cybersecurity

The original post: /r/cybersecurity by /u/ilan__music on 2024-12-02 17:02:49.

Hey Reddit! 👋

My group created a short skit video to encourage everyone to use password managers and keep their accounts secure. It's a mix of humor and real advice, designed to be relatable for all ages—from teenagers to grandparents.

👉 Watch the video here 👉 Take the survey here

Your feedback is super important! The survey only takes 2 minutes and helps me understand how effective the video is.

If you’ve ever struggled with passwords or have tips of your own, drop a comment below! Let’s make the internet a safer place together. 🚀

Feel free to share the video with friends or family who could use a little password management inspiration. Thanks for watching! 😊

The original post: /r/cybersecurity by /u/gurugabrielpradipaka on 2024-12-02 16:13:11.

The original post: /r/cybersecurity by /u/lost_greentea_leaf on 2024-12-02 15:43:40.

hiiiii I’m a student currently working on a project involving designing a new key management for iot-based Wireless Sensor Networks , with a focus on developing a self-healing mechanism and ntegrating ai in the scheme.

.I’ve come across various key pre-distribution and post-deployment schemes, but most of them aren't for iot-wsn and have not approached the self-healing aspect and those that did, are very old and often not used rnw .

i would love to ask someone who has a knowledge on the topic : How do you typically design or implement self-healing key management in IoT/WSN systems and has anyone used AI or machine learning to enhance key management and self-healing processes, especially in resource-constrained environments like IoT?

I’m also particularly interested in practical approaches and real-world implementations. If you have experience or know of papers/resources on this topic, I’d really appreciate your input! thanks in advance

Thanks in advance!

The original post: /r/cybersecurity by /u/galchock on 2024-12-02 14:05:55.

Researchers in Clutch Security deliberately leaked cloud service secrets in controlled environments to measure the effectiveness of rotation policies.

Findings demonstrate that leaked credentials were consistently exploited within seconds of exposure, regardless of rotation intervals, across Cloud, VCS, and CI/CD environments.

Key observation: Attack automation operates at machine speed, with credential harvesting tools continuously scanning for and exploiting exposed secrets. Traditional rotation policies proved ineffective as attack frameworks automatically adapted to new credentials.

Read more at https://go.clut.ch/m7t

The original post: /r/cybersecurity by /u/100bhat on 2024-12-02 14:03:31.

Was it always like that?

The original post: /r/cybersecurity by /u/PizzaGod707 on 2024-12-02 13:34:51.

Hi guys,

I’m about to graduate in May with a bachelor’s degree in cybersecurity, and I have the opportunity to pursue a master’s degree in Business Leadership & Management at my current school for only around $5k because my mom works there. It would take one year, and I could do it online if I wanted.

Here’s a bit more about my situation:

• I already have the trifecta (A+, Network+, Security+), and I’ve completed an IT internship. I’m currently looking to get a cybersecurity internship this summer.
• I’m feeling a bit burnt out from school and not sure if I should push through or take a break.
• I’m unsure how useful a master’s in Business Leadership & Management would be in the cybersecurity field.
• Ideally, I’d prefer a graduate degree more directly related to cybersecurity, but my school doesn’t offer anything like that right now.
• There’s been talk about a cybersecurity and AI master’s degree at my school, but I don’t know if or when it will actually happen, and I’m not sure it’s worth waiting for something so uncertain.
• I’m debt-free right now and don’t want to take on loans if I pursue a more expensive, cyber-focused degree later.

The degree is undeniably cheap, and it seems like a good deal, but I don’t want to commit to something that might not help me in my career goals. At the same time, I’m hesitant to wait for a degree that may never materialize.

Would this master’s help me stand out in cybersecurity, or should I focus on gaining experience and certifications instead? Any advice would be greatly appreciated!

The original post: /r/cybersecurity by /u/z3nch4n on 2024-12-02 12:43:28.

The original post: /r/cybersecurity by /u/IntelligentBunch999 on 2024-12-02 12:42:25.

What do you think about the future of hacker groups? With the advancement of ai are hacker groups affected attacks complicate or is it getting simpler like prompt injection? I'm not tell about little teenager groups. I mean apt groups activities. Are all of this will continue complicated attack scenarios with PEOPLE or only ai.Like, a apt group creating That zero day finder ai model instead of manually reversing and searching the vulnerability. Like this you don't have to be Cyber security expert. you only need to medium level ai engineering experience and enough level data. additionally This scenario is valid for Cyber security sector.

The original post: /r/cybersecurity by /u/z3nch4n on 2024-12-02 12:42:16.

The original post: /r/cybersecurity by /u/Jealous_Attorney7382 on 2024-12-02 12:42:09.

I have an offer from crowdstrike US and I have 2 questions: 1- how's the performance management 2- what would be the severance package in case of layoff Asking because currently I'm working in stack ranking company

The original post: /r/cybersecurity by /u/z3nch4n on 2024-12-02 12:41:04.

