Make no mistake: We are at war. And the good guys are losing.


There is a strong and growing cybersecurity ecosystem in Arizona. We can and should be leaders in this critical field. This website is designed to be a one-stop resource for students, employees, employers, and educators in the AZ cybersecurity ecosystem.


These are all systems vulnerable to cyber attacks. And we need a new generation of creative, dedicated cybersecurity professionals to protect us.

Cybersecurity is the protection of IT systems (software, hardware, and network) and the availability, integrity, and confidentiality of their data.


“FireEye has uncovered a widespread campaign, that we are tracking as UNC2452. The actors behind this campaign gained access to numerous public and private organizations around the world. They gained access to victims via trojanized updates to SolarWind’s Orion IT monitoring and management software. This campaign may have begun as early as Spring 2020 and is currently ongoing. Post compromise activity following this supply chain compromise has included lateral movement and data theft. The campaign is the work of a highly skilled actor and the operation was conducted with significant operational security.”


“Consumer credit score company Equifax has revealed that hackers accessed up to 143 million customer account details earlier this year. The data breach happened on July 29 and the details taken include names, social security numbers, drivers licences, and credit card numbers of around 200,000 people.”

Source: WIRED

“On May 12 a strain of ransomware called WannaCry spread around the world, walloping hundreds of thousands of targets, including public utilities and large corporations. Notably, the ransomware temporarily crippled National Health Service hospitals and facilities in the United Kingdom, hobbling emergency rooms, delaying vital medical procedures, and creating chaos for many British patients.”

Source: WIRED

“A month or so after WannaCry, another wave of ransomware infections that partially leveraged Shadow Brokers Windows exploits hit targets worldwide. This malware, called Petya, NotPetya and a few other names, was more advanced than WannaCry in many ways, but still had some flaws, like an ineffective and inefficient payment system.”

“Though it infected networks in multiple countries—like the US pharmaceutical company Merck, Danish shipping company Maersk, and Russian oil giant Rosnoft—researchers suspect that the ransomware actually masked a targeted cyberattack against Ukraine. The ransomware hit Ukrainian infrastructure particularly hard, disrupting utilities like power companies, airports, public transit, and the central bank, just the latest in a series of cyber assaults against the country.”

Source: WIRED

“In February, the internet infrastructure company Cloudflare announced that a bug in its platform caused random leakage of potentially sensitive customer data. Cloudflare offers performance and security services to about six million customer websites (including heavy hitters like Fitbit and OKCupid), so though the leaks were infrequent and only involved small snippets of data, they drew from an enormous pool of information.”

“Google vulnerability researcher Tavis Ormandy discovered the problem on February 17, and Cloudflare patched the bug within hours, but the data leakage could have started as early as September 22, 2016. Leaked data was only deposited on a small subset of Cloudflare customer sites, and usually it wasn’t visible on the pages themselves. Search engines like Google and Bing that crawl the web, though, automatically cached the errant data—everything from gibberish to users’ Uber account passwords and even some of Cloudflare’s own internal cryptography keys—making it all easily accessible through search.”

Source: WIRED

“Voter data belonging to almost 200 million Americans has been found online. A conservative US data analytics firm contracted by the Republican National Committee, Deep Root Analytics, left the records available on an unsecured Amazon web server. The 1.1 terabytes of data included names, dates of birth, home addresses, phone numbers, voter registration details and ‘modelled’ ethnicities and religions, according to security firm UpGuard, which stumbled across the information.”

“Although the data wasn’t hacked, being left on an unsecured server meant that anyone who happened to come across it would be able to download and take the information. There’s no evidence to suggest this happened though. ‘That such an enormous national database could be created and hosted online, missing even the simplest of protections against the data being publicly accessible, is troubling,’ UpGuard said in a blog post.”

*Not an attack, but a security failure of epic proportion.

Source: WIRED

“After disclosing two distinct hacks late last year, one of which implicated a billion users, Yahoo has once again sent an email to users warning them of potentially compromised accounts. The scope is more limited than previously reported breaches, but the threat is both more specific and more devious. This time, it’s from state-sponsored hackers using forged cookies to dig into their information without needing their passwords.”

Source: WIRED

There’s a huge gap between the number of open cybersecurity positions and the number of available, qualified people to fill them.


An inability to fill open cybersecurity positions leaves organizations vulnerable to the kinds of cyber threats that not only harm them, but the rest of us as well.

View CyberSeek Interactive Map