Please Join Us for

Black Hat, DEFCON Speaker

Max Kersten

Presenting

Wipermania

Sponsored by UAH Center for Cybersecurity Research and Education

3:00 – 5:00, October 26, 2023

UAH Chan Theater

Hors d'oeuvre Served

RSVP: ccre@uah.edu by October 17, 2023

Wipermania Abstract

In early 2022, Ukrainian companies were struck by multiple destructive wipers, attacking various companies in several sectors. This raised questions about the usage and impact of “digital weapons” within the security community, even though wipers themselves weren’t new. The infamous Shamoon wiper dates back more than a decade ago. How comes that wipers were as effective a decade ago, as they are in the present day? What has changed, and what remained the same? Based on the analysis of more than twenty recent wiper families, their trends, techniques, and overlap with other wipers will be discussed. Reusing code and techniques may link several wipers to the same actor, although the mere presence of such a link often leads to a hasty conclusion. This briefing is not the generic run-of-the-mill comparison of malware families, as it includes technical aspects of the analysed wipers, thus focusing on both the high- and low-level aspects of the destructive software.

The analysis does not only focus on the wipers used against Ukrainian victims, but also more generic wipers that were found in the wild around the same time. The parallels and differences between the targeted and generic wipers provide several interesting insights for the audience.

Throughout the conversation, there will be a focus on the analyst’s mindset, giving insight into my thoughts during the research. Including mistakes I made along the way, as well as assumptions that worked out better than I expected.

Biography

Max Kersten is a malware analyst, blogger, and speaker who aims to make malware analysis more approachable for those who are starting. In 2019, Max graduated cum laude with a bachelor's in IT & Cyber Security, during which Max also worked as an Android malware analyst. Currently, Max works as a malware analyst at Trellix, where he analyses APT malware and creates open-source tooling to aid such research. Over the past few years, Max has presented at international conferences, such as Black Hat (Arsenal) (USA, EU, MEA, Asia), DEFCON, Botconf, Confidence-Conference, HackYeahPL, and HackFestCA. Additionally, he has been a guest lecturer and has conducted workshops for several universities and private entities.

CYBERSTART AMERICA KICKS OFF THIS WEEK!

CyberStart America is a FREE national program for high school students to master cybersecurity as a gateway to the industry, up their digital skills, and compete for college scholarships through the National Cyber Scholarship Foundation. By registering for the program, U.S. high school students get free access to CyberStart, an immersive gamified learning platform.

CyberStart America is for all students, not just those in Computer Science or Cybersecurity classes.  Student complete gamified learning units at their own pace - no teacher experience needed. Take the time to check out the CyberStart game at cyberstartamerica.org. 

See below to learn more about the changes this year, opportunities for students, and why CyberStart America is important.

We had our state kick off at the National Cyber Summit this year but I have included the a video from Texas’s kick off. Their presenters walk you through the set up and how to use the new cyber.org range. I have time stamps also included so you can skip to what you need.

REGISTER TODAY at https://register.cyberstartamerica.org/

NEW THIS YEAR!

New Game Cycle

The game is opened for a shorter period of time for this year.

October 16, 2023 - Jan 24, 2024

Virtual Machine - Cyber.org Range

The biggest complaint schools has been the difficulty of using the virtual machines and many teachers were unsure about how to use them. Cyber.org has now made a VM range that will be available for FREE on their site. No need to host anything on district servers and students can access as long as they have the internet.

https://apps.cyber.org/

Groups

You can now set up groups and monitor progress of your students. Be sure to sign up as a teacher first then your students can register by joining your group.

iKeepSafe FERPA Certified!   This year CyberStart America is now certified through iKeepSafe. Student safety and privacy is important and no longer a worry when using CyberStart America. Learn more

Use CyberStart America to train for opportunities to win National Cyber Scholarships!

Students who score highly in the CyberStart America program in 2023-24 will be invited to apply for a scholarship award offered by the NCSF after the program closes in January.  See the list of opportunities below.

Find out more on the NCSF website

National Cyber Scholarship Semifinalist

All eligible high school or college students scoring at least 20,000 CyberStart points, through CyberStart America will be awarded a digital Semifinalist badge at the end of the program.

Eligibility criteria:

• High school or college student in the USA

• Registered for CyberStart America 2023-24

• Minimum point score of 20,000 in CyberStart by January 11, 2024

• Returning students from any previous program year must continue to make progress in CyberStart in the 2023-24 cycle to qualify for this award.

National Cyber Scholarship Finalist

The highest scoring CyberStart players will be invited to complete a short scholarship application by the NCSF. Anyone shortlisted for this invitation will be awarded a digital Finalist badge once their application has been validated.

