Avoid This Security CV Mistake!

Good morning!

In today’s line up:

• Learn about how to stop coffee shops viewing your accesses!

• Discover Cloud Security Reference Architectures for AWS, Azure and GCP.

• QR Code attacks and how to prevent them

• 5 must read Cyber Security books to add to your reading list.

• PLUS, how to improve the skills section of your CV!

It’s Cybersecurity Awareness Month!

It blows my mind to think that this year alone the global cost of cybercrime is expected to reach $8 trillion USD.

If the cost of cybercrime was measured as a country, the total would be just behind the economies of the U.S and China.

I can’t help but think about how this value will change as generative AI lowers the barrier to entry for bad actors.

Cybercrime is an infinite game, in which the rules constantly change and evolve. As Cyber Pros we have to work hard to stay ahead and constantly adapt to new attacks as they evolve.

I believe we need more cross-industry collaboration — sharing data, threat research, and best practices to accelerate a growth in cyber maturity. Not only that, we need to address the shortage in cybersecurity professionals by growing more security talent.

Coffee Shop Protection

• We connect to public wi-fi systems (like those in coffee shops) and think that we are not giving away the sites we are visiting, as we are using HTTPs connections. But think again, our DNS requests reveal the sites we are connecting to. Also, the start of the TLS connection actually reveals the site we are connecting to.

• Cloudflare recently announced that they have implemented ESNI (encrypted Server Name Indication (SNI) TLS extension). This aims to stop ISPs and public wi-fi providers from snooping on your Web accesses (or anyone else who listens to your network packets).

• The current internet protocols are flawed and need to be improved to better protect user privacy.

• Encrypted Server Name Indication (ESNI) is a proposed standard that masks the Server Name Identification (SNI) in a TLS connection.

• To summarise, TLS 1.0, TLS 1.1 and TLS 1.2 need to be replaced with TLS 1.3.

Read more here.

Cloud Security Reference Architectures

Reference Architectures provide a holistic set of guidelines for deploying security services across an enterprise. It helps people design, implement, and manage security services so that they align with recommended practices.

Cloud Service Providers each have their own, focused on their security service offerings.

Familiarise yourself with them to understand the full-scope of security in AWS, Azure and GCP:

1. AWS - Well-Architected Framework 
   

2. Microsoft - Cybersecurity Reference Architecture
   

3. Google - Reference Architectures

5 Must Read Cyber Security Books

I asked 5 friends in the security space for their favourite book on security. Here’s what they said:

1. This Is How They Tell Me the World Ends: The Cyberweapons Arms Race - Link
   

2. The Art of Invisibility: The World's Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data - Link
   

3. Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon - Link
   

4. The Wires of War: Technology and the Global Struggle for Power - Link
   

5. Click Here to Kill Everybody: Security and Survival in a Hyper-connected World - Link

QR Code Red: Quishing Attacks and How to Prevent Them

QR codes that re-emerged into our lives during the COVID-19 pandemic have given rise to a new wave of advanced phishing attacks targeting thousands of organisations worldwide.

These evasive threats also known as quishing (QR phishing), lure end users into scanning a QR code sent to them via email using their mobile device camera, redirecting them to malicious websites aiming to steal their login credentials, harvest financial information, or infect their devices with malware.

• QR codes have experienced widespread adoption for everything from viewing restaurant menus to online payments and public transport apps. This has conditioned many of us to respond almost instinctively.

• This shift in human behavior was noticed by threat actors, who are now capitalizing on the “conditioned” trust in QR codes to launch increasingly sophisticated phishing attacks.

• Quishing moves the “playground” onto a mobile phone where the victims are primed for additional steps that involve their personal device.

• Quick Response (QR) codes are essentially a graphical representation of data, mostly used to encode URLs, the process of converting a link into a QR code takes seconds and can be easily done by anybody with online access. When a malicious URL is hidden behind a QR code, the link becomes an image file, not a clickable element.

• Traditional email security systems like secure email gateways (SEGs) and even the most modern email security solutions scan for suspicious links in the email body of the message to prevent phishing attacks, but may overlook embedded URLs within images or file attachments. Most security solutions are unable to extract and dynamically scan links from QR codes.

• Quishing campaigns present a unique challenge to defenders. By embedding the phishing link within a QR code, the threat is effectively concealed, rendering security measures ineffective and allowing malicious emails to slip through and reach the inbox of targeted end users.

If you want to read about this in more detail with real life examples, you can do so here.

Improve the Skills section of your CV!

I’m guilty of once listing skills on my CV.

But the truth is, anyone can say, "I have communication skills" or "I have leadership skills."

Frankly, it’s pointless and offers no value.

What’s missing is EVIDENCE you have those skills.

In the skills section, write a mini-story for each skill, covering:

• What happened – short, punchy context

• What you did – evidence of the skill

• What was the result – result of the skill being applied

Even if you include one mini-story in the skills section, that is 10X more impactful and memorable than a generic phrase claiming a generic skill.

You CV should showcase your experiences and convince the reader that you can add value to their team.

Wisdom

The biggest factor behind the best security capabilities is skilled people, not budget.

Having the right people in place will help build strong foundations that account for business requirements as well as security.

There is no point purchasing the best Security Incident and Event Monitoring technology, if you don’t have the people and processes in place to maintain it operationally and act upon its output.

www.cyberproclub.com