You can be the best but still be vulnerable. Is there hope?

Hi. I'm Jon Fedor and this is InCyber Regular, edition 22.

InCyber exists to help people secure their digital jewels and belongings.

How do I measure this?

Goal One: inspire at least two people to use a password manager before the end of 2021.

What else do I measure?

Nothing until Goal One is done.

Now on to the good stuff.

Today:

1. Quite a story
2. An excellent featured resource
3. Update on NSO group

Got hacked on Twitter?

Edward Snowden once called Cory Doctorow, "One of the internet's most interest authors."

Cory's a legend.

And he just released a new book called, Attack Surface (The cost of security is everything you believe in).

And he got hacked.

On twitter.

Back in 2010, though.

Read the hair-raising story and his take-aways here!

Get Learnin' with MacHertz!

Looking to brush up on cybersecurity topics in bite-sized chunks?

Enter, MacHertz - the metal IT security professional with the experience and knowledge to level you up from Mario to Colossal Mario!

Learn about often overlooked IT and security hygiene elements:

https://www.youtube.com/watch?v=f7EZMNxAZBg

(I know, I know...I linked the one where I get a shoutout - sue me)

Amnesty international and NSO

Other news outlets reported this extensively so it may be old news. But I thought I would share a link to Amnesty's announcement of the US blacklisting the maker of the pegasus spyware, NSO Group.

Amnesty's research report was the original source of the data on pegasus and the NSO Group back in July 2021. It seemed fitting to share the news of their W from their site.

If you want to catch up on what happened, here's an awesome report on Amnesty's methodology and tactics around researching pegasus.

"[Amnesty's] Pegasus Project exposed the global scale of abuses using NSO Group’s Pegasus spyware. The investigation was a ground-breaking collaboration by more than 80 journalists from 17 media organizations in 10 countries, coordinated by Forbidden Stories and with technical support from Amnesty International. Amnesty Tech conducted cutting-edge forensic tests on mobile phones to identify traces of the spyware."

We're going to be digging into how to STOP exposing yourself online via training on:

1. Using a password manager
2. Multifactor authentication
3. Backups and updates
4. Intelligence around spotting phish and analyzing links
5. Practicing verification

And then we'll cover how to make a delicious, 65% hydration pizza dough.

Or maybe I'll leave that to YouTube.

Ransomware Study

Google published a good, short blog on ransomware. It's a condensation of VirusTotal's study of over 80 million ransomware samples from the past couple of years.

I appreciated this summary of the problem (at this point) we all face:

"One of the main challenges to stopping ransomware attacks is the lack of comprehensive visibility into how these attacks spread and evolve. Leaders are often left with bits and pieces of information that don’t add up."

Thanks!

Hanging with you every week is the highlight of my week! I'm more active than ever on Twitter and ramping back up on LinkedIn too. Would love to connect with you in those places.

I'm also going to be working harder to lift up the content of this newsletter and all InCyber content. I'm looking forward to you help with all of that!

If you ever have questions on personal digital security, cyber security news, a story you want to tell, or a favorite resource to share (etc) reply back and let me know!

Have a good'un, Good Lookin'.

~ Jon "Attack Surface" Fedor