Eligibility criteria:

• High school or college student in the USA

• Registered for CyberStart America 2023-24

• Minimum point score of 20,000 in CyberStart by January 11, 2024

• Qualified as a Semifinalist, and shortlisted to complete a scholarship application, which is submitted by the deadline of January 30, 2024

National Cyber Scholar

The highest-scoring eligible CyberStart players who submit their scholarship application by the January 30, 2024 deadline will be awarded a scholarship to cover the SANS Foundations course and one attempt at the GIAC Foundational Cybersecurity Technologies (GFACT) certification, worth over $3000.

Eligibility criteria:

• High school (9th-12th grade) or college student in the USA

• Registered for CyberStart America 2023-24

• Minimum point score of 20,000 in CyberStart by January 11, 2024 - applicants will be assessed as a gathered field, so only the highest scorers will receive this status

• Qualified as a Semifinalist, and shortlisted to complete a scholarship application, which is submitted by the deadline of January 30, 2024

National Cyber Scholar with Honors

Students who earn the GIAC Foundational Cybersecurity Technologies (GFACT) certification through the National Cyber Scholarship Foundation (NCSF) Cyber Foundations Academy by the end of the 2024 Cyber Foundations Academy will be awarded the title “Scholar with Honors”, and may be offered the chance to apply for further scholarships to cover additional SANS training courses and certifications, and for specially selected internship opportunities.

This title can also be given to participants who have passed the GFACT certification in a previous year, and have met the conditions to be named a National Cyber Scholar again in 2024.

Eligibility criteria:

To be awarded the title of Scholar with Honors, students must:

• Complete and pass the GFACT exam by the end of the 2024 Cyber Foundations Academy, and obtain one of the highest scores within the National Cyber Scholar cohort (scores will be reviewed as a gathered field after the deadline)

• Students who are awarded the title of National Cyber Scholar in 2024, but have completed the GFACT certification prior to 2024, will also be considered for this award - they may be required to submit evidence of their GFACT exam score to support@nationalcyberscholarship.org (some scholarship awards can only be won once).

CyberStart America + Alabama Standards Matrix

Take the time to look through the crosswalk of the CyberStart America levels (HQ Base, Moon Base, and Forensics Base) and the DLCS Standards as well as standards from Cybersecurity I - III courses.

Link to Matrix

CyberStart America “How to…” Video Take a look at Texas’s kick off video that walks you through the set up and has a lot of ideas for how to use CyberStart America with your students, especially for those not a Cyber teacher or short on time! LINK TO VIDEO Time Stamps: What is CSA: 2:30 - 10:22 iKeepSafe FERPA: 10:22 - 11:29 Student Sign Up and Getting Started: 17:33 - 42:00 NEW cyber.org VM Range: 42:20 - 53:35 Classroom Ideas & resources: 54:50 - end

If you need help or have questions please visit these links. The CyberStart America team is always so helpful and quick to respond.

FAQs: https://help.cyberstartamerica.org/help

Support: support@cyberstartamerica.org

Copyright (C) 2023 Alabama State Department of Education. All rights reserved. Want to change how you receive these emails? You can update your preferences or unsubscribe

Drake State Community & Technical College — in partnership with the Truist Foundation, Jobs for the Future, and edX — is offering two fully-funded, 24-week online boot camps to equip you with the fundamental skills you need to meet the growing demand for data analysts and cybersecurity specialists.

The application for a fully-funded award opens on August 23 and closes on September 6.

Boot Camps start on November 6, 2023.

Scholarship Opportunities:

Drake State Start a Cybersecurity or Data Science Career _ with Drake State (1).pdf

For a successful launch, they are asking for the support of our local community professionals. You can contribute in three simple ways:

1. Review student applications

2. Become a mentor

3. Become an employee partner

Please consider supporting today!

Drake State_edX Employer Partnership (1) (1) (1).pdf

Cyber Huntsville is committed to enhancing cyber awareness across all levels, focusing on fostering awareness among school children. Recognizing the importance of early education in cybersecurity, Cyber Huntsville aims to do its part in building a strong foundation of cyber awareness and knowledge in young students. By introducing cybersecurity concepts, best practices, and safe online behaviors early, our state can equip children with the necessary skills to navigate the digital world securely. In partnership with companies and state organizations, Cyber Huntsville strives to create a culture of cyber awareness that extends throughout the community, ensuring a safer and more secure digital environment for all. It's essential first to understand what our state has been working on achieving.

