The original post: /r/cybersecurity by /u/VLANtagonist on 2024-10-09 17:12:36.

When a bad actor engages in a credential stuffing attack against our customer portal, we can immediately tell (when they get to 2fa and fail) that the credentials are good. It’s an easy call to lock the account and reach out to the customer for a reset.

Where it gets dicier, from my perspective, is with Darkweb intel from our providers on supposed customer username/password combos. If we get a list of 600 names, but have no basis for establishing the accuracy, it’s more difficult to justify enacting the same procedure, particularly since it’s entirely possible that the username/password combo is recycled from some other old source, has long since been changed, and may come up multiple times in these dumps.

One of our vendors allegedly tests customer credentials against breach dumps (although we’ve yet to see an instance of this occurring with our customers). With our internal users, we of course have no qualms about having pentesters going even so far as to brute force creds. But with customers, it has a different feel, even if we are just contemplating potentially trying to validate creds from our threat intelligence providers.

Has anyone else tested the validity of these creds? Do you just proceed as if they are valid?

The original post: /r/cybersecurity by /u/Certain-Towel7026 on 2024-10-09 17:04:50.

I became more involved in security auditing and infrastructure hardening in the past 3 years. I understand there are US tax laws that say tax data should only be accessible by US personnel within the US.

Over the past year my company has hired thousands of India based employees and a few of them have access to all data in azure, which certainly holds PII and tax data. I've basically been told stand down, don't bring it up, this a sensitive topic. Is there an authority I can contact to report this outside of my organization anonymously? I don't even really care that this might not impact me on an audit as this is a company decision to allow it, and not a security concern that I can control, but I certainly do not enjoy being in meetings where we tell people you cannot access this you are outside of the US, while in that same meeting there 3 or 4 people in India with the access. It makes no sense and certainly violates tax data privacy laws right?

Maybe I don't understand the tax privacy data laws and this is an over reaction?

The original post: /r/cybersecurity by /u/Upper-Wash7148 on 2024-10-09 16:44:09.

Hello Cybersecurity Reddit! I was wondering what kind of response a company will look for when a question like this or similar to this is asked.

Will they be looking for you to pick up that weight? Or Tell management?

The original post: /r/cybersecurity by /u/Odd-Feed-9797 on 2024-10-09 16:29:22.

Reverb has failed sellers/users by allowing a massive data breach, and if you've ever sold anything, your personal information is now in a publicly accessible data dump, mine included.

Changing your password isn't much help, but yeah, just thought I'd post here in case someone didn't know. Take care.

https://www.linkedin.com/pulse/more-than-56-million-records-reverb-sellers-details-leaked-diachenko/

The original post: /r/cybersecurity by /u/EntranceIntrepid3009 on 2024-10-09 15:39:20.

Today was the first day a recruiter mentioned a job where the employer would sponsor a SC.

How valuable is this? Is this a bargaining chip for a higher salary?

The original post: /r/cybersecurity by /u/wewewawa on 2024-10-09 15:27:57.

The original post: /r/cybersecurity by /u/Competitive_Fan_6750 on 2024-10-09 15:03:43.

Hey, I have 7+ years of experience in cybersecurity and got an offer from Cognizant. Should I join ? How is job security in Cognizant? How is work life balance in cognizant?

The original post: /r/cybersecurity by /u/wmm_1 on 2024-10-09 13:37:06.

I just landed as a data analyst at a cyber security company. (How I got this job is still beyond me and I am dealing with alot of imposter syndrome).

While I enjoy being a DA I want to keep my options open and thinking about getting more involved with the actual work of a cybersecurity firm than just the data analytics.

What would you suggest I look at for possible next steps in my career path? I plan on staying in this role for 2-3 years but I've learned you need to start looking now for that next role.

My current hard skillset is SQL, TABLEAU, and very entry level python. I have studied for the COMPTIA Security + but never finished or registered to take it.

The original post: /r/cybersecurity by /u/TechInformed on 2024-10-09 13:10:17.

The original post: /r/cybersecurity by /u/ANYRUN-team on 2024-10-09 13:02:41.

Hey everyone! I’ve been thinking about the big gap between academia’s theoretical focus and the practical, immediate solutions needed in the field. Does anyone have ideas or experiences on how to bridge this gap?

The original post: /r/cybersecurity by /u/Immediate-Annual4505 on 2024-10-09 12:56:43.

For those of you who are in cloud sec engineering, how did you guys transition into it? What were some of the steps you took? I'm currently a cloud sec analyst (sole role is monitoring alerts) and want to get into the engineering side of the house. I've already taken several python and Terraform courses as well as earning the GCSA from GIAC.

In short, what was your career path and any tips for me in my current situation? Thanks!

The original post: /r/cybersecurity by /u/L015H4CK on 2024-10-09 12:27:56.

The original post: /r/cybersecurity by /u/Appropriate-Night758 on 2024-10-09 11:45:06.

Hello all, I am working as a SOC L1 analyst with 2.5 yrs of experience with a total tech experience of 4.5 yrs. I am currently looking for a job change and preparing for interviews.

I currently work on IAM, SOC using AD, Oka, Sentinel, Defender for my day to day tasks.

While preparing for interviews i came across Grace Nolan's interview prep github. There were many topics listed to study for an interview.

Is the material still relevant now, as I see that it was last updated some time ago. Seeing all the topics listed there i see that there is so much i don't know and much to learn to crack interviews. Also i am not sure how much of knowledge i should have on a specific topic like how much deeply i should know about any topic.

Please provide any tips/resources/info you have that can help me prepare for my interviews.

Thanks.

