I've been in the Learning and Development industry for a decade. Well, in a professional capacity, that is. But if I'm being honest, I've been a student of this field my entire life. And so have you. The way we approach learning—whether it's diving into a new subject or honing an existing skill—is pivotal. Do you retreat at the first sign of failure? Do you expect instant success? How do you envision your learning journey? How much of your day is dedicated to study and practice?

At 19, I took a leap of faith and served a mission for my church, The Church of Jesus Christ of Latter-Day Saints, in Brazil. With zero knowledge of the language, culture, or even the local cuisine, I embarked on this journey in August of 1998. My initial training was at the Missionary Training Center in Provo, UT, where I spent two months. A significant part of our training was language acquisition. Eager to communicate upon my arrival in Brazil, I took an instructor's advice to heart: spend an entire day speaking only in Portuguese. Armed with a dictionary and notebook, I took on this challenge amidst my group of ten fellow missionaries. It was daunting. Many in my group were hesitant to join in, and some even poked fun at my attempts. But through a cycle of failures and successes, I persevered. By the time I left Brazil, I was nearly fluent. While I might not claim fluency today, I still cherish those skills, allowing me to exchange pleasantries in Portuguese whenever the opportunity arises.

This experience taught me a universal truth about learning: if a challenge doesn't push you to the brink of failure, the lessons won't stick. Regardless of how many times you stumble, the key is to keep pushing forward. Analyze the reasons behind each failure, adjust your approach, and keep going until you succeed. When my eldest son was learning to drive, he feared failing his test. I reassured him that whether he passed on his first or tenth attempt, the end result was the same. After all, does the number of tries truly matter?

As you embark on your learning journey, remember:

• Seek the "Why": Whether in success or failure, understanding the reasons behind outcomes will solidify your grasp on the subject.
• Embrace Failure: Don't fear the "F" word. Your reaction to failure is what truly counts. When you stumble, seek the "why" and adjust your course.
• Forget About Timelines: While there are times when speed is essential (like finishing a semester), don't let the pressure overshadow your progress.
• Practice Makes Perfect: Engage in deliberate practice. Set clear goals, measure your progress, and if possible, find a mentor to guide you.
• Stay Humble: Learning thrives in humility. An inflated ego can hinder your growth.

For my part, I remain committed to this industry. I strive to be a lifelong learner, constantly reminding myself of these principles, and a dedicated teacher, eager to guide others on their learning paths. Stay tuned, as I'll be sharing posts to help you access foundational knowledge and skills in cybersecurity. Additionally, keep an eye out for a follow-up blog post where I'll delve deeper into the concept of deliberate practice.

At the start of October, I decided to kick off a podcast for the month. Never having done one, I had a definite learning curve! I put out 24 different episodes, some on a nearly daily basis. But, just because cybersecurity awareness month has ended, doesn't mean I will stop. My intention remains to continue producing podcasts and blog posts on cybersecurity. Some will remain for those that sit outside the industry. Others will be more technical in nature. So, join me as I continue to post and grow the content here at RootEd Security!

This will likely remain my longest podcast title ever. This also serves to show that no organization is safe from breach. It doesn't matter if you are a church or a Fortune 500 company. If someone sets their eyes on your network, they will get in. How will you respond? Let's dive into this breach and find out! My guest today is my wonderful mother-in-law!

Links of interest

• News article: https://www.sltrib.com/religion/2022/10/13/cyberattack-targets-lds-church/

Ah, knowledge, you slippery little minx. How can we hold on to you? Do we even need to chase you? Well, if you want to succed here in the world of cybersecurity, you will definitely need to chase and grab a tight hold on knowledge. In today's episode, I describe my process of acquiring knowledge. It really is only one part of an overall strategy to develop your skill set. You need knowledge, but then you need practice. Today, we will discuss knowledge.

Does your process differ from mine? Let me know how you succeed! Any blogs or other resources you think need to be added? Let me know that as well!

During this podcast, I break down where we gain knowledge:

• Social Media
  • Reddit
  • Twitter
• Blog Posts (like these!)
  • Company
  • News
  • Personal
• Vulnerabilites / Threats

One of the best ways to consume this is through a RSS Feed Reader. Many applications will even bring in subreddits and Twitter feeds. This will ensure you stay out of the social media black hole during your research time.

Feedly - RSS Reader, cross platform. Free, but has a yearly premium cost of $99. This adds the ability to add Twitter feeds and Reddit subreddits.

Inoreader - RSS Reader, cross platform. Free, but has a yearly premium cost of $90. This adds the ability to add Twitter feeds (among other things). The ability to add Reddit subreddits is in their Free Tier.

NetNewWire - This is an open source RSS Reader. Mac only.

Pocket and Instapaper: These are good repositories for links you read and want to keep around.

For note taking, this will be highly personal.

That being said, my recommendation is Craft Docs. It is highly flexible and allows you to really organize your notes very well. Remember: you want to capture what you are researching. Make notes about points you feel are important. Add a "so what" section. And a section for "Follow up" topics.

