2022 Cybersecurity Awareness Month
October is Cybersecurity Awareness Month and Tufts will be using this month to educate and engage the community in how to #BeCyberSmart. This year's theme is See Yourself in Cyber!
Tufts Key Messages
-
Recognize and Report Phishing
-
Use Strong Passwords
-
Keep software updated (use auto-updates)/Keep current on hardware
-
Backup your devices & data (using Box - recommended and supported - and/or Crashplan)
Other Events
-
October 6 | 2022 Massachusetts Municipal Cybersecurity Summit | Learn more & Register for Free
-
Cybersecurity Career Awareness Week October 17-22, 2022 | Learn more
-
October 21 - Cybersecurity Resume Panel: In support of the Cybersecurity Mentorship Program, the MassCyberCenter has organized a panel discussion on October 21st to provide students and job seekers with an overview of how to build a resume for cybersecurity employment. Ming Chow of Tufts University will moderate the discussion with Meghan Martinez (Fellow, CEO Action for Racial Equity / Digital Forensics and Incident Response Lead, MassMutual) and Michelle Murcurio (Talent Acquisition Manager, Wolf & Company, P.C.). Register here for the event.
Contests
At Tufts:
- Password Cracking Contest (TBD from Ming Chow in CS)
Resources
2021 Cybersecurity Awareness Month
October is Cybersecurity Awareness Month and Tufts will be using this month to educate and engage the community in how to #BeCyberSmart. This year's theme is Do Your Part!
Themes
- Be Cyber Smart
- Phight the Phish!
- Explore. Experience. Share. – Cybersecurity Career Awareness Week
- Cybersecurity First
Tufts Key Messages
- Backup your devices and data (using Box - recommended and supported - and/or Crashplan)
- Understand how to protect yourself from Ransomware
Tufts Activities/Events
- Ming Chow's Introduction to Security course, now available on Twitch. More information: https://comp116.org/ (Open to the public).
-
CS 116 (https://comp116.org/) runs on Tuesdays and Thursdays from 4:30-5:45 PM EST
-
On Twitch: https://www.twitch.tv/mchow01 on Thursdays
-
October Schedule:
-
Thursday, October 7th: Password Cracking with John the Ripper
-
Thursday, October 14th: Vulnerability Scanning, Exploitation, Badness-O-Meter
-
Thursday, October 21st: SQL Injection and Web Proxies
-
Thursday, October 28th: Special Episode Celebrating National Cyber Security Awareness
-
-
Contests
At Tufts:
- Password Cracking Contest (TBD from Ming Chow in CS)
2020 Cybersecurity Awareness Month
October is Cybersecurity Awareness Month and Tufts will be using this month to educate and engage the community in how to #BeCyberSmart. This year's theme is Do Your Part!
Below are a number of things happening on campus. Check back periodically as we will add new activities/info/events as they become available.
Contests
At Tufts:
- Jumbo Cybersecurity Bingo (October 5 - 31) - Closed! See page for winners!
- Password Cracking Contest (TBD from Ming Chow in CS)
Outside of Tufts:
- picoCTF Hacking Contest - picoCTF is the largest cybersecurity hacking contest for middle and high school students, created by security experts at Carnegie Mellon University. The challenges are all set up with the intent of being hacked, making it an excellent, legal way to get hands-on experience.
- NSA Codebreaker Challenge
Tufts Activities/Events
- Cyber Security Mentorship Pilot Program with the Commonwealth of Massachusetts - Tufts collaborated on this and Ming Chow is on the Steering Committee.
- Career Panel #1: Jobs in Cybersecurity | Thursday, October 8 | 4-5 p.m. | FREE | Watch to the Recording
- Topic: Experienced cybersecurity professionals will provide an overview of the different types of jobs in the cyber industry.
- Speakers: Gary Evee (Founder and CEO, Evee Security); Rodney Petersen (Director of the National Initiative for Cybersecurity Education); and Ming Chow (Associate Professor of Computer Science, Tufts University).
- Career Panel #2: Cyber Across Industries | Wednesday, October 21 | 4-5 p.m. | FREE | Register Here
- Topic: Experienced cybersecurity professionals will provide an overview of the cybersecurity jobs in different industries, including energy and government, among others.
- Speakers: Sam Curry (CISO, Cybereason); Kathy Kountze (CIO, Eversource); and Ron Ford (Regional Cybersecurity Advisor for New England, CISA/DHS)
- Career Panel #1: Jobs in Cybersecurity | Thursday, October 8 | 4-5 p.m. | FREE | Watch to the Recording
- Ming Chow's Introduction to Security course, now available on YouTube and Twitch. More information: https://comp116.org/
-
NERCOMP Sponsored: Vancord Cybersecurity - Ask Me Anything | October 13 | 1-2 p.m. | FREE | Register Here
Themes
- If You Connect It, Protect It
- Securing Devices at Home and Work
- Securing Internet-Connected Devices in Healthcare
- The Future of Connected Devices
2019 Cybersecurity Awareness Month
October is Cybersecurity Awareness Month and Tufts will be using this month to educate and engage the community in how to #BeCyberSmart. This year's theme is Own IT. Secure IT. Protect IT.
Below are a number of things happening on campus. Check back periodically as we will add new activities/info/events as they become available.