The original post: /r/cybersecurity by /u/CYRISMA_Buddy on 2024-10-09 11:05:22.

The original post: /r/cybersecurity by /u/CYRISMA_Buddy on 2024-10-09 11:03:55.

The original post: /r/cybersecurity by /u/Certain-Loquat-5668 on 2024-10-09 08:47:45.

I’m working on a new education initiative designed for the GRC community, and I’d love to get your thoughts on it before we launch. Your feedback will be incredibly valuable in shaping this project.

💡 The Idea: GRC Galactica – An Interactive GRC IQ Quiz with an Arcade Twist

The theming will be inspired by classic arcade-style games such as Space invaders, the quiz will feature 50 questions that cover everything from beginner basics to advanced GRC topics.

Highlights of the Game:

• Levels: The quiz will be divided into 4 levels – Cadet (Novice), Pilot (Intermediate), Commander (Advanced), and Veteran (Expert) – each with progressively tougher questions.
• Badges & Achievements: Players earn badges as they level up, with the ultimate goal of achieving the Veteran badge.
• Leaderboard: We’ll have a real-time leaderboard where players can see how they stack up against others in the cybersecurity community, earning bragging rights for their GRC IQ score.
• Retro Vibes: The game will have an old-school arcade aesthetic – pixelated graphics, retro sound effects, and a journey through the “Compliance Galaxy.”

Why We're Doing This:

• Filling a Gap: There’s currently no clear leader in GRC continuing education that makes learning engaging, practical, and free. Most GRC training is dry and prohibitively expensive.
• Practical Knowledge: The quiz isn't just about theoretical knowledge; we're focusing on real-world, practical applications of GRC principles to help professionals stay sharp.
• Community Involvement: We’re planning to involve senior CISOs and cybersecurity experts to contribute to and validate the quiz content, ensuring it’s relevant and up-to-date.

What We Want to Know from You:

The original post: /r/cybersecurity by /u/Any-Signature-5627 on 2024-10-09 08:13:27.

Thoughts on Island Enterprise Browser? We are considering trialing this and replacing our VPN solution however i do worry about protecting apps/traffic outside the browser.

The original post: /r/cybersecurity by /u/Zealousideal-Emu2667 on 2024-10-09 07:35:34.

What is the best Password Manager in your Company for your Opinion?

I heard good Things about Keeper.

The original post: /r/cybersecurity by /u/Wild_Bet4857 on 2024-10-09 04:29:39.

Hey guys quick and to the point: My goal is to become a security analyst. I have a computer science degree, a valid security+ certification (also google cyber security certificate but that doesn't mean much) and just recently finished the TryHackMe SOC Level 1 course. Where do you guys think I should go from here, cysa+ or blue team level 1 (or anything else). Any feedback is appreciated greatly!

The original post: /r/cybersecurity by /u/hacknewstech on 2024-10-09 03:09:51.

Original Title: As a fresher, I've received a job offer as a Technical Support Engineer at a reputable SSL certificate provider company. Should I accept it? Will I be able to transition into web security roles within 1-2 years?

Just need your advice!

The original post: /r/cybersecurity by /u/Fashion_fwd on 2024-10-09 00:54:19.

Hello InfoSec community,

I am a burnt out Sr. Threat Analyst that has been working in the SOC for the past 5 years. A little background I changed career paths into Cybersecurity 5 plus years ago and started working as a L1 analyst in a SOC as I heard that is a good starting point. I busted my butt working my way up to a L2 analyst, even have 9 months of being a SOC manager experience. I have a master's degree in cybersecurity, sec +, some vendor cloud certs, and got my CISSP earlier this year.

While it was a great learning experience working in a SOC as a threat analyst I feel like I have hit a wall. I work for a large MSSP and due to staffing shortages I have been doing mostly L1 work ( triaging alerts). I am so bored by the work and feel like I am on "auto-pilot" every day. Part of me feels like I am wasting my time as I am not learning anything new in my current position. However, I am not sure where to go from here. I've started looking for other jobs but have a bit of imposture syndrome when looking at the required skills/ years of experience in another cybersecurity domain. I can't help but feel like I am stuck in the SOC as that is where my experience lays.

Has anyone successfully transitioned from working as a threat analyst in the SOC into another area of cybersecurity?

Any advice would be greatly appreciated!

The original post: /r/cybersecurity by /u/zoro_roronoa-01 on 2024-10-08 22:46:41.

I am for city where cybersecurity is not that popular. And I am a beginner in the cybersecurity. I am so confused about my career about Cybersecurity (Offensive Security or Pentest). I don't have source to learn the advance things about it. Like how to get in someone system? And how they know which file is where? How they know which file is important (like name of file searching for)? And what tools should used in required situation?

I need help to understand how can I get into offensive security. So I want help and guidance so how can I get.

The original post: /r/cybersecurity by /u/Scared-Enthusiasm777 on 2024-10-08 21:46:03.

As I continue my degree path, I decided to spend my electives on learning a foreign language.

At first the obvious choice was Spanish, being a US citizen and all, but I am hoping to travel in the future with my work, preferable to Europe/Eastern Europe.

So now I am considering German, Polish, or Ukrainian.

I don't feel too uncomfortable with German, but I feel as a native English speaker that Slavic languages are a lot harder than other options available.

What language would have the most benefit in the field if I have aspirations to work internationally?

The original post: /r/cybersecurity by /u/sasko12 on 2024-10-08 21:27:20.

The original post: /r/cybersecurity by /u/CompSciGeekMe on 2024-10-08 20:51:11.

Here is a link to it: https://www.cisco.com/site/us/en/learn/training-certifications/certifications/ethical-hacker/index.html

Please feel free to share your thoughts