms acknowledges the growing quantum threat.
keyfactor.com
Why Cybersecurity Leaders Trust the MITRE ATT&CK Evaluations
The "MITRE Engenuity ATT&CK Evaluations: Enterprise" serve as an essential resource for cybersecurity decision-makers.
cybersecuritynews.com
CISOs can now obtain professional liability insurance
New Jersey-based Crum & Forster recently unveiled a policy specifically designed to shield CISOs from personal liability.
cyberscoop.com
Found on VirusTotal: The world’s first UEFI bootkit for Linux
“Bootkitty” is likely a proof-of-concept, but may portend working UEFI malware for Linux.
arstechnica.com
Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks
Critical flaws in CleanTalk’s WordPress plugin allow remote code execution; update to secure your site.
thehackernews.com
Infosec products of the month: November 2024 - Help Net Security
The featured infosec products this month are from: Absolute, Arkose Labs, Atakama, BlackFog, Eurotech, HiddenLayer, Hornetsecurity and more.
helpnetsecurity.com
Gaming Engines: An Undetected Playground for Malware Loaders - Check Point Research
Key Points Introduction Cybercriminals constantly try to evolve their tactics and techniques, aiming to increase infections. Their need to stay undetected pushes them to innovate and discover new methods of delivering and executing malicious code, which can result in credentials theft and even ransomware encryption. Check Point Research discovered a new undetected technique that uses […]
checkpoint.com
Scams to look out for this holiday season
‘Tis the season to be wary – be on your guard for fraud doing the rounds during the holiday sales surge
welivesecurity.com
Flying Under the Radar - Security Evasion Techniques
Discover how modern phishing attacks use advanced evasion techniques to bypass security and target sensitive data.
thehackernews.com
Salt Typhoon hackers backdoor telcos with new GhostSpider malware
The Chinese state-sponsored hacking group Salt Typhoon has been observed utilizing a new "GhostSpider" backdoor in attacks against telecommunication service providers.
bleepingcomputer.com
How to protect yourself from scammers offering fake jobs
In the last year, job scams have been on the rise, according to the Identity Theft Resource Center, a nonprofit that helps consumers with identity compromises and crime
apnews.com