cybersecurity

The original post: /r/cybersecurity by /u/kenyakickz25 on 2024-11-04 22:28:13.

I've never been able to make sense of the name..they want to strike what crowd? bugstrike could be a sensible name but it it is taken as I just looked it up.

The original post: /r/cybersecurity by /u/Wise-Hat9376 on 2024-11-04 21:59:42.

Hey heroes! My wife nearly fell victim to a phishing scam. She texted her username after they pressured her, trying to get her password too. She came to me as I was clocking out from my job as a CIRT Analyst. I have to say, I love this field! She muted the guy on the call and asked if it was legit. First thing I asked was if he had an Indian accent—no offense, just part of my process of elimination. She said yes, so I got on the phone. The caller ID was spoofed, and the guy sounded somewhat professional. Right away, I told him that USAA wouldn’t ask for both username and password. He quickly said he felt uncomfortable talking to me and asked to speak to my wife again. I laughed, told him to stop scamming, and as I hung up, he yelled something profane—sealed the deal right there.

We reported the attempt to USAA, changed her username and password, and they’ll be monitoring her account. Honestly, if I didn’t work in cybersecurity, we might have fallen for it—especially with a spoofed customer service number. Stay alert, everyone! Scammers are targeting hard-earned money, especially during the holidays. Spread the word!”

USAA: Have you attempted a transaction in the amount of $328.59 at a Walmart Supercenter Fayetteville, AR? Please reply Y for Yes and N for NO. Msg & Data rates may apply.

NO

USAA Bank: Please confirm the most recent Username. USAA Bank will NEVER ask you to share over the phone. Msg & Data rates may apply.

USAA Bank: Please confirm the most recent Username. USAA Bank will NEVER ask you to share over the phone. Msg & Data rates may apply.

USAA Bank: Please confirm the most recent Password. USAA Bank will NEVER ask you to share over the phone. Msg & Data rates may apply.

The original post: /r/cybersecurity by /u/Due-Student946 on 2024-11-04 21:37:27.

Hey everyone! I’m incredibly excited (and grateful!) to have landed a Cyber Engineer Intern position with Goldman Sachs for next summer. I'm currently a college junior and have a few cybersecurity internships under my belt, both on the technical and consulting sides. This internship is such a huge step for me, especially with the pay (over $40/hr!) and the potential to turn it into a full-time offer.

I want to make the absolute most out of the next seven months so I can show up as my best self and crush it. Here’s my plan so far, but I’d love to hear any additional advice from those who’ve been in the industry or had similar experiences!

Python: Planning to dive deeper into Python since I know it’s so versatile and widely used in cybersecurity.

Sec+ Certification: I’m aiming to get my Security+ certification before summer, as I feel it’ll round out my foundational knowledge.

What else would you recommend? Are there other languages, tools, or specific skills I should focus on? I want to go in fully prepared and show my commitment to learning and growing. Any advice for leaving a strong impression to increase my chances of a full-time return offer would be greatly appreciated!

Thanks so much!

The original post: /r/cybersecurity by /u/allexj on 2024-11-04 21:25:14.

What's more respected and important?

The original post: /r/cybersecurity by /u/arqf_ on 2024-11-04 20:42:15.

Threat actors are abusing DocuSign's Envelopes API to create and mass-distribute fake invoices that appear genuine, impersonating well-known brands like Norton and PayPal.

The original post: /r/cybersecurity by /u/Consistent_Gate_5656 on 2024-11-04 20:33:05.

throwaway account.

Hello. I would like to conduct an interview for a project. I need someone in the field of cybersecurity to do so, and it needs to be someone who I don't know. It'd be greatly appreciated if I could get some time in private messages to conduct this interview. There should be 8 questions, but if I can I may diverge from the main 8 questions to inquire further on something the interviewee may say.

This is for a project. I do need a name but I am ok with doing a false name.

The original post: /r/cybersecurity by /u/nonaq2 on 2024-11-04 20:13:35.

What up? Has anyone worked any new cases dealing with BianLian. I am just looking for any additional IOCs. I already found the backdoor but looking for any new info with their TTPs since they moved to exfil only.

The original post: /r/cybersecurity by /u/arqf_ on 2024-11-04 20:05:55.

UK's National Cyber Security Centre (NCSC) has published an analysis of a Linux malware named "Pigmy Goat" created to backdoor Sophos XG firewall devices as part of recently disclosed attacks by Chinese threat actors.

The original post: /r/cybersecurity by /u/fchung on 2024-11-04 19:58:35.

The original post: /r/cybersecurity by /u/NotViola on 2024-11-04 19:41:49.

Hello,

To make it short, i’ve been a SOC analyst for 5-6 years, the only thing i have is a bachelor degree in Computer Science and a masters in Cybersecurity.

