October is Cybersecurity Awareness Month! The month was originally created through a collaboration with the National Cyber Security Alliance and the Department of Homeland Security. Feel free to check out the events and resources listed below.
Events
Data Disposal Day (10/25, 8am – 12pm)
Security Now Host: Steve Gibson – Porosity: Why Cybersecurity Remains Elusive (10/26 @ 2pm)
Description: The benefits to society from secure and trustworthy computing systems are obvious and many. But despite decades of monumental investment toward in this obvious goal, cybersecurity remains elusive with damages ranging from individual users to international corporations. With the causes of each failure clear in retrospect, why do we seem unable to get ahead of them? Steve is going to share and layout his concept of “security porosity”.
Steve Gibson is the founder & CEO of Gibson Research Corporation, located in Southern California. Since 1988, all of the bills have been paid by the sales of Steve’s long-standing mass storage maintenance and data recovery utility: SpinRite. GRC’s website mostly reflects Steve’s life-long passion for all-things-technology including Internet Security. He began programming early computers in 1970, at the age of 15, and he never stopped. Steve believes in “old School” computing, and, yes, misses working with computers having 16 Kbytes of memory. So today, because he lives to code, even though it’s a bit nuts, he still writes all of his programs in 100% pure assembly language. Listeners to his weekly Security Now podcast often comment that they can hear his love and enthusiasm for technology in his voice. It’s the real deal.
Cybersecurity Starbucks Drink (10/1 – 10/31)
The featured UCI Cybersecurity Awareness Month Starbucks drink, the “Java Chip Securi-ccino”, will be available at all three Starbucks locations on Campus during the month of October.
Security Quiz Raffle (10/1 – 10/31)
Complete the security quiz and be entered into a drawing for one of three $25 Amazon gift cards! Winners will be picked at random at the end of the October and contacted through email. Participants must input a UCI email address and can only enter in once. You do not have to get all the questions right in order to participate in the drawing and you must be UCI-affiliated to win.
Security Topics
Use Multi-factor (Two-factor) authentication for your online accounts. This method uses two or more factors for authentication and includes but is not limited to: Something You Have, Something You Know, and Something You Are.
Create a long and different password for each online account with a minimum of 12 characters. Use a mixture of different sets of characters and use a password management tool to help store passwords.
Look out for phishing/email scams asking for your information. Some senders may masquerade as someone you know or a legitimate organization. Their aim may be to acquire personal or financial information among other items. If you believe the email to be a scam and have not replied, ignore the email. If you have replied, cease all further contact with the sender.
Be sure to automatically backup your data and apply the latest security patches. Doing so will keep your software current and helps to address security vulnerabilities.
Be wary of voice phone scams. Scammers are now using AI to trick people into thinking that the person who is calling is in trouble and is in a state of emergency. They often times ask for assistance through monetary means (e.g. money, crypto, gift cards, etc.) and is in a state of urgency. If you suspect the call to be a scam, hang-up and call the actual person to ask them to verify their situation.
Zoom Backgrounds
Security Media List
Books
- Spam Nation: The Inside Story of Organized Cybercrime – Brian Krebs
- Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World – Bruce Schneier
- Social Engineering: The Science of Human Hacking – Christopher Hadnagy
- Infosec Rock Star: How to Accelerate Your Career Because Geek Will Only Get You so Far – Ted Demopoulos
- Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker – Kevin Mitnick
- The Art of Invisibility: The World’s Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data – Kevin Mitnick
- Ready Player One – Ernest Cline
- The Hacker’s Playbook
- ISC2 CISSP Official Study Guide
- CEH Certified Ethical Hacker All-in-One Exam Guide
- Black Hat Python: Python Programming for Hackers and Pentesters
Movies/Shows
- The Matrix (Rated R, viewer discretion is advised)
- The Matrix Reloaded (Rated R, viewer discretion is advised)
- Blackhat (Rated R, viewer discretion is advised)
- Snowden (Rated R, viewer discretion is advised)
- Mr. Robot (Rated TV-Mature Audiences, viewer discretion is advised)
- Swordfish (Rated R, viewer discretion is advised)
- WarGames (Rated PG)
- Hackers (Rated PG-13)
- Sneakers (Rated PG-13)
- Ghost in the Shell (Rated TV-Mature Audiences, viewer discretion is advised)
- The Net (Rated PG-13)
- Mission: Impossible – Dead Reckoning Part One (Rated PG-13)
Podcasts
Gamified Cybersecurity
Resources
- UC-wide Cybersecurity Awareness Month Events
- CISA: National Cyber Security Awareness Month
- DHS: Department of Homeland Security Be Cyber Smart
- NIST: National Institute of Standards and Technology (Cybersecurity)
- SANS: SysAdmin, Audit, Networking, and Security
- SANS: Artificial Intelligence – What to Tell Your Workforce
- AI Password Cracker Checker
- Krebs on Security
- FTC Recognizing and Avoiding Phishing Scams