cybersecurity

The original post: /r/cybersecurity by /u/DerBootsMann on 2024-10-03 11:09:54.

The original post: /r/cybersecurity by /u/Jealous-Mistake-1723 on 2024-10-03 09:59:00.

The original post: /r/cybersecurity by /u/milosgajdos on 2024-10-03 09:51:31.

The original post: /r/cybersecurity by /u/mohdaadilf on 2024-10-03 07:47:53.

Been thinking about different attacks this year and I've also been thinking about various events such as the CS outage, the XZ compression backdoor or even the recent pager incident in Lebanon and i can't help but think, "are these security, specifically cyber security incidents?"

With the CS outrage, I'd say it wasn't a security incident but more so an outage due to improper code developement.

The XZ backdoor was found before it had a profound cybersecurity impact and the pager event - whilst it's perplexing, I'm not sure if it falls under cybersecurity? Correct me if I'm wrong here. Given that the pager incident is likely a supply chain attack, I find it difficult to categorise this under cyber - security and perhaps would be more comfortable marking it under information security. But that's just me.

I'm not sure if I'm wrong to label attacks such as the one UK's ministry of Defence had as a cyber security incidents over the other ones mentioned above. Curious to hear what others have to say.

The original post: /r/cybersecurity by /u/sechawk2000 on 2024-10-03 07:47:20.

As the title says, where can I learn Active Directory pentesting? Where did you guys learn it from?

The original post: /r/cybersecurity by /u/NJGabagool on 2024-10-03 02:18:17.

Does anyone have any resources of, of course redacted versions of realistic documentation? Trying to really learn how to write good documentation for SOC2 but would like actual successful documentation to measure myself against.

The original post: /r/cybersecurity by /u/steaspot on 2024-10-03 00:15:53.

Apologies if this question sounds strange. I have multiple people in my life right now who have been talking about a career change into cybersecurity. These have all been men in their 20s or early 30s working primarily customer-facing jobs in the service industry.

Hearing them talk about it, I get the sense that they have a limited knowledge of what the day-to-day work may consist of, and that they also seem to overestimate the current entry-level job prospects. It always seems to be cybersecurity, not general IT or software development.

The original post: /r/cybersecurity by /u/s4b3r6 on 2024-10-03 00:13:21.

The original post: /r/cybersecurity by /u/Pomerium_CMo on 2024-10-02 23:30:54.

The original post: /r/cybersecurity by /u/intelw1zard on 2024-10-02 23:25:20.

The original post: /r/cybersecurity by /u/anynamewillbegood on 2024-10-02 22:50:37.

The original post: /r/cybersecurity by /u/th3d4rkp4ss3ng3r on 2024-10-02 22:07:25.

Hi everyone,

I’m looking into creating some Red Team vs Blue Team cybersecurity sessions, and I’d like to know how these are typically set up. Specifically, I’m curious if there are existing labs or frameworks that can be used, and how to organize these exercises effectively.

I can understand how the Red Team would carry out attacks against a vulnerable server, but I’m a bit unsure about how the Blue Team should operate in real-time during these exercises.

For those who have experience with this, could you share how you develop these scenarios? Are there any recommended platforms or tools to facilitate these sessions? Also, how does the Blue Team typically monitor and respond to attacks in a dynamic, hands-on lab setting?

Thanks in advance

The original post: /r/cybersecurity by /u/KingSash on 2024-10-02 20:55:21.

The original post: /r/cybersecurity by /u/ghac101 on 2024-10-02 20:37:07.

Dear community,

I would need your brainpower.

The last two years we have done two super cool and impactful cybersecurity initiatives from an assurance perspective.

The first idea was scanning the corporate repository for hard-coded credentials and validating if they are still valid to show which kind of internal projects can be breached by anyone within the company that can see the public internal projects.

The second project was a scan of cloud accounts identifying legacy resources, that are not needed anymore posing a security and cost risk to the company. As a result, a cloud monitoring solution was developed for continuous monitoring.

Now, do you have any other cool and impactful ideas that could be fun implementing but still bring the company forward and have an impact.

Thanks a lot for your ideas!

The original post: /r/cybersecurity by /u/Budget_Gene7093 on 2024-10-02 20:15:27.

Original Title: Russian authorities announced Wednesday the arrests of nearly 100 people related to the UAPS payment system and Cryptex cryptocurrency exchanges in an investigation into cybercrime-related money laundering.

The original post: /r/cybersecurity by /u/Miserable-Bank1068 on 2024-10-02 20:10:53.

Hey everyone,

We’ve built an API client that integrates with HashiCorp Vault, Google Secrets Manager, Azure Key Vault, and AWS Secret Store. You can connect, view, and use secrets globally like environment variables, but they aren’t stored in the app, they are just referenced.

• All collections and request data stay stored locally.
• There’s a built-in secret scanner to catch any secrets in your collections.

