Attacks/Breaches

6/12/2018
09:55 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

US Cyber Challenge Kicks Off 2018 Camp Season at Virginia Tech

Aspiring cybersecurity talent will participate in competitions and intensive training.

Blacksburg, VA, June 11, 2018 – U.S. Cyber Challenge kicks off its 2018 boot camp season next week at Virginia Tech in Blacksburg, Virginia for the Eastern Regional Cyber Camp. Camp participants qualified for the program based on their scores from the Cyber Quest competition (www.CyberQuests.org) in April and will spend the week receiving intensive instruction by some of the nation’s leading cybersecurity experts. The camp begins next Monday, June 18th and ends Friday, June 22nd with a Capture-the-Flag (CTF) competition and Award Ceremony recognizing all camp participants and specifically the winners of the CTF competition. Friday’s competition will test both individual performance and team performance, and the winners will receive scholarships from (ISC)2 at the Award Ceremony immediately following the CTF.

“Each year, through our online competition Cyber Quests, USCC identifies the nation’s leading talent in cybersecurity,” stated National Director Karen S. Evans. “Our goal is to help these talented individuals strengthen their skill sets in information security and begin a path toward their dream career and securing our nation’s government and economy.”

Next week’s intensive classwork programming will include the following classes: Cybersecurity Program Analysis, Windows Memory Forensics, WebAppPenTest 2018, and Packet Crafting with Scapy. On Wednesday, June 20th, the camp will host an Executive Roundtable luncheon. This luncheon will foster conversation between seasoned professionals from various organizations and camp participants about the needs our country has today for talented individuals in cybersecurity and the hurdles employers face in both acquiring talent and retaining the talent. The Executive Roundtable is open to the media. For more information about the Eastern Regional camp, visit the webpage athttps://security.vt.edu/cyber_challenge.html.

The Eastern Regional camp is supported in part through partnerships with Amazon Web Services, the Association for Federal Information Resources Management (AFFIRM), Adaptive Cyber, Center for Cyber Safety & Education, Center for Internet Security, CenturyLink, Cyber Ninjas, Defense Point Security LLC, the Department of Homeland Security, the Federal CIO Council, (ISC)2, Monster Government Solutions, NIC, SANS Institute, and Sherman Consulting. Local sponsorship includes Virginia Tech’s Division of Information Technology.

The 2018 Cyber Summer Camp Series features four week-long camps located in Delaware, Illinois, Nevada and Virginia. In line with the mission of USCC’s parent organization, the Center for Internet Security (www.CISecurity.org), the camps are an integral part in the mission to identify and develop cybersecurity talent in order to reduce the nation’s cybersecurity workforce gap and safeguard private and public organizations from cyber threats. Participants in USCC programming are encouraged to continue developing their skills and network with like-minded individuals by becoming active members in CyberCompEx.org, an online social community specifically for cybersecurity enthusiasts. 

For more information about the Cyber Camp program and each of the specific camps, visit U.S. Cyber Challenge online at www.uscyberchallenge.org

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
12 Free, Ready-to-Use Security Tools
Steve Zurier, Freelance Writer,  10/12/2018
Most IT Security Pros Want to Change Jobs
Dark Reading Staff 10/12/2018
Most Malware Arrives Via Email
Dark Reading Staff 10/11/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-1744
PUBLISHED: 2018-10-15
IBM Security Key Lifecycle Manager 2.5, 2.6, 2.7, and 3.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 148423.
CVE-2018-1747
PUBLISHED: 2018-10-15
IBM Security Key Lifecycle Manager 2.5, 2.6, 2.7, and 3.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 148428.
CVE-2018-18324
PUBLISHED: 2018-10-15
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has XSS via the admin/fileManager2.php fm_current_dir parameter, or the admin/index.php module, service_start, service_fullstatus, service_restart, service_stop, or file (within the file_editor) parameter.
CVE-2018-18322
PUBLISHED: 2018-10-15
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Command Injection via shell metacharacters in the admin/index.php service_start, service_restart, service_fullstatus, or service_stop parameter.
CVE-2018-18323
PUBLISHED: 2018-10-15
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Local File Inclusion via directory traversal with an admin/index.php?module=file_editor&file=/../ URI.