cybersecurity

16 readers
2 users here now

This subreddit is for technical professionals to discuss cybersecurity news, research, threats, etc.

founded 2 years ago
MODERATORS
26
 
 
The original post: /r/cybersecurity by /u/arqf_ on 2024-12-03 10:18:37.
27
 
 
The original post: /r/cybersecurity by /u/Shiny_birdyy on 2024-12-03 10:06:48.

What are your thoughts on this system?

  1. I have a main KeePass database (strong Master password + YubiKey 2FA)

1.1. I have a backup of the database on my Desktop + (2x USB sticks, encrypted cloud drive) 2. I have 3 YubiKeys stored in different locations (Each of them can unlock my database)

2.1. All 3 recovery phrases of the Yubikeys are stored on the KeePass database. 3. Also, I have 2 encrypted USB stick that contains

  • All 3 recovery phrase of the YubiKeys

  • the password for the encrypted USB stick is stored on my Database as well

  • (+ 2-3 backups USB+ file on a cloud)

  1. I will store sensitive data like a crypto seed phrase in the database as well

(I will change the order of the words with my own mental encryption algorithm)

I have to remember:

ONLY the master KeePass password (and use a YubiKey as 2FA)

My safety:

If someone gets my database, they can't access it without the Yubikey.

If I lose the database or yubikey -> I have backups

If someone (through keylogger/malware) or something gets into my database, they cant get my crypto seed phrases (as they are encrypted with my own "encryption")

My question:

Is this a valid approach? Is it safe to have a strong master pw + 2FA and store EVERYTHING else on that database?

I also will do this on a new MacOS user profile, to minimize the risk of viruses or something.

Do you have suggestions/improvements/simplifications while maintaining a high security?

Thanks!

28
 
 
The original post: /r/cybersecurity by /u/Such-Phase-6406 on 2024-12-03 09:34:35.

I was going through my notes and by God's grace, I found my notes on 25 Techniques for Windows Privilege Escalation. I took them and rephrased them, added some extra details, and included some useful free labs that will benefit you when you work on them

https://karim-ashraf.gitbook.io/karim_ashraf_space/writeups/windows-privilege-escalation

29
 
 
The original post: /r/cybersecurity by /u/james_smith236 on 2024-12-03 09:18:02.
30
 
 
The original post: /r/cybersecurity by /u/AflatonTheRedditor on 2024-12-03 09:05:40.

We've heard several times that dark-net forums like breachforums and deepdotweb were seized by the FBI. How do that work? I'm not talking about the forum's reach through the darknet, but from clear net (e.g. breachforums.is). Does the FBI have control over any registered domain? if no, what do they do? they tell the registrar to take that domain off?

I know that taking off a domain name doesn't necessarily mean taking down the forum's structure, because at the end the domain name is just the gate to that website, not the website itself, but I'm just curious on how seizing domains works.

There are a lot of illegal websites out there that aren't seized and I'm wondering how that works. The owner of the owner of the website buys the domain name from a registrar, so technically the registrar should have control over the domain name in case this website was used for illegal stuff and so on. So how are illegal websites still operating?

31
32
 
 
The original post: /r/cybersecurity by /u/nn11nn22 on 2024-12-03 08:10:44.

Hi everyone,

I just started a new job as an OT Cybersecurity Analyst at an oil company. My background is in IT, and I have eCPPT and CCNA certifications. I was initially planning to build a career in IT cybersecurity, but now I’m not sure if I should stay on this path or make a shift.

To be honest, I’m not sure if I want to spend my career in environments where I need to wear a helmet and gas detector all the time. I’m thinking about getting the OSCP certification and moving to IT cybersecurity, but I’m also curious if there’s a way to grow into a role like an OT consultant in the future.

I would love to hear your thoughts or advice if you’ve been in a similar situation. Any guidance would mean a lot!

33
 
 
The original post: /r/cybersecurity by /u/CloysterBrains on 2024-12-03 06:15:27.

Interested in stories about APTs, cyber espionage and similar.

Are there any great, recent (2023-24) books in a similar vein to any of the below?

  • Sandworm by Andy Greenberg
  • American Kingpin by Nick Milton
  • Tracers in the Dark by Andy Greenberg
  • Countdown to Zero Day by Kim Zetter
  • Hacker and the State by Ben Buchanan
  • The Cuckoos Egg by Clifford Stoll
  • The Art of Invisibility by Kevin Mitnick
34
 
 
The original post: /r/cybersecurity by /u/PepeTheGreat2 on 2024-12-02 23:49:54.

What the title says, and IMHO that is bad.

With old SRP, you could easily set the rules for: where the user has write access, he has NOT execute rights. Clean and easy. Stopped dead on its tracks 99,999% of ramsomware and viruses.

Now with App Locker you cannot do that, you have to create complex rules to allow/disallow program execution based on the program's attributes (the signer of the program, whatever).

I think this change is because now Google and Microsoft are adamant on running some of their softwares FROM the user's profile, instead of from %ProgramFiles% (Microsoft Teams, I see what you did there; Google Chrome sneaking into non-admin user profiles, you player of dirty tricks).

So Microsoft now in Windows 11 is KILLING "Software Restriction Policies", which were working fine and dandy since the Windows XP Professional days. As an example, I have bookmarked this Microsoft article:

https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain

..whiich now points to a different content where "Software Restriction Policies" have been "cancelled" and the article is now just a hype piece on App Locker. So sad.

