Security & Privacy

Principle of Least Privilege

• What is the Principle of Least Privilege (PLP)?
• Why You Should Not Run as an Administrator or Root User

Password Managers

HTTPS SSL TLS

• Here’s Why Your Static Website Needs HTTPS by Troy Hunt
  • CloudFlare, SSL and unhealthy security absolutism
  • Have i been pwned? Check if you have an account that has been compromised in a data breach. by Troy Hunt
    
• HTTPS Is Easy!
• Let’s Encrypt is a free, automated, and open Certificate Authority brought to you by the non-profit Internet Security Research Group (ISRG).
• What Is HTTPS, and Why Should I Care? by Chris Hoffman
• HTTPS and Privacy by Jacob Baytelman
• SSL Server Test: This free online service performs a deep analysis of the configuration of any SSL web server on the public Internet.

Training / Certifications

• Cybrary – Free IT & Security Training
  • Cybrary Offers Free Online Ethical Hacking and Cyber Security Training
  • First Look: Cybrary Free IT Training
• Cisco CCNA Cyber Ops Certification
• GIAC Cyber Security Certifications

InfoSec Industry

• Established to serve as a one stop sites for access to the latest resources on information security as well as measures and best practices for the prevention of cyber crimes.

Scams / Fraud

• Fraud.org is a project of the National Consumers League (NCL), a nonprofit advocacy organization based in Washington, DC.
• List of Fake Job Scam Examples: Classic Scams You Should Learn to Avoid by Alison Doyle (TheBalanceCareers.com)
• Fake Check Scams (Fraud.org)
• Where to find more information on elder financial vulnerability by Eliza Mills and Sasa Woodruff (MarketPlace.org)
• Federal Trade Commission information on how to avoid tech support scam
• FTC information on gift card scams
• Consumer Financial Protection Bureau’s resource guide for older adults
• Download the CFPB’s Identity Protection Guide
• Stanford Center on Longevity toolkit
• Wayne State University Institute of Gerontology; the institute’s Older Adult Nest Egg helps professionals review financial decisions to identify and protect seniors vulnerable to fraud  
• Federal Communications Commission Consumer Complaint Center
• FTC Consumer Sentinel HelpLine: 877-701-9595
• Federal Bureau of Investigation Internet Crime Complaint Center FBI: 800-CALL-FBI
• You can also report fraudulent activity to your state attorney general
• FINRA’s Financial Literacy Quiz
• National Center on Elder Abuse
• U.S. Senate Special Committee on Aging fraud hotline
• ElderAbuse.org, research and education umbrella organization dedicated to fighting abuse
• Better Business Bureau Scam Tracker
• Find your local Adult Protective Services
• AARP’s Fraud Watch Network 877-908-3360
• AARP scam updates newsletter
• State Bar Associations may be able to connect you with pro bono legal services
• “It Happened to Dad”: A presentation by Missouri resident Chad Schrieber, whose father was targeted by multiple fraudsters

Open-Source Intelligence (OSINT)

Open-Source Intelligence (OSINT) is defined as intelligence produced by collecting, evaluating and analyzing publicly available information with the purpose of answering a specific intelligence question.

• What is OSINT (Open-Source Intelligence?) | SANS Institute

Tools

Have I Been Pwned is a website that lets you search across multiple data breaches to see if your email address or phone number has been compromised. You can also generate secure, unique passwords for every account and learn more about data breaches and exposure

Maltego is software used for open-source intelligence and forensics, developed by Paterva from Pretoria, South Africa. Maltego focuses on providing a library of transforms for discovery of data from open sources, and visualizing that information in a graph format, suitable for link analysis and data mining. Wikipedia

• Maltego: The Ultimate OSINT & Cyber Investigation Tool by Gary Ruddell