cybersecurity

The original post: /r/cybersecurity by /u/ProfessionalAir6641 on 2024-12-27 13:10:56.

Curious if any security experts here see companies adopting any turn key solutions to prevent deepfake calls.

For example, employees calls being monitored for deepfakes to prevent “CEO Fraud” Attacks and other impersonations.

We know deepfakes can be dangerous, but what’s the take on the perceived risk and adoption?

The original post: /r/cybersecurity by /u/Sarciteu on 2024-12-27 12:42:14.

I want to learn more about the ISO 27001 and have any type of certification that shows that I do know my way around it. I know that companies get certified but, as a cybersecurity employee, how can I prove to other companies my knowledge?

The original post: /r/cybersecurity by /u/Party_Wolf6604 on 2024-12-27 08:48:05.

The original post: /r/cybersecurity by /u/RG96QC on 2024-12-27 07:55:38.

Hello Everyone, I work for Amazon currently and they have this Next Mile program with tons of programs you can choose from and career paths to help get you to your desired career goals and they pay for it if you are eligible. Thankfully I was eligible and chose cybersecurity. Hopefully I’m doing the right thing, for me its time to start something new and move on from being a delivery driver, nothing wrong with that just tired of working in manual labor for most of my life. Any Tips on programs/certificates ???

The original post: /r/cybersecurity by /u/arqf_ on 2024-12-27 07:27:56.

The original post: /r/cybersecurity by /u/DavidBrookslive on 2024-12-27 05:44:50.

The original post: /r/cybersecurity by /u/Unusual_Library4117 on 2024-12-27 04:05:20.

Heyo,

I have been working on integrating quantum-resistant encryption into necessary tech aspects of our lives and want to help people secure their data against all kinds of threats, no matter their technical savvy.

Was looking for feedback in this process and attempting to determine if a service/product would be preferred. If you're experienced in this field or interested in upgrading your file security, I would appreciate your time.

Thanks!

The original post: /r/cybersecurity by /u/mymalema on 2024-12-27 01:58:26.

The original post: /r/cybersecurity by /u/mymalema on 2024-12-27 01:16:12.

The original post: /r/cybersecurity by /u/AdmirableHabit5603 on 2024-12-27 02:38:50.

As the title suggests, I'm working on a malware analysis/CTI project to complement TryHackMe's SOC Level 1 path.

So far, I plan to take 4 malware samples from the following cyberattacks: Ryuk, WannaCry, NotPetya, and MedusaLocker, get an analysis report using Joe Sandbox, then write my own YARA rules.

I have some questions:

1. Walkthrough of installing & running malware in a sandbox - I'm familiar with FlareVM, but I'm confused about installing malware in a (potentially) internet-connected sandbox before detonating.
2. What are some good methods of extracting strings to use for YARA? Any videos/guides I can consult to get a better idea?

The original post: /r/cybersecurity by /u/mymalema on 2024-12-27 06:34:38.

The original post: /r/cybersecurity by /u/BothZookeepergame612 on 2024-12-27 05:54:18.

The original post: /r/cybersecurity by /u/desiboyy on 2024-12-27 05:14:59.

I’m an IT Auditor currently working on an Access Management audit for one of the modules in eGRC Archer. I asked the auditees to share a system-generated user list to check provisioning/de-provisioning. They informed me that Archer doesn’t have a direct feature to generate this list and that the group they are using to manage users for this module is not linked to Active Directory, even though users are using enterprise IDs and other firm configurations like SSO are set up. Since this group is not linked to AD, I can’t obtain the list from other sources within the firm. Has anyone encountered a similar situation before, and is there a legitimate reason for not linking the group to Active Directory?

The original post: /r/cybersecurity by /u/Karnitine on 2024-12-27 03:18:00.

I'm currently a security engineer with a little over a decade of IT experience, I think around 7 of that as a security engineer. My current title is Sr. Security Engineer. I'm at a point where I would like a lead role for a variety of reasons and the CTO is open to creating a team that I would have a leadership role in. He's looking to create an IAM team sometime in the near future and indicated that was an option, he also expressed that if there were other ideas I have that he would be open to them. One idea I am floating in my head is to create a team that does threat hunting and post incident/event analysis to bridge various gaps in our processes. Would it be a mistake to propose this? What would be better from a career perspective someone with engineering and soc experience as the threat hunting team lead or to be an engineer and then lead an IAM focused team?

