cybersecurity

16 readers
2 users here now

This subreddit is for technical professionals to discuss cybersecurity news, research, threats, etc.

founded 2 years ago
MODERATORS
551
1
Entry Level Jobs (zerobytes.monster)
submitted 10 months ago by [email protected] to c/[email protected]
 
 
The original post: /r/cybersecurity by /u/fastestcolt on 2024-09-26 16:07:11.

I know there are tons of posts like this, but I would appreciate some advice specific to my current situation.

I graduated last May with a B.S. in MIS and Cyber Security (dual major) and wasn't able to land a job, or even an interview. I got my Security+ Cert my senior year of high school (the class was extremely hands on with installing/configuring servers, Linux, Metasploit, etc.) and retook/passed the test again last December during my last semester of undergrad. I didn't have any internships, but I worked an on-campus helpdesk position the summer going into my senior year until I graduated.

I applied to a ton of jobs but never heard anything back. I was then offered a GA position within the same helpdesk department I was working in, which is currently paying for my M.S. in MIS. In the past several weeks, I've submitted over 150 job applications (found via LinkedIn, Handshake, and campus recruiting) and have heard back from maybe 20% and only 2 of those resulting in interviews (but I don't think they are going anywhere). Majority of these positions are entry-level SOC/Cybersecurity/IT Analyst roles. Additionally, I've done 2 Capstone projects with leadership roles (more SoftwareDev-based projects, not really cyber security). I've even tried using some connections through friends/family that work at companies, but nothing has come out of it.

I'm starting to get pretty nervous considering this is the peak time for recruiting college grads. I don't think I'm overqualified nor underqualified for these positions, but I do think I bring a good bit to the table, in terms of my education and IT work experience, compared to most of the people I've graduated with. I will say, I've been a bit picky on the locations for the jobs I've been applying for, but I feel like it shouldn't be affecting my outcome this much.

Any advice is appreciated, feel free to ask any additional questions.

552
 
 
The original post: /r/cybersecurity by /u/Omgfunsies on 2024-09-26 15:58:37.

I am looking for an all encompassing Egress testing / Tunneling out test script or even a few tools I can chain together to evaluate all the various different paths out of a network from an endpoint.

Endpoint #1 - A windows host with things like secure web gateways / sase tools

Endpoin #2 - a windows host with no endpoint security tools or sase tools deploys

Endpoint 3 - a linux host running kali where we can run whatever.

I know egress buster obviously will test outbound but i'm looking for as many tests as possible. ANy help is greatly appreciated

553
 
 
The original post: /r/cybersecurity by /u/Shit_Could_Be_Worse on 2024-09-26 15:49:54.

Hi all! I’m a project manager currently interviewing for a position in my company’s cybersecurity PM team and I could use some assistance in prepping for the interview. Im PMP certified but my pm experience is in an unrelated field. I’ve been studying up on Percipio on the basics of Cyber, referencing CC cert courses, but I’d love to get some advice from this community. What would be the best areas to focus as a project manager?

554
1
9.9 CUPS RCE (www.evilsocket.net)
submitted 10 months ago by [email protected] to c/[email protected]
 
 
The original post: /r/cybersecurity by /u/Dr_Mantis_Tobbogon on 2024-09-26 20:24:37.
555
 
 
The original post: /r/cybersecurity by /u/PlannedObsolescence_ on 2024-09-26 20:12:48.

EvilSocket has published their initial write-up, detailing the issue(s) with cups.

There are 4 CVEs reserved in there but not yet published by the CNA.

https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/

TLDR: It's bad but not CVSS 9.9 bad (not that the CVE scoring system is flawless...)

556
 
 
The original post: /r/cybersecurity by /u/FlakySociety2853 on 2024-09-26 19:49:26.

Hello everyone!

I’ve been working in security for about 2.5 years now and I’ve always had a great passion for detection engineering.

I wanted some advice about how you would go about writing blogs focused on threat detection specifically in the cloud to be more attractive as a potential detection engineer.

I currently write rules daily in Yara, Sigma, and KQL daily at work.

Thanks in advance!

557
 
 
The original post: /r/cybersecurity by /u/Ixpqd on 2024-09-26 19:44:45.

Hi, I'm currently in my second year as a cyber major, and I've read some things on here and online that say it's better to get a computer science degree. Would it be worth it to switch majors at this point? I chose the BS in cyber without looking into it much because I thought it was a no-brainer, but it seems to be much more complicated than that, and I wish I had looked into it before choosing my major.

(if you look at my profile, I'm also considering transferring schools as well. if anyone can offer input on potential landing spots/whether or not it's worth it, it would be much appreciated!)

558
 
 
The original post: /r/cybersecurity by /u/xanderav1 on 2024-09-26 19:40:31.

Today one of our clients called me about a wire transfer they sent which I had earlier requested in an email. The wire was flagged by our clients bank and he called me and forwarded me the email he received from “us”. The email was identical to the one I had sent however the wire number was altered and the email was slightly different than mine - one letter in the domain was switched around. The attacker also set up a docu sign account for this. He had been going back and fourth with this person for a couple days. How did someone get access to this exact email? Could my email or one of my clients be compromised? Need some advice on what to do going forward.

559
 
 
The original post: /r/cybersecurity by /u/Mother_Membership629 on 2024-09-26 19:38:40.

As the title states, what extra steps are required if one has already gone through the CIS v8. I read something about needing to report to a CSIRT? Anything else I'm missing? Thank you.

560
 
 
The original post: /r/cybersecurity by /u/DeepLimbo on 2024-09-26 19:15:20.

I need a list of tools (or preferably an all-in-one tool) that are FOSS that would support non-profit cyber and IT governance work based on the outcomes listed in the NIST CSF.

