The numbers are stark. The global cost of data breaches is expected to rise from $3 trillion this year to over $5 trillion by 2024. 

However, the numbers are just as eye-popping for those who want to defeat current unemployment trends and get hired as a cybersecurity expert. Cybersecurity job postings have nearly doubled since 2013, all while the average salary of an information security analyst is circling six figures.

Students who want to get a huge leg up on that vital cybersecurity training can get started for under $30 with a subscription to the CyberTraining 365 Online Academy. 

With over 3,800 up-to-date modules covering all the latest and most important information on cybersecurity technologies and procedures, learners can explore every facet of the industry at their own pace.

With over 660 hours of video content available (and growing), students will find coverage on virtually any topic that strikes their interest, including malware analysis, penetration testing, threat assessments, reverse engineering, and more. 

No matter where an Academy members wants to turn their focus, courses are all taught by industry-recognized cybersecurity specialists and infrastructure experts, each with years of teaching experience to help bring coursework to life.

All the training is created to align with the National Cybersecurity Workforce Framework developed by the National Initiative for Cybersecurity Education (NICE). 

If you want to find out what it takes to be an ethical hacker, the training is here. If you want to study vulnerabilities to make sure they don’t find their way into your company’s data systems, you’ll find it here. Read the rest

On the web, security is always critical. But when a company feels its systems have been infiltrated by a hacker or outside force, usually the only recourse is for their IT security team to start the long process of pouring over data logs, building analysis tools and rooting around for unusual behavior.

Thankfully, Amazon Web Services is now helping with this laborious task with AWS Detective, a tool available to their users that uses machine learning to automate the entire search for security issues and potential breaches.

It’s just another area where the web’s leading cloud services provider is pushing the boundaries of cloud-based systems. If you’ve got IT aspirations or just want to understand how cloud computing really works, The All-Level AWS Cloud Professional Bootcamp can give you the background.

Across six courses with more than 30 hours of instruction, new users get a full explanation of AWS operations. Whether you have sights on a career in cloud IT or need to understand how to migrate, oversee and secure your company’s entire IT infrastructure in AWS, this package covers all the basics.

The AWS Cloud Practitioner Certification Guide for Beginners gets the fundamentals out of the way, exploring the controls, formatting, and features of the AWS platform. Then AWS Master Class: Databases in the Cloud with AWS RDS and AWS MasterClass: Networking & Virtual Private Cloud (VPC) delve into what it takes to construct these bedrock cloud domains for yourself. And since every company has an app these days, AWS Deployment for Node.js Read the rest

'The purchased accounts include a victim's email address, password, personal meeting URL, and their HostKey'

Apparently, Greater Manchester is the New Florida during spring break of the United Kingdom. Despite warnings, daily updates to the number of victims of COVID-19 and the threat of steep fines for breaking quarantine or engaging in large public gatherings, an absurd number of Mancunians refuse to do anything to prevent the spread of coronavirus. The local police? They're pissed off.

From The BBC:

There were 1,132 coronavirus-related breaches reported between 25 March and 7 April, the force said.

That included 494 house parties - some with DJs, fireworks and bouncy castles - and 166 street parties.

One woman in Bury became the first person in Greater Manchester to be charged under the Coronavirus Act 2020 after police had to repeatedly shut down one of the gatherings.

The force, which has released updated figures, also had to deal with 122 different groups gathering to play sports, 173 more gatherings in parks and 112 incidents of anti-social behaviour and public disorder.

All of this, of course, is absolutely insane. Not only does this sort of lunacy increase the possibility of infection for anyone in attendance of such bullshit get-togethers, it's also putting police officers in danger of contracting coronavirus, each and every time they have to show up to shut a party down. Also, where the hell do you get a bouncy castle in the middle of a pandemic?

Having been safely, if not happily housebound since the end of February, I can't imagine what selfish needs that folks throwing parties and generally ignoring medical advice in the name of maintaining their social lives are thinking. Read the rest

In case you needed any more proof that America desperately needs more cybersecurity specialists, look no further than the U.S. Congress. Just this week, the release of a year-long congressional study of America’s cyber defense capabilities showed the nation was still “ill prepared” to fend off cyberattacks and requires a full overhaul of its entire cyberoperations strategy.

Whether you’re the U.S. military, an American company or just an organization that doesn’t want to fall prey to hackers and other cyber-criminals, you’re undoubtedly looking for trained and qualified professionals up to the task of keeping your digital systems safe. The training in The A-to-Z Cybersecurity Developer Bundle offers hours of introductory and advanced instruction in the areas where security specialists need it the most.

This 10-course, 170-hour massive collection is as comprehensive as security training comes, packed with basic training as well as in-depth advanced tactics for handling most of the challenges an IT security expert faces on the job.

