Month: June 2024

See yourself in cybersecurity. You don’t need experience — just the passion and drive to enter a demanding and rewarding field, one that opens limitless opportunities worldwide.

As part of our commitment to help close the cybersecurity workforce gap and diversify those working in the field, ISC2 is offering FREE Certified in Cybersecurity (CC) Online Self-Paced Training and exams to one million people.

Start Your Journey
To participate in the One Million Certified in Cybersecurity program, please follow these simple steps:

1. Create an account. If you already have an ISC2 account, sign in.
2. Complete your ISC2 Candidate application form and select Certified in Cybersecurity as your certification of interest.
3. Once the application is complete, you’ll become an ISC2 Candidate. It’s free to join and you’ll gain access to Official ISC2 Certified in Cybersecurity Online Self-Paced Training and the opportunity to register for the free certification exam. You will find your access on the Candidate Benefits page.
4. Upon passing the exam, complete the application form and pay U.S. $50 Annual Maintenance Fee (AMF). Once completed you’ll become a certified member of ISC2 – the world’s largest association of certified cybersecurity professionals – with access to a broad range of professional development resources to help you throughout your career

Your self-guided tour toward certification — now featuring adaptive learning for a streamlined experience customized to each individual. Leveraging the power of AI, the training guides learners through a self-paced learning experience adapted to their individual needs.  This class will have instructor Lead class it will Be 2 Saturday in a row Dates: July 20, 27 Time: 8-4 Location: Virtual Class is Offered by ISC2 NJ chapter. You do not need to be a member but of course you can join even if your not in New Jersey. I will be teaching the Class.

Exam included.

• Pay U.S. $50 Annual Maintenance Fee (AMF) upon passing the certification exam.

Dates: July 20, 27 Time: 8-4 Location: Virtual

Register here: CC Bootcamp Tickets | Eventbrite

HOPE XV will be the fifteenth Hackers On Planet Earth event. July 12-14, 2024 at St. John University Queens, NY

This event promises to be memorable. It is open to all hackers, makers, tinkerers, experimenters, artists, educators and anyone else with an interest in exploring and improving the world we live in and sharing knowledge with others.

What you get with your ticket:

• Three days of amazing in-person content
• Over 100 presentations
• Workshops on a variety of topics
• Performances
• Hackerspaces with villages, vendors and more
• Great memories and new acquaintances

Virtual tickets get you all the presentations via livestream, plus access to live chat with other attendees and presenters.

HOPE is an all-ages event with multiple simultaneous sessions and many other things to do throughout the weekend. All of this is in a relaxed and comfortable university environment, with friendly and supportive conference attendees.

Buy tickets 

I was presented with a Lifetime Achievement Award at SECON NJ at Kean University. From Ken Fisken president of ISC2 New Jersey Chapter. To say I was shocked is an understatement, I am very honored to be the recipient of this honor. As I say, if all of us would give back to community 1 hour, think how much better the world would be.

NIST Internal Report (IR) 8517, Hardware Security Failure Scenarios: Potential Weaknesses in Hardware Design, is now available for public comment.

There is an incorrect and widespread assumption that hardware is inherently secure. However, this report documents numerous potential security failures that can occur in hardware. It also demonstrates the diverse ways in which hardware can be vulnerable.

The authors leveraged existing work on hardware weaknesses to provide a catalog of 98 security failure scenarios. Each of these is a succinct statement that describes how hardware can be exploited, where such an exploitation can occur, and what kind of damage is possible. This should raise awareness of the many types of hardware security issues that can occur.

The public comment period for this initial public draft is open through July 31, 2024. See the publication details for a copy of the draft and instructions for submitting comments.

NOTE: A call for patent claims is included on page ii of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy – Inclusion of Patents in ITL Publications.

Read More

The initial public draft of NIST Internal Report (IR) 8505, A Data Protection Approach for Cloud-Native Applications, is now available for public comment.

Cloud-native applications, which are generally based on microservices-based application architecture, involve the governance of thousands of services with as many inter-service calls. In this environment, ensuring data security involves more than simply specifying and granting authorization during service requests. It also requires a comprehensive strategy to categorize and analyze data access and leakage as data travels across various protocols (e.g., gRPC, REST-based), especially within ephemeral and scalable microservices implemented as containers.

Hence, in addition to techniques for protecting data at rest (e.g., regular expressions), it has become essential to develop in-transit data categorization that performs real-time data analysis to actively monitor and secure data as it moves across services and network protocols. This IR outlines a practical framework for effective data protection using the capabilities of WebAssembly (WASM) — a platform-agnostic, in-proxy approach with compute and traffic processing capabilities (in-line, network traffic analysis at layers 4–7) that can be built and deployed to execute at native speed in a sandboxed and fault-tolerant manner.

The public comment period for this initial public draft is open through August 1, 2024. See the publication details for a copy of the draft and instructions for submitting comments.

NOTE: A call for patent claims is included on page ii of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy – Inclusion of Patents in ITL Publications.

Read More

NIST Requests Public Comments on SP 800-38B and SP 800-38C | CMAC and CCM Block Cipher Modes of Operation

NIST maintains its cryptography standards and guidelines using a periodic review process.  

Currently, we are reviewing the following publications:

• NIST Special Publication (SP) 800-38B, Recommendation for Block Cipher Modes of Operation: the CMAC Mode for Authentication, 2016
• NIST SP 800-38C, Recommendation for Block Cipher Modes of Operation: the CCM Mode for Authentication and Confidentiality, 2007

NIST requests feedback on all aspects of these publications. Additionally, NIST would appreciate feedback on the guidance for CMAC and CCM authentication tag lengths.  Currently, both publications recommend a minimum tag length of 64 bits.