The original post: /r/cybersecurity by /u/mymalema on 2024-12-27 02:28:05.

The original post: /r/cybersecurity by /u/mymalema on 2024-12-27 01:18:32.

The original post: /r/cybersecurity by /u/Still-Professional69 on 2024-12-27 00:58:15.

We have a number of developers where I work. Last year we removed Local Administrator rights for all users, including the developers. Everyone runs Admin By Request. However, this has caused some issues:

It is common for developer tools/IDEs to making changes to the Windows Firewall; but it's hard to anticipate when. The problem is that when it tries to make a change to the firewall, windows prompts "is it ok?" and then if they say "Yes", it prompts them for an administrator user/pass. As soon as it prompts "Is it ok?", if they try to run "Admin By Request", it always shows up behind the "Is it ok?" window, and they can't click the "OK" button on the admin access window or provide justification; it's hidden and stuck behind the "Is it ok?" window.

In the end, they have to cancel the the "Is it ok" window, and the firewall changes don't get applied; which may be important/needed. And the tools/IDEs don't make it easy to figure out how to re-initiate those changes again.

For those with developers without Local Admin rights, how do you deal with situations like this?

The original post: /r/cybersecurity by /u/Flimsy-Active7380 on 2024-12-26 21:13:28.

I am seeking to bring in my academic background of psychology and neuroscience into cybersecurity (where i am actually working - don't know why).

In planning a research study, I would like to get real lived-experience comments on what do you think the demands that cause stress are unique to cybersecurity compared to other information technology jobs? More importantly, how do the roles differ. So, please let me know your roles as well if okay. You can choose between 1) analyst and 2) administrator to keep it simple.

One of the things I thought is false positives (please do let me know your thoughts on this specific article as well). https://medium.com/@sateeshnutulapati/psychological-stress-of-flagging-false-positives-in-the-cybersecurity-space-factors-for-the-a7ded27a36c2

Using any comments received, I am planning to collaborate with others in neuroscience to conduct a quantitative study.

Appreciate your lived experience!

The original post: /r/cybersecurity by /u/anynamewillbegood on 2024-12-26 21:06:43.

The original post: /r/cybersecurity by /u/ArtichokeMajor1329 on 2024-12-26 20:57:47.

I've been diving deep into OSINT techniques lately, and I'm blown away by how much sensitive info can be uncovered just using Google. It's not just about advanced operators – there are some seriously clever tricks out there.

I put together an article exploring some of the most eye-opening techniques I've come across. If you're curious, you can check it out here: Article

What's the craziest thing you've managed to find using just Google?

The original post: /r/cybersecurity by /u/arqf_ on 2024-12-26 19:53:49.

The original post: /r/cybersecurity by /u/techw1z on 2024-12-26 19:46:57.

How to Lose a Fortune with Just One Bad Click – Krebs on Security

This is more than a week old, but I couldn't find it in a quick search across the sub. sry if I missed something and this is a repost.

I think that aside from the fact that one could have easily detected this by the sending address containing "forms", this is quite sophisticated for a op that targets more or less average people. I'm also curious how they knew he had crypto, I can't imagine a group that does this to random targets instead of high level targes like CEOs, but maybe I'm wrong and they have this automated so well that they really can afford to do that.

also, how do i post a news link so that it appears with preview in the sub? 😅

The original post: /r/cybersecurity by /u/Alert_Safe_4440 on 2024-12-26 19:19:18.

Hey guys I recently wanted to work on preparing for the Burp Suite certified professional exam however I am still deciding whether to purchase the professional version or not I feel some labs cannot be done without the professional version in their preparation guide. Would like some advice by the people who prepared for the exam :)

The original post: /r/cybersecurity by /u/General_Riju on 2024-12-26 17:46:01.

The original post: /r/cybersecurity by /u/gaurav1086 on 2024-12-26 17:43:45.

https://www.youtube.com/watch?v=9pX82_-sa3Y

Check out this interesting post !