These are other apps that work well for note taking:

Bear

Ulysses

OneNote

Evernote

Apple Notes

Now for the links. This is going to just be a dump of links without much context. Enjoy them. Look over them. Make them your own: remove ones that don't interest you and add ones that do!

Twitter

https://twitter.com/4n6ir

https://twitter.com/anton_chuvakin

https://twitter.com/briankrebs

https://twitter.com/sans_isc

https://twitter.com/sansforensics

https://twitter.com/EricRZimmerman

https://twitter.com/13CubedDFIR

https://twitter.com/cyb3rops

https://twitter.com/schneierblog

https://twitter.com/offsectraining

https://twitter.com/ExploitDB

https://twitter.com/taosecurity

Reddit

https://www.reddit.com/r/netsec/

https://www.reddit.com/r/cybersecurity/

https://www.reddit.com/r/AskNetsec/

https://www.reddit.com/r/Cybersecurity101/

https://www.reddit.com/r/netsecstudents/

https://www.reddit.com/r/blueteamsec/

https://www.reddit.com/r/redteamsec/

https://www.reddit.com/r/linuxquestions/

https://www.reddit.com/r/securityCTF/

https://www.reddit.com/r/ReverseEngineering/

https://www.reddit.com/r/computerforensics/

https://www.reddit.com/r/Malware/

https://www.reddit.com/r/crypto/

Blogs

Company

https://www.rapid7.com/blog/

https://www.mandiant.com/resources/blog

https://www.trellix.com/en-us/about/newsroom/stories.html

https://www.crowdstrike.com/blog/

https://www.malwarebytes.com/blog

https://nakedsecurity.sophos.com/

https://www.offensive-security.com/blog/

News

https://thehackernews.com/

https://www.bleepingcomputer.com/

https://www.darkreading.com/

https://isc.sans.edu/

https://www.securityweek.com/

https://thehackernews.com/

https://threatpost.com/

Personal

https://krebsonsecurity.com/

https://www.schneier.com/

https://taosecurity.blogspot.com/

https://medium.com/katies-five-cents

https://rootedsecurity.blog/

Vulnerabilities / Threats

https://www.cisa.gov/uscert/ncas/bulletins

https://www.cisa.gov/uscert/ncas/current-activity

https://www.cve.org/Media/News/AllNews

https://packetstormsecurity.com/

https://kb.cert.org/vuls/

https://www.exploit-db.com/

https://seclists.org/#fulldisclosure

Look in the sky! It's a SIM, no a SEM, wait ... it's a SIEM! It's here to save us! Or is it? Come with me and learn about this essential, albeit frustrating, tool that exists in nearly every single organization.

Links of interest

• Minutes from the 1977 meeting that started the industry talking about logs: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nbsspecialpublication500-19.pdf
• SIEM overview: https://www.prelude-siem.com/en/what-is-a-siem/
• Great article by Alissa Knight on the SIEM vendor history: https://alissaknight.medium.com/ashes-to-ashes-we-all-fall-down-the-death-of-siem-and-rise-of-soar-e2fcfbb81cdd

RootEd Security, episode 22

0:00

/21:36

1×

No, I didn’t mistype the word attack. Today we are talking about an attack framework from MITRE. Come learn what this framework is, how organizations use it to keep themselves ahead of the adversary (or at least pace with). And I’ll even discuss how you can use this to level up your cybersecurity skills!

Links of interest

• Our Story | MITRE
• MITRE ATT&CK®

RootEd Security, episode 21

0:00

/27:21

1×

Do you like the idea of stealthily stalking your cyber prey? How about being so advanced in your skills that you are ahead of that security vendor you just cut a million dollar check to? Threat Hunting is a great field that will push your skills to their limits. It gives you a great opportunity to dive deep into the threats that exist against your organization. So, grab your preferred weapon of choice and join me as we journey into this jungle, hunting for those oh-so-stealthy threats.

Links of interest

The Origin of Threat Hunting

An early Threat Hunting article by Richard Bejtlich

RootEd Security, episode 20

0:00

/12:08

1×

What would you say if I told you a company didn't know some of their customer data was exposed for 5 years? It happened! Jump in today and learn how Toyota kept things in neutral and missed the on-ramp to better security! Join my special guest (my wife!) and I as we delve into how this occurred and what other companies need to watch out for!

Links of interest

Toyota defines T-Connect: http://www.toyotaconnected.co.jp/en/service/telematics.html

GitGuardian's take on this breach: https://blog.gitguardian.com/toyota-accidently-exposed-a-secret-key-publicly-on-github-for-five-years/

Toyota's Breach Notification: https://global.toyota/jp/newsroom/corporate/38095972.html

Duo's advice for monitoring GitHub for your secrets: https://duo.com/labs/research/how-to-monitor-github-for-secrets

Samsung has a similar problem: https://www.bleepingcomputer.com/news/security/hackers-leak-190gb-of-alleged-samsung-data-source-code/

RootEd Security, episode 19

0:00

/28:48

1×

Link to Original Document

Oh, we have a good one today! Cyber threat Intellegince is our focus: what is it, why is it important, and how is it accomplished. Let's talk about what makes threat intel, threat intel.