A pair of courses spend almost 60 hours on ethical hacking and penetration testing, ensuring students have the most up-to-date training available in identifying system vulnerabilities and how to exploit those flaws to ultimately make any system as impervious as possible to attack.

Three of these courses are directly designed to help new students pass three critical CompTIA security exams — CompTIA PenTest+ (PT0-001), CompTIA Security+ (SY0-501), and CompTIA Cybersecurity Analyst (CySA+) — each an elite certification for any aspiring IT pro.

Meanwhile, another 46 hours of coursework will lead students toward accreditation in three more important cybersecurity roles as a Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or Certified Information Systems Security Pro (CISSP). Read the rest

“Facebook’s default settings facilitated the disclosure of personal information, including sensitive information, at the expense of privacy.”

Bug bounties are making some hackers rich — and the companies they’re hacking are more than happy to pay them. More than 600,000 white hat hackers are members of the bug bounty site HackerOne, a community connecting those hackers with companies paying them to find security holes in their vital digital systems.

And it’s working. Last year, bounties of over $40 million were paid out, including some awards of over $1 million. Ethical hacking is now a tech industry mainstream and a career option for computer-savvy students -- and training like The 2020 Premium Ethical Hacking Certification Bundle can light the way to a career working to protect sensitive information.

This collection includes eight courses that help learners understand the latest methods of cyber infiltration, the tools of the hacking trade and how a trained hacker can be a vital asset to any company’s cybersecurity team.

A pair of courses — Complete Ethical Hacking and Cyber Security Masterclass Course and All-in-One Hacking Guide: From Zero to Hero —show new hackers the basics from accessing a server to bypassing security methods to ways to virtually take control of a website or network.

Penetration testing is the focus of the Web Penetration Tester: Jump Up a Level in Your Career course, challenging students to find and fix security breaches in any network. Meanwhile, key tools used in pen testing get introduced in PenTesting with OWASP ZAP: Mastery Course; and Learn Server Security with BitNinja. There’s even training in how to protect WordPress sites (WordPress Hacking & Hardening in Simple Steps), which account for more than a third of all active websites worldwide. Read the rest

Friday, Jan. 31, 1:40PM Eastern: FBI spokesman James Marshall tells reporters FBI is aware of an incident at Mar-A-Lago and have agents responding to the scene. A car chase near the resort ended with shots being fired near President Donald Trump's Mar-a-Lago resort Friday in Florida, police said. Officials are still determining the details. Read the rest

“If there are no consequences for the [UN] agencies for failures like these … there will be more breaches.”

[My EFF colleague Bill Budington has a fantastic report on all the ways that Ring surveils its own customers. Caveat emptor, indeed. -Cory]

Ring isn't just a product that allows users to surveil their neighbors. The company also uses it to surveil its customers. Read the rest

“Gee, thanks.”

Dear Boing Boing readers --

Around 11:30 EST on January 10th, An unknown party logged into Boing Boing's CMS using the credentials of a member of the Boing Boing team. Read the rest

Ring's response to a group of US senators who questioned the company about its privacy practices reveals that the Amazon subsidiary has had to fire multiple employees who were caught spying on customers' surveillance doorbell cameras and other Ring surveillance footage. Read the rest

[Amazon's surveillance doorbell company Ring sells "security" -- the sense that surveilling your porch or your driveway or your home can make you safe. But when the company experienced a grotesque and completely predictable breach that saw hackers breaking into Ring cameras and spying on and tormenting their owners, Amazon blamed their customers for recycling passwords. In this outstanding Deeplinks post, my EFF colleagues, Cooper Quintin and Bill Budington explain just how odious this victim-blaming really is. -Cory]

Just a week after hackers broke into a Ring camera in a childs’ bedroom taunting the child and sparking serious concerns about the company’s security practices, Buzzfeed News is reporting that over 3,600 Ring owners’ email addresses, passwords, camera locations, and camera names were dumped online. This Includes cameras recording private spaces inside homes. Read the rest

Facebook's decision to default to end-to-end encryption for Facebook Messenger prompted the governments of the UK, the USA and Australia to write to Mark Zuckerberg, urging him to delay implementation of the move, warning him that adding working encryption by default would make it harder for spies and cops to do their jobs. Read the rest

Reps Anna Eshoo [D-CA] and Zoe Lofgren [D-CA] have introduced HR 4978, the "Online Privacy Act," which is a comprehensive set of federal rules for privacy, interoperability, and protection from algorithmic discrimination and manipulation. Read the rest

Ride-hailing service Uber has lost its license to operate private hire vehicles in London, after Transport For London authorities discovered that over 14,000 trips were taken with more than 40 drivers operating under fake identities on the Uber app.

The Uber cars won't disappear from London streets right away -- the company plans to appeal. Read the rest