cybersecurity

The original post: /r/cybersecurity by /u/gurugabrielpradipaka on 2024-11-14 14:28:48.

https://www.techradar.com/pro/fbi-confirms-chinese-hackers-accessed-us-government-official-devices-networks

Chinese state-sponsored groups compromised US devices and networks

The original post: /r/cybersecurity by /u/OkDisaster6669 on 2024-11-14 13:45:48.

I tryna get some alternatives, like switching to a new EDR soon but as not taking E5 the prices of E1 and E3 are increasing so much. Do you have any cost efficient strategy when it comes to this ?

The original post: /r/cybersecurity by /u/TechInformed on 2024-11-14 13:20:29.

The original post: /r/cybersecurity by /u/bvshai on 2024-11-14 09:45:24.

The original post: /r/cybersecurity by /u/Square_Classic4324 on 2024-11-14 05:08:11.

I have a question about encrypt in transit services such as SSH. On the client side I've edited the conf files to 1, prioritize allowed ciphers and 2, block obsolete ciphers.

But the vulnerability scanning results still come back with tons of unsecure ciphers findings. Is that because the vuln scanning tools are trying to negotiate a connection themselves rather than using what is on the client?

Do I have to edit the server conf as well to suppress these findings? The findings are getting executive attention and at this point I just want to make it go away even though there's no chance of a client actually being able to initiate a connection with an excluded cipher.

Thank-you

The original post: /r/cybersecurity by /u/Advocatemack on 2024-11-13 16:05:03.

I have been doing some research into different vulnerabilities and how prevalent they are in open and closed source projects. Following the news about the MOVEit data being sold (for reference MOVEit were breached through SQL injection in 2023 but data now coming to market/ransomed) I decided to release my research of SQLi early while its being discussed.

I know how much we all dislike corporate blogs so below are the main points:

• 6.7% of all vulnerabilities found in open-source projects are SQLi
• 10% for closed-source projects!
• An increase in the total number of SQL injection in open-source projects (CVE’s that involve SQLi) from 2264 (2023) to 2400 (2024) is expected.
• As a percentage of all vulnerabilities, SQL injection is getting less popular: a decrease of 14% and 17% for open-source and closed-source projects respectively from 2023 to 2024
• Over 20% of closed source projects scanned are vulnerable to SQL injection when they first start using security tooling
• For organizations vulnerable to SQL injection, the average number of SQL injection sites is nearly 30 separate locations in the code

You can read all my findings here -> https://www.aikido.dev/blog/the-state-of-sql-injections

SQLi is a particularly interesting one as its one of the oldest vulnerabilities that we still see now and we don't seem to be making much improvement on it despite tools, resources and a plethora of breaches reminding us of its importance.

The original post: /r/cybersecurity by /u/RotemNkunim on 2024-11-14 04:06:44.

Anyone have any tips on how to go from CTI to threat hunting?

I’ve been doing CTI for a while now. Maybe 3-4 years. I’d like to get into threat hunting but know that I have a lot to learn, especially given the technical depth in hunting that isn’t as necessary for CTI work. My company is willing to pay for training so I can always go the SANS route.

Open to any suggestions! Certifications, online platforms, anything! Thank you everyone in advance!

The original post: /r/cybersecurity by /u/woolleymammoth89 on 2024-11-14 02:21:27.

Soft skills are an important part of any industry. However, we always focus on the technical courses/certs. Does anyone know of any soft skill courses/programs besides the TCM PCRP (Practical Career Ready Professional) course?

The original post: /r/cybersecurity by /u/SeaEvidence4793 on 2024-11-14 01:34:59.

Anyone else think adding CISSP after your name is silly? It’s not a MD or PHD. Yes it’s a hard cert but just because you have a CISSP dosent mean you are an expert. In my opinion it just means you arnt a noob anymore.

People thinking the CISSP is as equivalent to a master or MD just anger me sometimes.

What are your thoughts?

The original post: /r/cybersecurity by /u/No-Mousse989 on 2024-11-14 01:32:20.

Hey everyone!

I’m looking for advice on how to make the most of LinkedIn to increase my chances of landing a job in a new location. I’ve listed all my work experience, but I notice that others are doing more to showcase their skills, projects, and ongoing work. Recently, I’ve been active on Hack The Box, and I’m thinking about blogging or sharing my notes there to demonstrate my skills. Should I also use hashtags and other visibility tactics? Or is there a different approach I should take to make my profile more attractive to recruiters? Any tips or feedback would be really appreciated!

The original post: /r/cybersecurity by /u/Several_Print4633 on 2024-11-14 00:51:30.

The original post: /r/cybersecurity by /u/COPD2323 on 2024-11-13 23:34:08.

Has anyone ever had a 3rd party recruiter sit in on your actual interview with a company?

Quite a strange experience for me, especially with the recruiter chiming in on technical aspects during the interview.

Maybe it’s just me, but seemed a little weird.

The original post: /r/cybersecurity by /u/arqf_ on 2024-11-13 21:23:29.