For enterprise users, we’ve added data redaction at the project level—PII, PHI, and other sensitive info can be automatically redacted based on your needs.

Would appreciate any feedback or questions!

Vs Code Extension : https://marketplace.visualstudio.com/items?itemName=KeyRunner.keyrunner

Windows & Mac Clients : https://keyrunner.app/

The original post: /r/cybersecurity by /u/NudgeSecurity on 2024-10-02 20:00:11.

2025 will be here before we know it, and discussions are starting around 2025 budgeting. Everyone is always very interested in what CISOs are prioritizing in their security budgets, but what types of IT/security tools would you put at the top of your list? What are the biggest headaches you’d like help solving in 2025?

The original post: /r/cybersecurity by /u/KsPMiND on 2024-10-02 18:47:26.

Hello everyone,

I work for a software company and we're having a small internal debate with the SRE team and devs. So from a security infrastructure perspective, our ecosystems have been counting on XDRs and SIEMs for a while. We know the top players in the market.

But with the devops rise over the years, and the SRE teams taking over the operational side of the cloud workloads in a lof of enterprises, the use of observability platforms rise also.

Datadog, New Relic, Dynatrace and the like are all trying to become security SIEM contenders.

All companies want to simplify their application stack and reduce their budget.

What would you say to a company that wants to merge observability infrastructure with security ? Among other issues, do you see the same confidentiality issue as me? Am I the only one to see a huge risk there ?

The original post: /r/cybersecurity by /u/Ghawblin on 2024-10-02 18:12:24.

I've basically used up all of the templates that already exist in my phishing tool. I could sit down and make my own, and I already have a mechanism to capture 'real' ones that make it through my spam filter, but my spam filter is so good that I only end up getting 1 or 2 a quarter.

I've tried googling around but can't find any good libraries. I've tried using co-pilot/chatGPT to make some, and they're pretty ok, but after the 3rd or 4th one you notice they all look the same lol.

Was wondering if there's a good place that documents "popular" and "in-the-wild" phishing emails and turns em into templates.

The original post: /r/cybersecurity by /u/vitalikmuskk on 2024-10-02 18:11:50.

The original post: /r/cybersecurity by /u/Technical-Praline-79 on 2024-10-02 18:10:13.

The build up...

I know I should probably just use the search function. Because this has probably been asked before, but my post is a little different...

I'm looking to learn AI in the context of cyber security, but only because hype, right. I honestly have very little interest in it (probably very narrow view, I know), it really just doesn't do it for me.

Only reason I'm looking to get better acquainted is because it seems as though it's the smart thing to do to at least look like I'm trying to future-proof my career.

Up to now I've been very fortunate in my career to always just kind of keep doing what I'm doing and enjoying it, often before whatever I work with becomes the "in thing". With this I feel somewhat on the backfoot. Almost as though I haven't had enough double pump pumpkin spice lattes in my life (or whatever the hip kids are drinking nowadays).

So finally the drop...

What do I do? What are the go-to resources that'll give me a sound enough primer to at least not look like an absolute muppet.

Has anyone gone through any of the SANS training on this? I see Oxford online has a course too. Are there any golden nuggets that I can tap into?

Thanks in advance

The original post: /r/cybersecurity by /u/Optimal-Discussion42 on 2024-10-02 17:11:39.

Any freelancers here that did cybersecurity such as pen testing or analyst gig? I need someone to point me into the right direction as far as how I can get started and what I would need for success. All I want to know is if a good laptop (I have ASUS) and the knowledge needed for what I want to do is good enough? Same for data visualization and analysis/science.

Edit: I forgot to add some background. I am currently in the Army as an Information Technology Specialist and possess a secret clearance with a CompTIA Security+ CE certificate

The original post: /r/cybersecurity by /u/TiredSOCAnalyst on 2024-10-02 16:33:53.

As per the title, looking for some insight from active analysts on the amount of alerts you do on average per day.

Thank you.

The original post: /r/cybersecurity by /u/jeepx19 on 2024-10-02 16:02:38.

Later this month, I have the opportunity to present at a local High School Career Fair on a career in Cybersecurity. One of the fun aspects of this presentation is that we get to have a "hands on" component to the presentation. The kids have access to computers/Chromebook.

Does anyone have any great ideas on how I could give the kids a chance to "Work in cybersecurity" for 15-20 minutes but not make it so overly complex that it takes 20 minutes to stand up the demo? I work in SecOps on a smaller team at a midsized private org, and as a result have my hands in a little bit of everything when it comes to Cybersecurity controls.

Thanks in advance for the suggestions!

The original post: /r/cybersecurity by /u/rawt33 on 2024-10-02 15:34:06.

Hi all,

I am new to cybersecurity and wanted to know more about microsegmentaion. So far I know it’s used for segmenting environments like production and development but not sure what else is possible. What are some concepts or strategies I could use microsegmentation to protect my environment?