Alabama's Efforts in the Last 5 Years

Alabama has implemented a comprehensive plan for computer science education. In terms of standards, Alabama adopted computer science and digital literacy standards for grades K-12 in 2018. The Governor's Computer Science Advisory Council played a crucial role by providing policy recommendations in 2019 and establishing a timeline in 2021.. The state has also demonstrated its commitment to funding by allocating $17.5 million since 2017 for K-12 computer science education and professional development for educators. This investment highlights Alabama's dedication to ensuring a robust computer science curriculum and supporting the development of educators in the field.

North Dakota's Example

North Dakota's cybersecurity education law is a major step for its PK-20W Initiative, ensuring cyber-education for all citizens. It builds on the state's success in adopting cybersecurity and computer science standards for all grades. The law includes a $300,000 grant program for schools, centers, libraries, and education centers offering cybersecurity courses to adults.

The initiative addresses the growing need for cybersecurity professionals, particularly in schools facing cyber threats. It aligns with the White House's National Cybersecurity Strategy and aims to diversify the cybersecurity staff pipeline. Major school systems, like Los Angeles Unified School District and Minneapolis Public Schools, have experienced significant cyberattacks. Examples like these encourage Alabama to press forward on its initiatives to educate a cyber future workforce that will protect the future generations.

Progress and Requirements for Alabama

In 2018, the Board of Education established the Digital Literacy and Computer Science standards and course of study. The Department of Education plays a vital role in overseeing computer science education, with an Education Specialist and an Educator Administrator dedicated to Digital Literacy and Computer Science. It has also formulated a course of study.  The state mandates that all elementary, middle, and high schools must offer computer science courses.  Certain computer science courses, such as AP Computer Science A or AP Computer Science Principles, can be counted as mathematics or science credits toward graduation.

Amanda Dykes, Computer Science Specialist at the Alabama State Dept of Education, said, "We have 16 High-Quality Computer Science courses in middle and high school. Also, we have developed the new Alabama Career Tech IT course of study courses, which includes our new Cybersecurity program and new AI class. These courses all include the Alabama Digital Literacy and Computer Science standards. These courses are giving students what they need for future computing careers."

Alabama is a member of the ECEP Alliance, has a statewide CSTA chapter, and Governor Kay Ivey is a member of the Governor's Partnership for K–12 Computer Science.

How can you and your company help?

If you want to know how to get involved, please get in touch with us to connect you with individuals making change in our Cyber Security community, leadership, and legislature.

Job Title: Executive Director

Organization: Cyber Huntsville

Location: Huntsville, AL

Type of Position: Part Time, Exempt

Job Summary:

The Executive Director will provide strategic leadership, direction, and oversight for all aspects of the organization's operations, programs, and initiatives related to cybersecurity. The ideal candidate will have a deep understanding of cybersecurity issues and will be responsible for managing a team of volunteer professionals to ensure the success of the organization's mission.

Review the complete position description here: ED Position Description 20230428.pdf

On June 15th, 2023, Alabama Automotive Manufacturers Association will be hosting a day long event at the Alabama School of Cyber Technology and Engineering (ASCTE). Click the link below to learn more and register.

Cyber Security for Modern Manufacturing Conference - Alabama Automotive Manufacturers Association (automotivealabama.org)

Learn all there is to know about staying safe and secure in the modern cyber world at the inaugural Comprehensive Cyber Security for Modern Manufacturing Conference!

Join the conference for a full-day, intensive exploration of all-things cyber security with sessions from subject matter experts and renowned companies covering the full spectrum of topics to keep you well-armored for attacks and on-the-defense for threats before they arise.

Cyber Huntsville, an organization started in 2010, dedicated to connecting and networking cybersecurity companies in North Alabama, is excited to announce its 2023 rebranding. The organization has grown steadily in membership, now representing the area’s largest network of cybersecurity companies and professionals. The new branding image will help to position the organization for continued growth and success as well as a solid stance on the importance of its mission moving forward.

"We are thrilled to announce our rebranding for Cyber Huntsville," said Cyber Huntsville's President, Jamie Miller. "We have been in the business of connecting cybersecurity companies in North Alabama for over a decade and we want our branding to reflect our growth. With this rebranding, we hope to showcase our commitment to cyber resilience, safety, and supporting the security missions of our constituent organizations as well as the entire United States."

In August of 2010, Huntsville Mayor Tommy Battle, formally announced the start of the Cyber Huntsville initiative, and since that time we have been creating cyber progress for the Tennessee Valley. Cyber Huntsville has co-sponsored cybersecurity summits, established economic development roundtables, and created cyber curricula and summer camps for local city and county school systems. Our sustaining members are vital to our long-term financial stability and provide tremendous insight and guidance benefiting our initiatives.