The original post: /r/cybersecurity by /u/tekz on 2024-12-02 12:10:59.

The original post: /r/cybersecurity by /u/Curious-Ad3666 on 2024-12-02 11:58:36.

I'm trying to learn how to find vulnerabilities in devices and exploit them. The problem is that I have Kali installed as my native operating system, and I don't want to set up a new Kali machine. However, I also want to isolate the Metasploitable device. Is it possible to run Kali as a native OS and run Metasploitable as a virtual machine?

The original post: /r/cybersecurity by /u/starfall_327 on 2024-12-02 11:53:13.

Hi everyone!

I'm currently in a bit of a dilemma and would love to hear your thoughts. I'm planning to change careers and move from forensic science to IT, specifically in the field of cybersecurity. I’ve been doing a lot of research about pursuing a master’s degree in either IT or cybersecurity in Australia, but I’m unsure which path would be more beneficial for someone making this kind of career shift. I’ve always had a keen interest in technology, and my forensic science background has given me strong analytical and problem-solving skills, which I believe will be valuable in IT.

I’m aware that cybersecurity is a growing field, especially with the increasing number of cyber threats worldwide. But is it better to start with a general IT degree and specialize later, or should I dive straight into a specialized cybersecurity program? As someone transitioning from a completely different field, what steps can I take to make myself stand out in the Australian cybersecurity job market? What skills, certifications, or experiences should I focus on to ensure I’m on the right track?

I’d appreciate any advice, particularly from those who have made a similar career shift or from professionals in IT and cybersecurity. Looking forward to your insights!

Thanks!

The original post: /r/cybersecurity by /u/Brtza94 on 2024-12-02 11:08:43.

Hi all,

I want to start with some online seminar like Udemy etc. Any suggestions with which topic to start, because Cybersecurity is really wide :)

Maybe network security ?

Thanks

The original post: /r/cybersecurity by /u/barakadua131 on 2024-12-02 10:45:01.

The original post: /r/cybersecurity by /u/Techplained on 2024-12-02 10:35:36.

Let’s just admit that Cyber Essentials is a complete load of bollocks. The people behind it clearly have no idea what they’re talking about. In trying to meet their arbitrary requirements, I’m actually making my systems less secure. Why? Because they’re stuck in the past and refuse to accommodate any modern technology or provide sensible ways to work around their outdated nonsense.

Case in point: they require that if I log into a server and try to run something as admin, it must prompt for credentials. So now I’m supposed to let everyone know the admin password for the server? Brilliant, right? Meanwhile, my current setup is way more secure—it uses almost passwordless access through single sign-on, behind layers of multi-factor authentication. The person accessing the server doesn’t even know the admin password because they don’t need to. Sure, they could technically go find it if they had to, but that’s beside the point.

The people who wrote these rules have no clue, and to make it worse, they give you absolutely no way to challenge or prove their decisions are fundamentally flawed. It’s infuriating.

The original post: /r/cybersecurity by /u/arqf_ on 2024-12-02 09:34:23.

The original post: /r/cybersecurity by /u/Michi_am_Start on 2024-12-02 07:14:45.

Our Network Tech teacher gave us our test for next week in a 7z with a password. He said the Password is part of the most well known rainbowtable list. Does anyone know what he could mean by that?

The original post: /r/cybersecurity by /u/Due-Cancel8357 on 2024-12-02 03:24:24.

Hello! I’m new to reverse engineering and recently got really interested in CTFs, especially Rev challenges. However, I often get stuck and struggle to make progress no matter how much time I spend analyzing the code.

Does anyone have recommendations for resources that helped you improve at Rev challenges?

The original post: /r/cybersecurity by /u/Future_Repeat_3419 on 2024-12-02 01:36:08.

Do you find yourself doing one of these or all three?

1 - Cybersecurity engineer: implementing strategies, tools, configurations 2 - SOC analytics: day to day troubleshooting and monitoring 3 - IT security compliance: Data Privacy, PCI DSS, Internal Audit

Is asking one person to lead all of these unreasonable?

The original post: /r/cybersecurity by /u/DeceptiveRat on 2024-12-02 07:03:16.

I've been trying to find discord servers like that, but it's difficult to tell which servers are active and which aren't with Disboard or other similar websites. Any help would be appreciated thanks!

The original post: /r/cybersecurity by /u/Defiant-Hotel-8049 on 2024-12-02 06:10:51.

The original post: /r/cybersecurity by /u/AutoModerator on 2024-12-02 00:00:11.

This is the weekly thread for career and education questions and advice. There are no stupid questions; so, what do you want to know about certs/degrees, job requirements, and any other general cybersecurity career questions? Ask away!

Interested in what other people are asking, or think your question has been asked before? Have a look through prior weeks of content - though we're working on making this more easily searchable for the future.

The original post: /r/cybersecurity by /u/Techatronix on 2024-12-01 23:17:38.

What is the word on this certifying body? They have a bunch of certs. I guess their CISSO is their equivalent to the CISSP. Is their stuff worth a damn?