California Cyber News

Originally Posted On: thejournal.com

By the end of grade 2, a student should be able to explain the functions of common hardware and software components in a computer. By the end of grade 5, he or she should be able to determine potential solutions to solve simple hardware and software problems using common troubleshooting strategies. By the end of grade 8, the student should be able to explain potential security threats and security measures to mitigate threats. And by the end of high school, he or she should be prepared to create data visualizations that can help others better understand real-world phenomena. Those requirements are among the computer science standards recently approved by the California State Board of Education. The process for developing those standards began in 2014 when Governor Jerry Brown signed into law a bill directing the state’s Instructional Quality Commission to undertake development.

Originally Posted On: informationweek.com

Women play an important role in building an innovative workforce, so it’s critical to support to the next generation of women technologists and empower their careers. 

In my 20 years in the technology industry, I’ve often been the only woman in the room. That was especially true at the beginning of my career.

Nowadays, things are different. Research shows that young women today are 33% more likely to study computer science, compared with women born before 1983. I see many more of these women entering the technology workforce, including my daughter. When I look at her and other young women following this path, I see them entering a much different workplace than I did, one that has more awareness of the challenges women face in male-dominated industries.

Originally posted on: comptia.org

DREAM IT CAREER RESOURCE CENTER:

Use the Dream IT Career Resource Center to learn about careers and salaries, read real-life stories from women working in technology, and get tips on starting your career.

CAREER AREAS

Write code for a gaming company or manage a creative team working in healthcare: technology offers a lot of paths to success. Find your dream career.

INTRO TO TECH

FOR IMMEDIATE RELEASE: Washington, D.C. (September 26, 2018)— “5 of every 6 routers are inadequately updated for known security flaws, leaving connected devices open to cyberattacks that can compromise consumer privacy and lead to financial loss,” according to a new study released today by the American Consumer Institute. The study, “Securing IoT Devices: How Safe Is Your Wi-Fi Router?— finds that the majority of Wi-Fi router manufacturers are neglecting to update their firmware for known vulnerabilities leaving consumers at risk of having their data compromised and identity stolen.

The results show that this problem is pervasive among the most popular Wi-Fi routers in peoples’ homes:

How AI Can Help Stop Cyberattacks

Originally Posted On: wsj.com

As hackers get smarter and more determined, artificial intelligence is going to be an important part of the solution

As corporations struggle to fight off hackers and contain data breaches, some are looking to artificial intelligence for a solution.

They’re using machine learning to sort through millions of malware files, searching for common characteristics that will help them identify new attacks. They’re analyzing people’s voices, fingerprints and typing styles to make sure that only authorized users get into their systems. And they’re hunting for clues to figure out who launched cyberattacks—and make sure they can’t do it again.

“The problem we’re running into these days is the amount of data we see is overwhelming,” says Mathew Newfield, chief information-security officer at Unisys Corp. UIS 1.99% “Trying to analyze that information is impossible for a human, and that’s where machine learning can come into play.”

How Hackers Talk Their Way Into Getting Company Secrets

Originally Posted On: wsj.com

With ‘social engineering’ schemes, cybercriminals trick employees into handing over valuable information.

Often it begins with an innocuous-seeming email from an internet domain that closely resembles the victim’s. The message may appear to come from the company’s chief executive or another senior executive. “Are you at your desk?” it asks. “I need your help with something.”

Only after the conversation has begun will scammers ask for what they really want—a transfer of money. But by then it is often too late. The victim believes he’s emailing his boss and makes the payment.

Security pros call this social engineering, and it is replacing malicious software as the weapon of choice for cybercriminals. Social engineering is a bit of a catchall phrase, but it is happening anytime hackers trick employees into sharing intelligence that helps the hackers find vulnerabilities in company systems and carry out attacks. In addition to increasingly personalized phishing emails, it often involves phone calls in which the criminals trick employees into handing over private information or account passwords. Some employees have been tricked into wiring millions of dollars to offshore bank accounts controlled by the thieves.

Oak Tech 006

Originally Posted On: edsource.org

Four years ago in May of 2014, the CEO of Code.org, Hadi Partovi, sent a letter to Governor Jerry Brown asking for a meeting to talk about the importance of expanding student access to computer science education in California’s K-12 schools.

 

Gov. Brown asked State Board of Education President Michael Kirst to advise him. A colleague of mine for over twenty-five years, Mike asked me to look into it and to answer some basic questions: What is computer science education? Why should it be for all students? Why now?

With college degrees in English Literature and Public Policy, and accustomed to relying heavily on Apple’s Genius Bar to fix my iPhone and laptop, I had a very steep learning curve.

But with mentoring from Code.org, the national nonprofit expanding K-12 computer science across the country and support from California’s many computer science advocates, I dug in. And the more I learned and understood, the more passionate I became about the need for computer science to be brought into K-12 as a foundational subject and about the critical importance of ensuring that girls, students of color, low-income kids, EL students — all students have access.

Fast forward four years.

P2

It’s easy to talk about the need for more women in IT, but hearing stories from friends and family members drove the point home for Del Norte High School student Lily Hu.

“Females are given fewer opportunities than their male colleagues,” Hu said. “If more young women become involved with IT and cybersecurity, we can change such stereotypes. Having more women would encourage support for one another.”

