cybersecurity

The original post: /r/cybersecurity by /u/Calm_Wing418 on 2024-12-04 05:26:21.

I know this might be asked a lot, but I’m completely new to cybersecurity and looking for advice on building a strong foundation. I’m looking for beginner-friendly cybersecurity courses (both free and paid) that can help me master the basics.

I’d also love to hear from self-taught learners who started from zero. What was your journey like? What resources didyou use, and what challenges did you face? Whether you're still a beginner or have progressed further, any insights are welcome! :3

The original post: /r/cybersecurity by /u/NISMO1968 on 2024-12-04 02:30:06.

The original post: /r/cybersecurity by /u/atcscm on 2024-12-03 23:18:25.

Hi everyone,

What does your day-to-day work look like as a Cyber Engineer?

I believe that most medium and large companies outsource their SOC. As an engineer, how do you collaborate with them when a security incident occurs?

In the case of a security incident, what steps do you take? For example, how do you handle a compromised email or unauthorized access to the network?

Thank you!

The original post: /r/cybersecurity by /u/arqf_ on 2024-12-03 22:16:37.

The original post: /r/cybersecurity by /u/arqf_ on 2024-12-03 21:48:24.

The original post: /r/cybersecurity by /u/arqf_ on 2024-12-03 21:47:57.

The original post: /r/cybersecurity by /u/gkpln3 on 2024-12-03 20:51:15.

I've just finished writing a small utility which helps you make sure you don't install suspicious packages using pip.

The goal is to help developers manage the risk of blindly installing random packages, as these packages can pose a significant risk to the user since they literally run code on the host when installed.

It is very simple and open source, feel free to try and tell me what you think :)

Get it here:

https://github.com/gkpln3/safe-pip

The original post: /r/cybersecurity by /u/BothZookeepergame612 on 2024-12-03 20:32:40.

The original post: /r/cybersecurity by /u/arqf_ on 2024-12-03 19:16:38.

The original post: /r/cybersecurity by /u/IHaveIntel on 2024-12-03 18:44:46.

The original post: /r/cybersecurity by /u/gurugabrielpradipaka on 2024-12-03 18:37:48.

The original post: /r/cybersecurity by /u/arqf_ on 2024-12-03 18:09:14.

The original post: /r/cybersecurity by /u/arqf_ on 2024-12-03 18:08:54.

The original post: /r/cybersecurity by /u/arqf_ on 2024-12-03 18:08:35.

The original post: /r/cybersecurity by /u/According-Ad3533 on 2024-12-03 15:22:54.

The original post: /r/cybersecurity by /u/boom_bloom on 2024-12-03 15:13:27.

The original post: /r/cybersecurity by /u/tjmiller90 on 2024-12-03 15:01:43.

Cleo Capital, a Venture Capital firm in NYC, has started a Cybersecurity Accelerator focusing on consumer, infrastructure and defense cyber. Funding comes as part of the accelerator. Definitely worth checking out and applying!

https://techcrunch.com/2024/11/26/cleo-capital-launches-cybersecurity-accelerator-to-help-undo-the-crushing-burden-of-online-threats/

Here's their thesis:

https://www.cleocap.com/blog/cleo-capital-thesis-cybersecurity

Here's the link to apply:

https://www.cleocap.com/accelerator

The original post: /r/cybersecurity by /u/arqf_ on 2024-12-03 14:13:08.

The original post: /r/cybersecurity by /u/niskeykustard on 2024-12-03 13:50:35.

I came across a free training resource that I think is pretty solid if you're interested in AI and LLMs. It’s focused on the OWASP Top 10 vulnerabilities for LLM applications like prompt injection, training data poisoning, insecure plugin design etc. If u've been wanting to get more hands-on experience with securing AI-driven apps this seems like a pretty good opportunity. The content is interactive and practical which to me is a plus.

I’ve done a couple of the exercises and they’re well-structured. It’s the kind of thing I wish was more common in appsec training.

Here’s the link if u’re curious: https://application.security/free/llm

No catch that I can see, it’s free and openly available. Definitely worth checking out if you’re interested in sharpening your skills around AI security. Would be cool to hear what others think of it if you give it a go.

The original post: /r/cybersecurity by /u/tiagorangel2011 on 2024-12-03 12:58:59.

The original post: /r/cybersecurity by /u/mgfvn on 2024-12-03 12:58:14.

builder.Services.AddControllersWithViews(options =>
{
    options.Filters.Add(new Microsoft.AspNetCore.Mvc.AutoValidateAntiforgeryTokenAttribute());
});

If I have this code in my Program.cs-file ^^. Will all my Controller-methods automatically be protected from CSRF and XSS attacks by default? Or do I have to add:

[ValidateAntiForgeryToken]

... infront of all my methods?

The original post: /r/cybersecurity by /u/Comfortable-Site8626 on 2024-12-03 12:53:57.

The original post: /r/cybersecurity by /u/JCTopping on 2024-12-03 12:17:29.

The original post: /r/cybersecurity by /u/zeroansh on 2024-12-03 10:53:02.

An attacker has created a clone of our website on a similar-looking domain. The attacker registered this domain on spaceship.com. The attacker tried to request AWS credit using the fake domain on our investor's ID.

How can we report this activity and get his/her domain expired? Do domain registrars consider this fraudulent enough to suspend that user's domain registration?

The original post: /r/cybersecurity by /u/arqf_ on 2024-12-03 10:22:39.