I work in ICS Cyber currently. It’s public work, and it’s very fulfilling to me. My job is good to me, and I feel like I’m giving back to my community with the skills I’ve acquired. However, I feel like I want to do more.

I was recently at a volunteering activity for homeless vets, and the topic of cyber was brought up. So many of my own local non-profits have been victims of cyber attacks, and the resources at their disposal to manage, govern, and ultimately secure their IT resources are severely limited.

I offered my own services and time to to at least two related non-profits in one event. It has occurred to me that with such a tremendous need for no-to-low cost cyber and IT support, perhaps I should build my own cyber non-profit to close that gap and meet those non-profits where they are, rather than preying on their need for critical cyber services.

561
 
 
The original post: /r/cybersecurity by /u/Scrimreaper on 2024-09-26 18:52:24.

https://www.theregister.com/AMP/2024/09/26/unauthenticated_rce_bug_linux/

Suppose to be released later tonight, anyone have any insight about this yet?

“Or it could be nothing”

“Doomsday bug” as a name or is this all just someone trying to create hype for themselves?

562
 
 
The original post: /r/cybersecurity by /u/Emotional-Pea4079 on 2024-09-26 18:46:46.

What are common resources to determine how to store and delete data?

563
 
 
The original post: /r/cybersecurity by /u/NormalInjury7544 on 2024-09-26 18:01:35.

Hello, I'm a college student studying system hacking. I recently got curious about writing while doing some 1-Day Exploration. Since I started system hacking on Linux, I've been trying to analyze CVEs in that environment. However, I noticed that many of the Linux CVEs I found on Exploit DB are quite complex and challenging for beginners, especially those related to kernels, browsers, and servers.

So, I started looking into Windows system hacking, and I found that there are simpler targets than I initially thought. I'm currently trying to analyze CVEs for suitable programs on Windows before moving on to more complex targets like kernels or browsers.

Do you think this is the right approach? And could you suggest some good targets to explore before tackling kernels or browsers? I’d really appreciate your insights!

564
 
 
The original post: /r/cybersecurity by /u/Individual-Gas5276 on 2024-09-26 16:59:08.

I’ve recently come across an issue where macOS Sequoia seems to bypass a variety of security tools. It got me thinking – is this something others are noticing too? This vulnerability could leave certain systems exposed, but I’d love to hear if anyone’s had similar experiences or different perspectives on this.

Would be interesting to discuss how this might affect the broader security landscape for macOS users.

565
566
 
 
The original post: /r/cybersecurity by /u/Justin_coco on 2024-09-26 15:18:56.
567
 
 
The original post: /r/cybersecurity by /u/nimbleshield on 2024-09-26 15:13:13.

I’m hoping someone can share what they use for reporting incidents or investigations to stakeholders including leadership. My team has a solution for tracking investigations and incidents, but we default to an email template for communications. This approach is not ideal as we are trying to find consistency across shifts and for it to be quick and streamlined.

568
 
 
The original post: /r/cybersecurity by /u/DigmonsDrill on 2024-09-26 13:32:13.
569
 
 
The original post: /r/cybersecurity by /u/ANYRUN-team on 2024-09-26 12:27:02.

Our team recently found a new ransomware sample called Kransom. It uses DLL sideloading to hijack an .exe file from the popular game Honkai: Star Rail. Check out the detailed sample analysis.

Here's what we know so far:

How It Starts

Kransom spreads through a fake archive with two files: an executable and a DLL file. The executable is signed with a valid certificate from the game’s publisher, COGNOSPHERE PTE. LTD, making it look legitimate.

DLL Side-Loading

Kransom uses DLL side-loading to evade detection. This method loads a malicious DLL into a legitimate application’s process. 

When the "StarRail.exe" file runs, it loads the malicious DLL (StarRailBase.dll), starting the ransomware attack and encrypting the victim’s files.

File Encryption

Kransom encrypts files using a simple XOR encryption with a weak key (0xaa). 

Ransom Note

Once files are encrypted, Kransom drops a ransom note, tricking victims into contacting "hoyoverse," pretending to be the game developer, Hoyoverse.

570
 
 
The original post: /r/cybersecurity by /u/ComfblyNumb on 2024-09-26 12:14:39.

Has anyone out there successfully replaced Guardium with another product? We are just so sick of dealing with IBM and this product just does not work as advertised.

Our main requirement is SOX/ICFR compliance in the context of On-premises and IaaS solutions.

571
 
 
The original post: /r/cybersecurity by /u/Unlikely_Luck_6528 on 2024-09-26 09:19:26.
572
 
 
The original post: /r/cybersecurity by /u/Big-Razzmatazz3034 on 2024-09-26 09:00:09.

I'm seeking advice on effective methods for detecting abnormal traffic patterns in a mobile app that is accessible to the general public. Our app is hosted on a dedicated server, and we want to ensure robust monitoring and quick detection of any suspicious activity.

Could you share your insights on the most common and effective strategies or tools used for this purpose? Any specific metrics or indicators we should focus on?

573
 
 
The original post: /r/cybersecurity by /u/sesler79 on 2024-09-26 08:23:42.
574
 
 
The original post: /r/cybersecurity by /u/SecTemplates on 2024-09-26 05:53:00.
575
 
 
The original post: /r/cybersecurity by /u/lamppos_gaming on 2024-09-26 05:40:01.

I’ve been keeping an eye out for the little-noticed knoxboxes. I was wondering if there’s any vulnerability that comes with them, and if they’re susceptible to common-keys or breaking it and getting all the keys inside for the price of one? It appears that the fire department/EMS/police all have the same key for all the knoxboxes, so that would be hugely insecure if someone would have the key, or somehow be able to pick it/ clone the key. I’ve posted here since r/physicalsecurity doesn’t really have that many people.

view more: ‹ prev next ›