Links of interest

Initial definition of cyber threat intelligence: https://www.gartner.com/en/documents/2487216

Mandiant's APT1 report: https://www.mandiant.com/resources/apt1-exposing-one-of-chinas-cyber-espionage-units

A great starting point for cyber threat intelligence:

1. https://www.oreilly.com/library/view/threat-intelligence-in/9781492049302/ch01.html
2. https://www.recordedfuture.com/threat-intelligence
3. https://www.cisecurity.org/insights/blog/what-is-cyber-threat-intelligence

3 great resources from Katie Nickels, the Director of Intellegince at Red Canary:

1. A great webcast on the threat intel process
2. Her threat intel study plan, part 1
3. Her threat intel study plan, part 2

RootEd Security, episode 18

0:00

/16:17

1×

Let's dip our toes again today! Do you know what PII is? Nope, I didn't mean pi ... I meant Personally Identifiable Information. This means how you can be identified with various bits and pieces of data. Do companies deserve your trust with your data? Probably not. Listen today and find out what you can do to protect yourself.

RootEd Security, episode 17

0:00

/18:09

1×

We're discussing pen testing today! Have you ever wanted to break into a computer and not risk any legal ramifications? Have you ever wondered just what a hacker does to gain control of a company's network? Well, pen testing may be a field for you! Jump in, and let's explore this amazingly fun role together.

Links of interest

TryHackMe: https://tryhackme.com

Kali Linux: https://www.kali.org

Offensive Security: https://www.offensive-security.com

EC-Council: https://www.eccouncil.org (They have many different types of training and certifications, including Pen Testing)

Great background on Pen Testing: https://resources.infosecinstitute.com/topic/the-history-of-penetration-testing/

RootEd Security, episode 16

0:00

/12:03

1×

We are dipping our toes into the discussion of social engineering! How gullible are you? Hopefully, not as gullible as the victims of the Indian conman, Natwarlal (see this article on Wikipedia for his exploits: https://en.wikipedia.org/wiki/Natwarlal). Scammers play on our desires to be helpful and avoid trouble. Sometimes, even the most cautious can be fooled. In today's episode, we will look at scammers' tactics and how you can avoid being duped.

Links of interest

The Wired article on John Brennan: https://www.wired.com/2015/10/hacker-who-broke-into-cia-director-john-brennan-email-tells-how-he-did-it/

Article from CompTIA on Social Engineering: https://www.comptia.org/content/articles/what-is-social-engineering

RootEd Security, episode 15

0:00

/10:34

1×

We've got another Breach Notification episode today with another special guest: my daughter! What breach are we talking about? 2k! If you haven't heard of 2k, you may not play many video games. But that doesn't lessen the impact of this breach. It was a sneaky one and something that could happen with other organizations.

Join us as we discuss how it happened, what it means to those impacted, and what could have been done to prevent it.

Links of Interest

Initial article from Bleeping Computer: https://www.bleepingcomputer.com/news/security/2k-game-support-hacked-to-email-redline-info-stealing-malware/

Follow-up article from Bleeping Computer: https://www.bleepingcomputer.com/news/security/2k-games-warns-users-their-stolen-data-is-now-up-for-sale-online/

2k tweet on the breach: https://twitter.com/2KSupport/status/1572320721333796865

2k FAQ regarding the incident: https://2k.com/playerinfo/

RedLine malware overview: https://blog.avast.com/redline-stealer-malware

Recommended password manager, 1Password: https://1password.com

RootEd Security, episode 14

0:00

/19:05

1×

Another security patch?! Make it stop! Sadly, it won't stop. Today, we are going to dip our toes into vulnerabilities, exploits, and zero-days! What does all of this mean and why should you care? Well, you will need to listen to find out!

Links of interest

Grace Hopper Bio: https://president.yale.edu/biography-grace-murray-hopper

More information on vulnerabilities and exploits: https://www.rapid7.com/fundamentals/vulnerabilities-exploits-threats/

Lists of exploits from CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

"First" computer bug! https://education.nationalgeographic.org/resource/worlds-first-computer-bug

RootEd Security, episode 13

0:00

/14:42

1×

We are touching on another Cybersecurity Discipline today! Incident Response!

Red Alert! An alert hits, stating that some "big bad thing" has occurred! It is your job to figure out what happened, when it happened, and what the impact is to the business. Oh - and you need to make sure that the "bad guy" is out of the network and can't get back in again!

Does that sound like fun? If so, jump in!

Links of interest

Definition: https://www.techtarget.com/searchsecurity/definition/incident-response

Trend Micro History of Incident Response: https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/historical-overview-of-proactive-incident-response-strategies-and-what-they-mean-to-enterprises

RootEd Security, episode 12

0:00

/33:00

1×