Hu is one of seven students from the CyberAegis team in San Diego to receive a National Center for Women in Technology (NCWIT) Aspirations in Computing Award. The award honors women in grades 9 through 12 who are active and interested in computing and technology, and encourages them to pursue their passions.

img333
Innovations in Cybersecurity Education:
We talked about it for months, but WOW what a mega success. The second annual Innovations in Cybersecurity Education awards program resulted in a glorious 73-page booklet chock full of innovations ready for you to integrate into your cybersecurity classrooms! They include tried and true techniques in areas of curriculum, faculty development, lab activity, local partnerships, and student-aided learning. This handy publication is available for free to National CyberWatch Center academic members.
Fotolia 104123748 Subscription Monthly M 730x480

Originally Posted On: paymentsjournal.comaymentsjournal.com

127 million smart home units are expected to be sold in the US in 2018, with the global smart home market expected to be worth $53.45 billion by 2022. With 55% of smart device owners in the dark about how they actually work, could those who bought second-hand smart home devices be welcoming a threat to their families into their homes?

Internet security experts vpnMentor have utilised a team of ethical hackers to uncover the most hackable smart home devices including the first-generation Amazon Echo, a Samsung Smart Camera and the first-generation Ring Smart Doorbell.

cyber security cybersecurity device 60504

Originally Posted On: zdnet.comdnet.com

California IoT security bill criticized by security researcher. Expert says bill “is based upon an obviously superficial understanding of the problem.”

The first Internet of Things (IoT) security bill in the US has been approved in California at the end of August and has now reached the Governor’s desk to be signed into law.

The bill, SB-327, was introduced in February 2017 and was the first legislation of its kind in the US.

It even predated by almost six months the Internet of Things Cybersecurity Improvement Act of 2017, a bill introduced in the US Senate by Sen. Mark Warner [D-VA].

But while dust gathered on Sen. Warner’s proposal to secure IoT devices across the US, the California bill saw active discussions and was approved on the California Assembly and Senate floors on August 28, and 29, respectively.

Man sharing experience with woman 300x199

Originally Posted On: certmag.com

We’ve all heard of the Catch-22 phrase, “In order to get experience I need a job, and in order to get a job, I need experience.” Liz Ryan, noted author of Reinvention Roadmap, and a contributor to Forbes Magazine described this as a “membrane that seems to be thick and impenetrable, but once you get a foot inside you will see that it’s not(.)” Ryan identifies the importance of getting involved in “networking events whenever you get a chance … Start to form relationships with business people in your area.”[1]

For cybersecurity students with professional ambitions, the term “business people” can be substituted with IT and cybersecurity professionals. As both an educator and cybersecurity professional, I’ve been in a position of teaching and mentoring a large number of students over the years, with the express goal of creating great taxpayers. In order to achieve this goal, educators need to focus on key competencies that students need to succeed in these job roles. Those competencies are:

Dan Manson

Dan MansonDan Manson saw for the vision of what cybersecurity education could become long before many people even knew what cybersecurity was. 

Over the past 20 years, he’s helped expand cyber competitions across California while serving as a professor and chair of the Computer Information Systems department at Cal Poly Pomona. After seeing so much success in California, he’s ready to do the same thing in Nevada, where he now lives.

“California has gone so far down the road that they don’t need me,” Manson said. “There are other places that aren’t very far down that road where I can still have an impact.”

Manson joined the cybersecurity world in 2001 after hearing about a Department of Education grant aimed at improving campus cybersecurity. He thought that there might be an opportunity for faculty to become involved and — as he’s done many times throughout his career — invited himself to the meetings to learn more about it.

That grant lead to two $900,000 NSF Advanced Technical Education grants, one in 2003 and one in 2007. Those funds were aimed at workforce development and allowed Manson to begin building partnerships with other colleges that have only grown stronger over time.

In addition, Manson led the effort for Cal Poly Pomona to be designated a National Center of Academic Excellence in Information Assurance Education in 2005, 2008 and 2014. 

money shutterstock489

Original article posted on informationweek.com

2018’s bullish economy is reflected in venture capital and private equity investments. Software drives the majority of deals since software powers just about everything now. Here’s where the money is flowing and why.

2018 is a strong economic year, as reflected in venture capital and private equity investments. According to the 2Q Pitchbook-National Venture Capital Association (NVCA) Venture Monitor, $57.5 billion was invested in U.S. VC-backed companies in the second quarter. Ninety-four of the financings involved at least $100 million and 42 unicorns closed deals with valuations of at least $1 billion.

“To say capital availability is high would be putting the true state of the US VC industry lightly,” the report says.

In the first half of 2018, software represented 43% of venture capital deals and 11.9% of private equity (PE) buyouts, according to Pitchbook. It expects more PE to flow to VC-backed companies in the forms of buyouts and growth rounds.

promo image

Originally posted on courses.certification.comptia.org/a-on-ramp

You’re ready to get certified, we’re ready to help. Sign-up today for free certification advice!

Register today for CompTIA A+ On-Ramp, our online course designed to simplify the certification process.  CompTIA A+ On-Ramp includes three classes (only 10 to 14 minutes each). Each class is recorded and available online, anytime, on your computer or mobile device. Watch them at your convenience.

Original article posted on indivigital.com

According to security firm Sucuri, the alleged “main contributors” to the spread of the infection are the tagDiv Newspaper theme and the Ultimate Member Plugin. Conservative estimates suggest the malware has infected at least 2,200 websites.

At least 2,200 WordPress websites have been infected by new malware that maliciously redirects visitors to third party websites to mislead them into accepting requests for browser notifications, according to a post published by cyber security firm Sucuri.

The malicious redirects send users to various URLs on the domain utroro.com, at which point they are seemingly served browser notification opt-ins masquerading as reCAPTCHA images.