• Should these publications require that the authentication tags for CMAC and CCM meet a minimum threshold, such as 64 bits or more?
• If not, what conditions/requirements on implementations should be specified for the use of shorter authentication tags for CMAC and CCM?

The public comment period is open through September 13, 2024. Comments may address the concerns raised in this announcement or other issues around security, implementation, clarity, risk, or relevance to current applications.

Send comments to cryptopubreviewboard@nist.gov with “Comments on SP 800-38B” or “Comments on SP 800-38C” in the subject. 

Comments received in response to this request will be posted on the Crypto Publication Review Project site after the due date. Submitters’ names and affiliations (when provided) will be included, while contact information will be removed. See the project site for additional information about the review process.

Read More

Build the skills you need to create new opportunities and accelerate your understanding of Microsoft Cloud technologies at a free Microsoft 365 Virtual Training Day from Microsoft Learn. Join us at Prepare Your Organization for Microsoft Copilot for Microsoft 365 to learn how to implement AI to help ignite creativity, enhance productivity, and strengthen computing and collaboration skills. You’ll learn about the capabilities of Copilot, including how it works, how to configure it, and how to set it up for more powerful searches. You’ll also explore how Copilot works with Microsoft Graph—and your existing Microsoft 365 apps—to provide intelligent, real-time assistance. You will have the opportunity to: Understand the key components of Copilot for Microsoft 365 and how it works. Learn how to extend Copilot with plugins. Get guidance on completing the necessary Copilot technical and business requirements to prepare for implementation. Learn how to assign Copilot licenses, prepare your organization’s Microsoft 365 data for Copilot searches, and create a Copilot Center of Excellence. Join us at an upcoming Prepare Your Organization for Microsoft Copilot for Microsoft 365 event: June 28, 2024 | 12:00 PM – 2:00 PM | (GMT-05:00) Eastern Time (US & Canada) Delivery Language: English Closed Captioning Language(s): English

REGISTER TODAY >

Build the skills you need to create new opportunities and accelerate your understanding of Microsoft Cloud technologies at a free Microsoft 365 Virtual Training Day from Microsoft Learn. Join us at Microsoft 365 Fundamentals to learn how to simplify the adoption of cloud services while supporting strong security, compliance, privacy, and trust. Also, discover how applications such as Microsoft Teams and Microsoft Viva help improve productivity, facilitate collaboration, and optimize communications. After completing this training, you’ll be eligible to take the Microsoft 365 Fundamentals certification exam at 50% off the exam price. You will have the opportunity to: Find out how the productivity, collaboration, and endpoint management capabilities of Microsoft 365 empower people to stay connected and get more done across hybrid environments. Discover how Microsoft 365 security, compliance, and identity solutions help secure an entire digital estate, simplify compliance, and reduce risk. Explore the pricing models, licensing, and billing options available to meet the needs of your organization. Join us at an upcoming two-part Microsoft 365 Fundamentals event: June 20, 2024 | 12:00 PM – 3:30 PM | (GMT-05:00) Eastern Time (US & Canada) June 21, 2024 | 12:00 PM – 4:00 PM | (GMT-05:00) Eastern Time (US & Canada) Delivery Language: English Closed Captioning Language(s): English

REGISTER TODAY >

Register now >

Azure Network Security | Azure Firewall Integration in Microsoft Copilot for Security Wednesday June 12, 2024 | 8:00AM – 9:00AM (PST, Redmond Time) Description: The Azure Firewall integration in Copilot helps analysts perform detailed investigations of the malicious traffic intercepted by the IDPS feature of their Firewalls across their entire fleet using natural language questions in the Copilot for Security standalone experience. Join this webinar to see a live demo of the feature and learn more about what’s to come in the future! Presenter(s):

Microsoft Defender for Cloud | Shift Left with Microsoft Defender for Cloud Thursday June 13, 2024 | 8:00AM – 9:00AM (PST, Redmond Time) Description: Learn how to shift security left and work with developers to secure cloud native applications with Defender for Cloud. Presenter(s):

Multiple vulnerabilities have been discovered in PHP, which could allow for remote code execution. PHP is a programming language originally designed for use in web-based applications with HTML content. Successful exploitation could allow for remote code execution in the context of the affected service account. Depending on the privileges associated with the service account, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Service accounts that are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Threat Intelligence Open-source reports have stated that proof of concept exploits are available for CVE-2024-4577.

Systems Affected

PHP versions: 5 – 8.3.7

Risk Government: – Large and medium government entities: High – Small government entities: Medium

Businesses: – Large and medium business entities: High – Small business entities: Medium

Home Users: Low

Recommendations

Apply appropriate patches provided by PHP to vulnerable systems immediately after appropriate testing. Restrict use of certain websites, block downloads/attachments, block JavaScript, restrict browser extensions, etc. Apply the Principle of Least Privilege to all systems and services. Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack. Block execution of code on a system through application control, and/or script blocking. Remove or deny access to unnecessary and potentially vulnerable software to prevent abuse by adversaries.

References PHP:  https://www.php.net/ChangeLog-8.php

Cybersecurity Help: https://www.cybersecurity-help.cz/vdb/SB2024060501

CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1874  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2408 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4577 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5458