1. A free SOC Analyst Learning Path🕵️♂️
I wrote a 100% free learning path from beginner to SOC Analyst!
This guide is an entire curriculum of FREE classes that takes you from complete beginner to SOC Analyst!
This was a ton of work but I truly believe that if you follow this guide as written, you can become a SOC Analyst without spending a dime!
If you don’t want to become a SOC Analyst but are still interested in Cybersecurity as a career, then still check out the Cybersecurity Fundamentals section of the guide!
Get it here: Everything you need to know to become a SOC Analyst, FOR FREE!
2. Cybersecurity news you missed: ‘Midnight Blizzard’ Cyberattack
Microsoft Falls Victim to Russia-Backed ‘Midnight Blizzard’ Cyberattack
Quick summary:
Microsoft’s systems were breached in late November by the Russian nation-state actor Midnight Blizzard, linked to the 2020 SolarWinds cyberattack. The breach, discovered on Jan. 12, involved a simple password-spray attack on a test account, compromising a small percentage of corporate email accounts, including senior leadership. Microsoft vowed a cybersecurity overhaul and emphasized the need for attention to sensitive information. Experts recommended continuous monitoring of cloud logs. The same actor had targeted Microsoft with Teams phishing attacks previously.
3. Book recommendation: File System Forensic Analysis
File System Forensic Analysis by Brian Carrier
Security expert Brian Carrier’s book is the ultimate reference on file system analysis for digital investigators. It addresses the technical challenges in understanding file systems due to limited documentation. The book provides an authoritative overview of contemporary volume and file systems, covering crucial aspects like discovering hidden evidence and recovering deleted data. Carrier discusses advanced investigation scenarios and utilizes open source file system analysis tools, making it an indispensable resource for digital forensics specialists, incident response teams, law enforcement officers, corporate security specialists, and auditors.
For more book recommendations check out my reading list!
Interview Question of the Week!
Each week I pose a question that I have personally asked or have been asked in real interviews. Try to answer the question by speaking your response out loud! It may feel weird at first but trust me: it will level up your interview game! Practice makes perfect!
“As it relates to web security, what does a WAF do?”
Next week I will write out how I would answer this question, so look out for next weeks newsletter!
Last Week’s Interview Question / Answer:
Question: “Please describe Web Application Security in your own words.”
Answer: “Web Application Security is the practice of safeguarding websites and web applications against cyber threats. It encompasses strategies like encryption, authentication, and secure coding to prevent unauthorized access and protect data integrity.“