#NSBCS.043 - Bridging the Gap: From the Classroom to Cyber Security Consulting
Source: NSB Cyber
Bridging the Gap: From the Classroom to Cyber Security Consulting
The transition from school or university into a professional cybersecurity role is a big leap, and is a topic I don’t think is talked about enough. Starting off in the field can be overwhelming regardless of all the textbooks you have read or certifications you have completed. Naturally, it is hard to not let the thoughts of imposter syndrome creep into your thoughts and to feel like you’re not experienced enough. However, it is important to remind yourself that everyone starts somewhere, and your presence in the role means you’re capable of contributing and making a real difference in the digital world. The key is to trust that you’re doing your best and to not let self-doubt hold you back from advancing your opinions or thoughts when conducting analysis or working on collaborative projects. The reality is, even seasoned professionals continue to learn and grow throughout their careers, so it's perfectly normal to feel like you don’t have all the answers right away.
Applying the knowledge learnt during your studies to your cybersecurity job is a critical part of growth, but it’s also important to remain open to other perspectives. Academia can often present cybersecurity as a set of clear frameworks, rules and solutions, but in the real world, every situation you are responding to can be new and different. As a result, the low-hanging fruit of applying your knowledge solely from studies can not always lead to results and answers, and can lead you down the road of trying to seek confirmation bias in your work. To avoid this overlooked perception in your job, it is important to actively seek out insights from colleagues and mentors who have real-world experience. Learning from their perspectives can help you see beyond textbook answers and understand the complexities of cybersecurity in practice. By engaging with others, you’ll quickly realise that the right solution often depends on the unique context of the problem at hand.
Most importantly, one of the biggest challenges when starting a cybersecurity role straight from your studies is the consulting aspect, something rarely covered in tertiary education. Working with clients, understanding their specific needs, and translating technical jargon into actionable advice requires skills that are learned on the job. Consulting is about more than just offering security solutions - it’s about building trust, listening carefully, and communicating effectively. Though it may feel overwhelming at first, this is an area where you will grow significantly over time. With experience, you’ll become better at balancing technical expertise with client relations, ultimately becoming more confident in your role as both a cybersecurity expert, taking #NoStepsBackward in your approach!
What we read this week
Chinese Spies Built Massive Botnet of IoT Devices to Target U.S, Taiwan Military - Chinese state-sponsored hackers built a massive botnet of over 200,000 hijacked Internet of Things (IoT) devices to target United States (U.S) and Taiwanese sectors, including military, higher education and government sectors. The botnet, named "Raptor Train," includes compromised routers, NAS servers, and IP cameras, and it has been active since 2020. Operated by the espionage group Flax Typhoon, the botnet utilises a minimal malware approach to maintain stealth. The infrastructure is multi-tiered, allowing for file transfers, remote command execution, and potential distributed denial-of-service attacks.
Europol Takes Down "Ghost" Encrypted Messaging Platform Used for Crime - Europol and law enforcement agencies from nine countries dismantled the "Ghost" encrypted messaging platform, which was used by organised criminals for drug trafficking and money laundering. The platform featured high-level security measures, including three layers of encryption and message self-destruction, attracting a global user base. The investigation, initiated in 2022, led to 51 arrests and uncovered Ghost’s servers and assets across multiple countries. Authorities also seized illegal substances, weapons, and over €1 million.
VMware Patches High-Severity Code Execution Flaw in Fusion - VMware pushed out a security update for its Fusion hypervisor to address high-severity vulnerability that exposes uses to code execution exploits. The root cause of the issue, tracked as CVE-2024-38811, could be exploited to execute code in the context of Fusion, which could potentially lead to complete system compromise. The vulnerability impacts VMware Fusion 13.x and was addressed in version 13.6 of the application. There are no workarounds available for the vulnerability and users are advised to update their Fusion instances as soon as possible, although VMware makes no mention of the bug being exploited in the wild.
North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware - North Korean hackers, linked to the Lazarus Group, have been targeting the energy and aerospace industries using a new malware dubbed MISTPEN. The group uses job-themed phishing lures to deceive senior employees into downloading a trojanized PDF reader, which then delivers the backdoor malware. This campaign, tracked as UNC2970, aims to collect sensitive information through compromised devices. The malware allows for remote command execution, and its use of repurposed legitimate software makes detection difficult. The attacks have impacted entities across the United States, United Kingdom, and other global regions.
Adobe Patches Critical, Code Execution Flaws in Multiple Products - Adobe released patches for at least 28 documented security vulnerabilities in a wide range of products and warned that both windows and macOS users are exposed to code execution attacks. The most urgent issue provides cover for two memory corruption vulnerabilities that could be exploited to launch arbitrary code. Adobe also pushed a major Adobe ColdFusion update, tagged as CVE-2024-41874, to fix a critical-severity Flaw that exposes business to code execution attacks. They also released multiple fixes for Adobe photoshop, Adobe Media Encoder, Adobe Premiere Pro, Adobe Illustrator, and Adobe Audition.
References
https://www.securityweek.com/chinese-spies-built-massive-botnet-of-iot-devices-to-target-us-taiwan-military/
https://www.bleepingcomputer.com/news/security/europol-takes-down-ghost-encrypted-messaging-platform-used-for-crime/
https://www.securityweek.com/vmware-patches-high-severity-code-execution-flaw-in-fusion/
https://thehackernews.com/2024/09/north-korean-hackers-target-energy-and.html
https://www.securityweek.com/adobe-patches-critical-code-execution-flaws-in-multiple-products/