Can someone please point me to free/affordable courses or exams that i can do to boost my CV. I’m based in the UK but would like to move to KSA or UAE at some point, so anything valuable to them.

The original post: /r/cybersecurity by /u/lifetechmana1 on 2024-11-04 19:11:47.

I know tech is riddled with Layoffs, and the job market to get in is just as bad. But one thing I think about a lot is how often we hear the negative but not the positive perspectives.

IE: you hear about the 5 car crashes on the weekend but not the thousands who get to their destination. (Morbid but an analogy).

So that makes me wonder. How many people have kept their positions for an extended period of time, what reliable roles are, and what job security looks like across the industry when you get into certain roles.

The original post: /r/cybersecurity by /u/the_secguy on 2024-11-04 19:00:17.

I have over decade of experience in variours cyber fields and want to share my experience through blog. Happy to hear your thoughts.. https://thesecguy.com

The original post: /r/cybersecurity by /u/HunterHex1123 on 2024-11-04 18:55:01.

The original post: /r/cybersecurity by /u/Both_Practice_3252 on 2024-11-04 18:42:14.

I work in a SOC and we received a SOC-wide email to not run any unnecessary SIEM queries this week due to enhanced monitoring from application teams surrounding the election not wanting to hinder performance.

I work in a financial services company so we are constantly hit with attacks and see a large amount of traffic each week/month - but what about an election is cause for increasing attacks towards web applications of a financial services company?

My main thought is simply cause chaos in the US - if large banks and investment firms cannot secure users’ money they lose trust in the authorities… but i can’t think of other reasons why elections would cause increased attacks towards web traffic?

I understand that GENERAL attack traffic is likely increased around elections due to high emotions and stress, ppl more likely to get phished, etc but I am specifically trying to understand the motive behind attacks in financial industry increasing around election?

TLDR: why are there increased cyberattacks on financial services companies surrounding election in US?

The original post: /r/cybersecurity by /u/antdude on 2024-11-04 18:19:16.

The original post: /r/cybersecurity by /u/Bored247-365 on 2024-11-04 18:08:56.

Hey all,

Looking for Informations :)!

Thanks

The original post: /r/cybersecurity by /u/pmz on 2024-11-04 18:07:51.

The original post: /r/cybersecurity by /u/anynamewillbegood on 2024-11-04 17:57:18.

The original post: /r/cybersecurity by /u/sasko12 on 2024-11-04 16:58:27.

The original post: /r/cybersecurity by /u/Afraid_Net5230 on 2024-11-04 14:10:12.

I'm in Currently in Bachelors Program for cybersecurity with no EXP in the field with 1 yr 1/2 left. The semester ending in December, I have been researching desperately trying to find new avenues for affordable certifications routes as my college does not offer any certs.I have found some info on Women in Tech and it seems the gap needs to be filled sooner than later. Im really worried financially and need to enroll in program for January or classes again with same college.I am dying to start with hands on classes and know i am going somewhere. Sans is outta the question. I needentry level certs and looking towards ethical hacker or blue or purple team. I hear there are many companies that do the work study or close to but I am lost on where to go .I need a training that will lead me to a chance of scoring a job directly after certification. Also stacking certs from beginning with multiple included in a package training would be awesome financially. Anyway, passionate eager lady wishing to embark on a mission to contribute to the greater good through applied skills and knowledge needs help desperately just like many others it seems. Any suggestions/guidance would be so greatly appreciated.

The original post: /r/cybersecurity by /u/arqf_ on 2024-11-04 13:30:16.

The original post: /r/cybersecurity by /u/Excellent-Net-5306 on 2024-11-04 13:17:04.

Hey everyone!

I'm currently working as a cybersecurity specialist focused on cyber awareness, and I'm always on the lookout for creative ideas to make security engaging and effective. I’d love to hear about any interesting or unique cybersecurity awareness initiatives your company has implemented.

Whether it's through fun training sessions, interactive activities, gamified learning, or anything else that caught your attention, I'd love to know what worked well (or even what didn't).

Any inputs are welcome as long as they’re related to cybersecurity awareness! Thanks in advance for sharing your experiences and insights.

The original post: /r/cybersecurity by /u/Mindless_Growth5148 on 2024-11-04 13:11:54.

Local tunnel method doesn’t work, it needs verification

The original post: /r/cybersecurity by /u/Yilerii08 on 2024-11-04 13:09:23.

The original post: /r/cybersecurity by /u/CookieEmergency7084 on 2024-11-04 13:06:32.

For those familiar with Wiz’s DSPM capabilities - is Wiz’s DSPM strong enough to replace a dedicated DSPM solution, or does it fall short on deeper data security needs?

Wiz nails it with CSPM, but DSPM requires real depth, like shadow data discovery, access monitoring, and complex data governance.

Would love to hear from anyone who’s compared it to dedicated DSPM tools.