I'm getting out of Windows Endpoint Management as soon as I can, it's going to become a total shitfest, I'm afraid.

35
 
 
The original post: /r/cybersecurity by /u/0110111001101111 on 2024-12-02 23:23:10.
36
 
 
The original post: /r/cybersecurity by /u/arqf_ on 2024-12-02 23:08:08.
37
 
 
The original post: /r/cybersecurity by /u/arqf_ on 2024-12-02 23:07:45.
38
 
 
The original post: /r/cybersecurity by /u/DrewplayzBuilder on 2024-12-02 22:52:09.

Hi, I am planning on pursuing an IT degree with a concentration on Cybersecurity. It required some of the hardest math classes I have ever seen. Statistics and Discrete Mathematics. I struggle with Math due to my learning disability and this is going to make it way worse. Should I just get a certificate and abandon the degree? I want to work in Digital Forensics.

Why do I even need to take these classes for the IT degree I want. Sure I understand the use of it when it comes to data analysis but for Cybersecurity? Please let me know what you think.

39
 
 
The original post: /r/cybersecurity by /u/alexmacarthur on 2024-12-02 22:01:42.
40
 
 
The original post: /r/cybersecurity by /u/WiseTuna on 2024-12-02 20:58:36.
41
 
 
The original post: /r/cybersecurity by /u/JCTopping on 2024-12-02 20:51:20.
42
 
 
The original post: /r/cybersecurity by /u/BST04 on 2024-12-02 20:43:54.

Hi everyone,

I’ve recently put together a repository on GitHub that collects and organizes a wide range of cybersecurity resources: cybersources.

The repo is designed to be a go-to resource for cybersecurity professionals, students, and enthusiasts. It includes:

  • Tools for penetration testing, incident response, and network monitoring.
  • Guides and tutorials for enhancing cybersecurity knowledge.
  • References to industry best practices and standards.

Whether you’re looking for practical tools or just getting started in the field, I hope you’ll find it helpful.

Feel free to check it out, contribute with suggestions, or open a pull request if you have valuable resources to share.

Let’s build something great together for the cybersecurity community! 🚀

👉 Link to the repository

I’d love to hear your feedback or ideas for improving it. 😊

43
 
 
The original post: /r/cybersecurity by /u/Ok_Tough2160 on 2024-12-02 19:59:38.
44
 
 
The original post: /r/cybersecurity by /u/arqf_ on 2024-12-02 19:33:51.
45
 
 
The original post: /r/cybersecurity by /u/arqf_ on 2024-12-02 19:33:15.
46
 
 
The original post: /r/cybersecurity by /u/Novel_Negotiation224 on 2024-12-02 18:59:54.

Original Title: A new phishing attack has been detected that takes advantage of Microsoft's Word file recovery feature by sending corrupted Word documents as email attachments, bypassing security software and fixing the application due to the corrupted state of these documents.

47
 
 
The original post: /r/cybersecurity by /u/Inevitable-Air2143 on 2024-12-02 17:47:40.

I landed my first job as a DevSecOps engineer, but after a year working as DevSecOps Engineer I find it somewhat uninteresting. I want to move into core security roles like Security Engineer or Penetration Tester. I'm planning to pursue the OSCP certification next year. Any advice on making this switch?

48
 
 
The original post: /r/cybersecurity by /u/ritawonders on 2024-12-02 17:44:26.

I've got a SOC Level 1 interview. I'm a recent computer science graduate with cybersecurity training in a 4 month bootcamp and a security+. Is there any tips/advice that could help me for the interview? Thank you!

49
 
 
The original post: /r/cybersecurity by /u/SameBag46 on 2024-12-02 17:30:59.

Hello, I have a small company (far from 300 users, just to clarify, haha!). Currently, I have an antivirus for the PCs I use, which is Bitdefender GravityZone. I use it on all PCs and an HP microserver that I use to manage some tasks. I manage everything from the cloud console. Honestly, it seems like a very good antivirus, powerful, and it truly makes me feel protected.

I also have Microsoft 365 in its Basic and Standard versions.

I am analyzing the costs of Bitdefender and Microsoft 365, and the price is similar to that of Microsoft 365 Enterprise E3 + Teams. So, if I cancel Bitdefender and migrate my licenses to M365 E3, the cost I pay would be the same. Yes, I will need the features of a better license, Entra ID, etc.

My question is: Is the Microsoft Defender Business version a good option or comparable to Bitdefender GravityZone in terms of protection against ransomware, malware in general, and everything related to antivirus?

I don’t need features like browsing restriction or filtering, which Bitdefender provides, because I recently acquired a firewall, a SonicWall TZ570 with licensing. That part is now managed from there, so I no longer need it in the antivirus.

What I would like to know is how good Microsoft Defender Business is (not the stock version that comes pre-installed on Windows) compared to a paid antivirus like Bitdefender.

Does anyone have experience to share or a source where I can check an analysis?

50
1
IPFS phishing (zerobytes.monster)
submitted 7 months ago by [email protected] to c/[email protected]
 
 
The original post: /r/cybersecurity by /u/i3130002 on 2024-12-02 17:15:46.

I came across an email that is a scam hosted on IPFS.

How can I protect my organization form phishing attacks like this?

Link: (Hyper link removed intentionally)

urlscan.io/result/f3504b49-e1b9-4a94-bf35-b45030d55359

view more: ‹ prev next ›