Original Branding:

The original logo was inspired by the common emblems found within government agencies and contractors with the name in the center and the supported organizations surrounding it. A torch blazed in the background, a symbol to gather and be a beacon to the community. However, with the growth of the city and the organization, a rebrand of the logo and website was initiated in Q1 of 2023.

New Branding:

The fonts were consolidated and modernized as well as the introduction of medium and dark blue. While the overall aesthetic of a badge remains unchanged, there are two major editions to the emblem.

In the center, the shield and lock represent how Cyber Huntsville is a protective, secure, and driving force in creating cyber resilience for the Tennessee Valley. A combined shield and lock represent the modern and future need for layered protection. The zeroes and ones on the shield are the basic computer programming language for the word “SECURE.”

To further align with the traditions of military and organization emblems, Cyber Huntsville has also adopted the Latin phrase, “Defendit Numerus.” Translated, it means “there is safety in numbers.” This phrase provides a subtle yet strong duality to the industry of cybersecurity. This organization was founded to gather the cyber forces of North Alabama - “numbers” of people. Additionally, the literal safety of our community is in the “numbers” that are managed every day – the data and code that all members protect so diligently. Cyber Huntsville’s mission is to support those people and organizations, as well as empower them with greater skills and resources to perform their critical missions.

The members and community may also start to see a smaller, reduced version of the logo. While the emblem carries layers of meaning, it was also needed to produce a more versatile and consolidated version of Cyber Huntsville that can scale to smaller sizes.

One final branding touch that website users may notice is the website now follows a “dark mode” aesthetic, a popular setting in the programming community.

The rebranding marks a new chapter for Cyber Huntsville as it continues to connect and network cybersecurity companies in North Alabama. Members can expect a continued offering of networking services and unparalleled service that will exceed their expectations for years to come. This effort will continue to uphold North Alabama as a cyber capital of the United States, a shield and lock that defends its people digitally and diligently.

If you're looking to connect with the cybersecurity community in North Alabama, Cyber Huntsville can help. Visit the organization's website at cyberhuntsville.org to learn more about its services and mission.

This rebranding was managed in partnership with Cyber Huntsville leadership as well as a Huntsville marketing agency, a member of Cyber Huntsville. Any requests for logos or additional information on the rebranding effort, please contact us via the website or our respective social media on Facebook or LinkedIn.

Cyber Huntsville welcomes Courtenay Marra as our new Board Secretary. She comes with over 15 years experience in operations and management. We are very excited to have her join us! 

The Cyber Huntsville Board’s mission is to promote the advancement of cyber and technology in Huntsville and the Tennessee Valley. Cyber Huntsville is a 501c6 non-profit organization made up of industry, government, and academic institutions, whose collective technical expertise and leadership help solve local, regional, and national cyber challenges.

Cyber Huntsville has been in existence since August of 2010, when Huntsville Mayor Tommy Battle, formally announced the start of the Cyber Huntsville initiative. Since then, Cyber Huntsville has been creating cyber progress for the Tennessee Valley through various initiatives. Cyber Huntsville has co-sponsored cyber security summits, established economic development roundtables, awarded scholarships, and created cyber curriculum and summer camps for local city and county school systems.

To learn more about Cyber Huntsville and read the board member bios, https://cyberhuntsville.org/

Welcome Dr. Joseph DiNoto as our new Deputy of Government Affairs! Joe is an experienced leader, strategist, and change agent with a diverse operational background spanning over 30 years in the Intelligence Community, Law Enforcement, Special Operations, and Fortune 500 environments.

The Cyber Huntsville Board’s mission is to promote the advancement of cyber and technology in Huntsville and the Tennessee Valley. Cyber Huntsville is a 501c6 non-profit organization made up of industry, government, and academic institutions, whose collective technical expertise and leadership help solve local, regional, and national cyber challenges.

Cyber Huntsville has been in existence since August of 2010, when Huntsville Mayor Tommy Battle, formally announced the start of the Cyber Huntsville initiative. Since then, Cyber Huntsville has been creating cyber progress for the Tennessee Valley through various initiatives. Cyber Huntsville has co-sponsored cyber security summits, established economic development roundtables, awarded scholarships, and created cyber curriculum and summer camps for local city and county school systems.

To learn more about Cyber Huntsville and read the board member bios, https://cyberhuntsville.org/

The Forces of Cyber Gala is just around the corner! Unfortunately Mayor Battle is unable to attend this year due to a scheduling conflict. On the flip side, we are thrilled to announce that Congressman Dale Strong will be attending the Gala this year as our honored guest!

In addition to that, Congressman Dale Strong has been nominated for the Homeland Security Committee. This is a big win for the cyber community. Click the link below to read more on his nomination!

https://256today.com/strong-nominated-for-homeland-security-committee/