cybersecurity

The original post: /r/cybersecurity by /u/arqf_ on 2024-11-17 16:31:08.

The original post: /r/cybersecurity by /u/arqf_ on 2024-11-17 16:04:14.

The original post: /r/cybersecurity by /u/paparacii on 2024-11-16 20:35:49.

Organization has Linux, Windows and Mac endpoints, users are remote. How would you manage those? What would your first steps be?

I'm struggling about what approach to take about managing users and endpoints for high level of security, I want to take away local admins but I'm not sure where to start

The original post: /r/cybersecurity by /u/thinkB4WeSpeak on 2024-11-16 09:19:47.

The original post: /r/cybersecurity by /u/Real_Nail1739 on 2024-11-16 09:00:41.

https://foresiet.com/blog/inside-the-moveit-breach-how-cl0p-and-nam3l3ss-expose-organizations-to-ongoing-cyber-threats

The original post: /r/cybersecurity by /u/Conscious-Falcon-1 on 2024-11-16 23:29:43.

Hi all,

I am using a throwaway account. I recently joined a new organization that is used to ordering product pentests and getting reports that do not include details, such as the steps to reproduce to exploit the vulnerability, or the CVSS score.

This has led the development team, unable to reproduce the vulnerability, to accept the finding and severity as-is from the report, and adding every finding in the backlog - with its reported severity level.

This has worked so far because few pentest were ordered. But now we are significantly increasing the number of yearly, and post important change pentests

In my previous experience, pentest findings contained detailled steps to reproduce as well as the CVSS 3.1 vector.

Before giving the report to product teams, there was a vulnerability assessment step to review the real severity of the findings (using the details of the report and our own, better knowledge of the business logic) and more often than not, each finding would have its severity level decrease. We would do it by adjusting the CVSS (on the conditions required to exploit or impact on CIA usually). Or we would realize that it was a false positive.

This step was really important, because following this assessment, the list of findings given to the product teams would be much smaller, and the timeline SLA to address a finding would be longer.

I was wondering what is the community’s take on this. I can see the value of the reassessment, because a lot of time is saved downstream by requiring less work from the product team and giving them more time as well.

Can I enforce in the contract with the pentesters, to require more details in the findings, including CVSS score vector and step by step instructions to exploit the weakness? I am curious about your take on this.

The original post: /r/cybersecurity by /u/cyberLog4624 on 2024-11-16 23:17:48.

I've got an interview in a few days for a consulting internship in a cybersecurity company. Honestly I've got no idea what questions they could ask me since the job would have me doing different things depending on the contract.

For people who work as consultants, and also for people who have done a lot of interviews, what are the most common questions? Also, have you had unusual questions?

The original post: /r/cybersecurity by /u/RotemNkunim on 2024-11-16 22:19:55.

I took a SANS course earlier this year and wasn’t able to take the exam during the standard voucher period for personal reasons.

I am within the window for purchasing an extension but I know the exam will include CyberLive content and I want to make sure an extension will allow me to access the labs again.

I called SANS and the lady who answered said that an extension grants me access to everything but the labs. She said if we do live online our lab access expires immediately after the course. That makes zero sense because the instructors kept saying we should continue doing the labs after the course as practice for the exam. Also if the exam has lab content… wouldn’t we need that to study?

Should I call again to talk with someone else? This just makes no sense to me. Thanks!

The original post: /r/cybersecurity by /u/arunsivadasan on 2024-11-16 21:44:09.

Hi everyone! I have an (unofficial) mapping of NIST CSF 2.0 to ISO 27001:2022 on my site:

https://allaboutgrc.com/risk-and-controls-database/

Check it and let me know if its helpful.

Caveat: It only covers the Annex A controls. Its based on a mapping that CSF 1.1 had with ISO 27001:2013. I used that to map with the newer ISO 27001:2022 to get this outcome. If anyone would like to contribute with better relationships or mapping with the clauses, please reach out. I would be happy to include and give credit to you.

The original post: /r/cybersecurity by /u/ValidPrestige on 2024-11-16 20:55:05.

The original post: /r/cybersecurity by /u/ka2er on 2024-11-16 19:57:51.

I was wondering i some folks already move to the new offer and if they had some benefits ? We are struggling to adust qty between each products and we are ourselves if it could help...

The original post: /r/cybersecurity by /u/Novel_Negotiation224 on 2024-11-16 19:14:01.

Original Title: According to the US Environmental Protection Agency (EPA) report, security vulnerabilities in the critical drinking water infrastructure serving 193 million people increase the risks of cyber attacks.

The original post: /r/cybersecurity by /u/anynamewillbegood on 2024-11-16 18:12:01.

The original post: /r/cybersecurity by /u/arqf_ on 2024-11-16 18:11:10.

The original post: /r/cybersecurity by /u/arqf_ on 2024-11-16 18:06:05.

The original post: /r/cybersecurity by /u/arqf_ on 2024-11-16 16:38:05.

The original post: /r/cybersecurity by /u/Snowfish52 on 2024-11-16 16:32:32.

The original post: /r/cybersecurity by /u/Manager-Fancy on 2024-11-16 16:18:30.

I just released version 2.0.3 of EvilURL, a cybersecurity tool designed to safeguard against IDN Homograph Attacks – feel free to contribute https://github.com/glaubermagal/evilurl

The original post: /r/cybersecurity by /u/Such-Heat1674 on 2024-11-16 15:58:40.

The original post: /r/cybersecurity by /u/Connect_Cap_4323 on 2024-11-16 14:39:01.

The original post: /r/cybersecurity by /u/JBear520 on 2024-11-16 14:16:44.

I work for an MSP that utilizes Nessus Pro for vulnerability scans for monthly attestation reports. We take the results from the scan and manually build a monthly report for our clients. The company is growing and we are bringing in more clients who are choosing monthly scans so the manual process of putting these reports together by the mid month deadline is becoming more difficult. So we are looking for a vulnerability scanner that covers what Nessus can but actually provides a better report format that can also be branded to save us some manual labor time to put these reports together.

Appreciate any recommendations/experiences you’ve had!

The original post: /r/cybersecurity by /u/anynamewillbegood on 2024-11-16 11:21:06.

The original post: /r/cybersecurity by /u/VegetableAnybody534 on 2024-11-16 11:08:32.

The idea of being able to pentest across a wide range of technologies and frameworks, to analyze the entire attack surface and vectors, and to attempt to pwn an entire infrastructure from multiple angles is absolutely mind-blowing.

As we know, large companies aren’t just about web applications or Active Directory forests—they're massive ecosystems. They encompass APIs, applications (web, thick/thin clients, mobile), Active Directory, Windows services, third-party dependencies, and now, increasingly, internal AI systems. Being capable of pentesting and compromising all of that, while possessing the deep knowledge required to pull it off, is truly a double-edged sword.

Mastering all of this is incredibly challenging, but I hope to achieve it one day—after years of experience and continuous learning.

The original post: /r/cybersecurity by /u/NISMO1968 on 2024-11-16 10:09:14.

The original post: /r/cybersecurity by /u/Snowfish52 on 2024-11-16 05:16:59.