The original post: /r/cybersecurity by /u/Kasual__ on 2024-11-13 21:11:03.

What do you view as the most influential thing that helped you land your first cyber role?

What was your first cyber job?

Was it low/high tempo?

Did you get lucky/a break, as in the company took a chance on you, or did you have some solid skills already?

Asking because I’m in my first cyber role (80% GRC 20% endpoint security), and I feel I’ve gained little to no experience 8 months in. Just curious what’s the norm.

The original post: /r/cybersecurity by /u/Lyxandrah on 2024-11-13 21:03:32.

Good afternoon,

I am looking into a solution to detonate Windows malware in an enclosed environment. What would be the safest way to go about it ?

I am looking into Kasm running RDS sessions but I'm not 100% sure it is sandboxed thus malware could eventusally escape. I am also not sure it is feasible with this solution.

Does anyone have any experience with this ?

The original post: /r/cybersecurity by /u/Not_Time_ on 2024-11-13 20:38:13.

Hello guys!

I'm very interest in dive into Cybersecurity and I've seen that OSCP certification is worthy to take, but it's bit expensive to take. I wish to know if there's any resource to study for that exam while saving for the certification.

Thank you so much beforehand

The original post: /r/cybersecurity by /u/NAS0824 on 2024-11-13 20:35:35.

Has anyone had Gemini for workspace implement for their company/orginization ?

Googles site says it’s ISO complaint and pending FedRAMP as well , but is there anyone that has a risk analysis to accept the use of it ?

Specifically with accessing sensitive documents/emails ?

Assuming there’s communication to not put in sensitive information into AI models , how does one ensure that implementation with an entire suite doesn’t spill information (with access to alll company information)

The original post: /r/cybersecurity by /u/arqf_ on 2024-11-13 20:12:35.

The original post: /r/cybersecurity by /u/gurugabrielpradipaka on 2024-11-13 20:12:11.

The original post: /r/cybersecurity by /u/chwallis on 2024-11-13 18:03:20.

Hey all, we recently released a free resource for the cyber community, intel.intruder.io, to help blue teams keep an eye on the latest CVEs trending on X. We used to use cvetrends.com for the same purpose ourselves, but since it got taken offline after Elon's API changes we decided the world needed a good replacement, and didn't want to just keep it for ourselves.

We've been developing it for a couple of months now and have plenty of ideas to make it even better, like Slack integrations for sending alerts etc, but would love feedback from the secops/defender community on whether it's useful, any features that would make it more useful... or any comments at all.

The original post: /r/cybersecurity by /u/Veloci7y_ on 2024-11-13 17:34:55.

Hi Everyone,

We currently use Knowbe4 KCM for managing our tracking of compliance requirements for HIPAA and GLBA since were in Higher Ed. We also use it for managing our IT security risk register. KCM is being discontinued which is a bummer because it works really well for smaller businesses. We don't need much for automation which most other vendors seem to sell themselves on. Right now we basically use it for a risk register with about 100 items and links to a control library that we use to measure inherent vs residual risk. We also have compliance scopes like HIPAA that track our evidence and status (met or unmet) for several hundred requirement items.

I am looking for recommendations that would be the right size for us. Most of the other options like Vanta, Zen GRC, and Drata are probably about twice as much being from 25-50k per year. They seem to be more expensive and do more automation than we really need. I think they are really focused on organization who are trying to do things like SOC2 which we don't need.

I really just want another system like KCM where I can have multiple risk registers with a control library and being able to track compliance requirements with our response and some minor automation. Any players out there that would meet our needs?

The original post: /r/cybersecurity by /u/FabulousPride189 on 2024-11-13 17:33:29.

I’m a recent grad (2024) currently working in cybersecurity, and I’m eager to grow in my field. I also want to build additional skills so Here are the paths I'm considering:

1. Data Analytics or Business Analytics - Looking for a course with job placement support, which could help me transition into analytics if needed.
2. MBA (HR or Management) - Interested in the management side, so I’m thinking an MBA might be useful.(Online)
3. M.Tech or MS in Cybersecurity - To boost my technical knowledge further, ideally in an online format.

The original post: /r/cybersecurity by /u/the_secguy on 2024-11-13 17:27:28.

The original post: /r/cybersecurity by /u/Krystekhcww on 2024-11-13 17:13:33.

Hey everyone,

I’m currently working on my master’s thesis, which focuses on securing a web server running on a Linux system with Apache, specifically through implementing STIG (Security Technical Implementation Guide) recommendations. I’m still building up my knowledge about Apache 2.4, and I could really use some help finding good resources, books, or any materials that can provide a solid foundation in both using and securing Apache.

I’d appreciate any suggestions on books, guides, courses, or even documentation that you found helpful when learning about Apache 2.4, especially if it covers topics relevant to server hardening and STIG compliance. I’m aiming to learn both the fundamentals and security best practices.

Thanks a lot in advance!

The original post: /r/cybersecurity by /u/Novel_Negotiation224 on 2024-11-13 17:02:27.