Contests
- Student Video Contest (Deadline to submit 11:59 PM on 10/22)
- How are your CyberSmarts? – An online learning contest! (Deadline: Nov 8)
- 2019 Password Cracking Contest
Events
- Thursday | October 24 | 4:30 - 5:45 PM | Nelson Auditorium (after the Dean's Lecture): Binit Shrestha (Class of 2018), Security Software Engineer at HubSpot
- Thursday | November 7 | 6:30-9:30 PM | How Safe is the Cloud? An industry expert panel on Cybersecurity & Cloud Services | Details at: https://www.eventbrite.com/e/how-safe-is-the-cloud-an-industry-expert-panel-on-cybersecurity-cloud-services-tickets-75159063783
TTS Security Open Houses
- Thursday | October 24 | 11:00 AM - 1 PM | Grafton Campus - Security Open House | Agnes Varis Center Cafe | Security Info, Raffle, and Free Laptop Tagging
- Friday | October 25 | Noon - 2 PM | Boston SMFA Campus - Security Open House | SMFA Atrium Lobby | Security Info, Raffle, and Free Laptop Tagging
- Monday | October 28 | 1 - 3 PM | Boston-HealthSci Campus - Security Open House | Sackler 4th Floor Cafe area | Security Info, Raffle, and Free Laptop Tagging
- Tuesday | October 29 | 2:00-4:00 PM | Halloween Open House at Eaton Lab | Meet the CIO, Security Info Session, Free Laptop Tagging, and Student Video Contest Awards (Seasonal refreshments available)
Spotlights
Weekly spotlights during October on Fridays on a former student/alumni working on Cyber Security.
2018 Cyber Security Awareness
October is quickly approaching and we are actively planning for Cyber Security Awareness at Tufts.
Contests
- Enter the Annual Password Cracking Competition - The fall 2018 password cracking contest, a time-honored tradition in Ming Chow's Security class (COMP 116) is now up!
- Want some practice first? Try cracking the passwords from summer 2018. (e.g. freebee: the password for "portugal" is "Pentaldo" (cAsE sEnSiTiVe)
In the News/Info
- In the News 10/9: "US Department of Defense Just Beginning to Grapple with Scale of Weapon Systems Vulnerabilities"
- The skinny: https://www.gao.gov/mobile/products/GAO-19-128
- The full document (50 pages): https://www.gao.gov/assets/700/694913.pdf
- Discussion on Hacker News: https://news.ycombinator.com/item?id=18177617
- In the full document, there is this gem: The test reports indicated that test teams used nascent to moderate tools and techniques to disrupt or access and take control of weapon systems. For example, in some cases, simply scanning a system caused parts of the system to shut down. One test had to be stopped due to safety concerns after the test team scanned the system. This is a basic technique that most attackers would use and requires little knowledge or expertise. Poor password management was a common problem in the test reports we reviewed. One test report indicated that the test team was able to guess an administrator password in nine seconds. Multiple weapon systems used commercial or open source software, but did not change the default password when the software was installed, which allowed test teams to look up the password on the Internet administrator privileges for that software. Multiple test teams reported using free, publicly available information or software downloaded from the Internet to avoid or defeat weapon system security controls.
Stay tuned for more Cyber Security activities/info!
2017 Cyber Security Awareness
Below is what was done for 2017!
For 2017, there are a number of contests and events going on at Tufts to help the community become more #CyberAware.
Contests
- Enter the Cyber Security Awareness Online Scavenger Hunt!
- Enter the Annual Password Cracking Competition
Events/Guest Speakers
- Thursday, October 5th, 4:30 - 5:45 PM in Barnum / Dana Hall 104: Ashley Hedberg, Software Engineer at Google (Tufts Class of 2015). She will be giving a talk on her cyber security work(s) at Google.
- Friday, October 13th, 5 p.m. - Saturday, October 14th, 3 p.m. | Tufts Polyhack | 574 Boston Ave (CLIC). Register: https://roam1.typeform.com/to/Ke9bGC
- Tuesday, October 24th, 4:30 - 5:45 PM in Barnum / Dana Hall 104: Steve Christey Coley, Principal Information Security Engineer at MITRE. He will be giving a talk on CVE, CWE, vulnerabilities, and medical device security.
- Tuesday, October 31st, 4:30 - 5:45 PM in Barnum / Dana Hall 104: Lindsay Kaye, Lead Software Systems Engineer at MITRE. She will be giving a talk on reverse engineering.
- Thursday, November 2nd, 4:30 - 5:45 PM in Barnum / Dana Hall 104: Bill Langenberg, Technical Manager at Software Engineering at TripAdvisor (Tufts Class of 2001). He will be giving a talk on credential-probing attacks.
- Thursday, November 9th, 4:30 - 5:45 PM in Barnum / Dana Hall 104: Christine Cunningham and Doug Stetson (Tufts alumnus) from MIT Lincoln Laboratory will be giving a talk on static and dynamic analysis.
Themes for October 2017
There are four main themes for October 2017.
- Securing your devices
- Using Two Factor Authentication (2FA)
- Tips for Success in Staying Safe Online (INFOGRAPHIC: The basic steps to online safety and security)
- Don't Get Tricked - phishing and more