cybersecurity

The original post: /r/cybersecurity by /u/gurugabrielpradipaka on 2024-12-01 22:02:46.

The original post: /r/cybersecurity by /u/Papo_Dios on 2024-12-01 21:57:34.

Go!

The original post: /r/cybersecurity by /u/Warm-Smoke-3357 on 2024-12-01 21:44:44.

I'm looking for a good report or technical article that can provide stats and figure about how much space web applications occupy in the cybersecurity field. How many attacks target web applications in average? Are they the main vector of attacks nowadays beyond phishing?

Generally when enterprises protect their assets these assets are enterprise networks, endpoints, devices, users data and sensitive data. But do you know what is the average part of web applications among these assets? Depending on the size of the enterprise of course but usually even the small ones have at least a landing page built with a CMS to get an online presence, I guess...

Now with the cloud SaaS have became a trend so I suppose many enterprises expose some data online through a web application or API.

Is it worth it to specialize in application security (defensive or offensive) regarding the fast evolution of cybersecurity? Between offensive app sec and defensive app sec which one would you recommend in term of career growth and opportunities, salaries. If you are a web app pentester or an analyst specialized into web DFIR your testimonies are welcome.

Thanks!

The original post: /r/cybersecurity by /u/Constant_Passage1765 on 2024-12-01 20:13:44.

I don’t want to endlessly apply to every job I see on LinkedIn and other websites and I do t know anyone in the cyber security field what could I do to find a job?

The original post: /r/cybersecurity by /u/g0nzaGo01 on 2024-12-01 19:33:15.

Hello Cybersecurity community,

So I'm currently assigned to a project on selecting a brand new Vulnerability Management solution for my employer and I've already received a demo from each vendor, Tenable and Rapid7. But of course as well all know a demo is going to be mostly flawless and I'm sorta stuck on which product to go with.

What I'm looking for is everyone else's opinion and experience with each of the products if you have any. Your input, opinion and experience would be most appreciated.

The original post: /r/cybersecurity by /u/Excellent_Analysis65 on 2024-12-01 19:23:19.

The original post: /r/cybersecurity by /u/Constant_Passage1765 on 2024-12-01 19:18:05.

Should I get a bachelor degree in cyber security or should I pursue other certificates such as the CompTIA security and network the Google course for cyber security and also possibly the OSCP?

The original post: /r/cybersecurity by /u/sigma1914 on 2024-12-01 17:39:23.

We are about to embark on a POC for their NDR solution. I've seen negative feedback on the sub, but i assume the ones happy with the product aren't speaking up.

From a technical point, what has it missed or are pain points, and what can it do really well?

We have 30 days to test it and I need to provide my manager a technical update.

The original post: /r/cybersecurity by /u/Significant_Role6419 on 2024-12-01 17:16:40.

The original post: /r/cybersecurity by /u/Sloky on 2024-12-01 16:58:38.

Hi everyone!

Followed up on a phishing email with malicious PDF containing the Rhadamanthys infostealer and using Censys was able to pivot and uncover additional malicious infrastructure

https://intelinsights.substack.com/p/gone-phishing

The original post: /r/cybersecurity by /u/pigpentcg on 2024-12-01 15:51:47.

The original post: /r/cybersecurity by /u/arqf_ on 2024-12-01 15:29:31.

The original post: /r/cybersecurity by /u/Equal_Muffin_9402 on 2024-12-01 15:18:45.

I've been digging a bit into the Kerberos protocol and wanted to clarify a couple of points.

From my understanding, Kerberos is only concerned with authentication, and implements no authorization (aside from the Privileged Attribute Certificate (PAC) extension). This implies any user can request a service ticket for any service; given a valid TGT the TGS will always return a service ticket for the user (which is the basis for Kerberoasting). If this is all correct:

1. What is the point in the TGS? Why can't we cut the TGS out of the protocol and instead pass TGT tickets to services directly?
   • Edit: Thinking about it, the TGT is the authentication credentials of the user, passing these directly is basically unconstrained delegation - which enables a service to impersonate the user, not ideal.
2. What's the most common solution to implement authorization? Does every organization end up rolling its own solution to which services are implemented to query? It feels as though the TGS would've been a pretty logically place to implement (some) authorization (although I can see why we need to offload some authorization to services in order to get more granular access control).
3. In the PAC extension, it seems like the service verifies the authorization details contained in the TGT (e.g user group info) by querying the DC with a KERB_VERIFY_PAC message. However, I'm not sure why the service can't just trust the data contained within the ticket and save the extra query to the DS - the details have been encrypted using the password of the KRBTGT user. If the user could have tampered with these details then they could've spoofed the whole ticket all together.
   • Edit: I guess there's some argument to make that by requerying the TGT you mitigate the risk of stale authorization information (although I don't think there's anything to prevent stale authentication info - TGTs will stay valid until their expiry, regardless of changes to the user information on the DC?)

Thanks!

The original post: /r/cybersecurity by /u/mrt1416 on 2024-12-01 15:08:15.

Anyone attended this conference? What is the vibe? I mostly attend computer science academic conferences but am going to this one with a colleague. Curious if it’s as casual as typical CS education / cybersecurity conferences or more stuffy since it’s NIST?

(Searched the sub but not much about this conference)

The original post: /r/cybersecurity by /u/No_Zookeepergame7552 on 2024-12-01 14:33:47.

I’ve noticed with many of my mentees that one of the biggest struggles to become proficient in offensive appsec (e.g., pentesting) is the lack of structure. There’s so much to learn, from basic concepts like the OWASP Top Ten to more advanced topics like secure coding practices, threat modeling, or pentesting. Without clear guidance, it’s easy to feel confused and overwhelmed.

I’m curious—what’s been your biggest pain point when learning offensive application security? Was it the sheer volume of topics, lack of practical resources, or something else entirely?

Would love to hear about your experiences and how you overcame them (if you did).

The original post: /r/cybersecurity by /u/Dry_Abbreviations285 on 2024-12-01 14:26:17.

I would like to stop being a teacher and go into cybersecurity. What is the least expensive way to land a credible well paying job? Any free books, courses, links or resources to get a semblance of a degree

The original post: /r/cybersecurity by /u/CryThis6167 on 2024-12-01 14:21:24.

So I did some digging:

The so-called "cybersecurity skills gap" often feels contradictory when so many qualified professionals can’t seem to find jobs. From what I’ve seen, the issue isn’t a lack of people—it’s how companies approach hiring.

Here’s the paradox: many organizations focus on poaching talent from a small pool of top-performing teams instead of investing in training or bringing in junior professionals to build a sustainable talent pipeline. This creates a bottleneck where they compete for the same 10% of skilled candidates while overlooking others who could excel with the right support.

On top of that, job postings often ask for "unicorns" with extensive experience and certifications that don’t even match what’s actually required for the role. This discourages capable candidates who don’t check every unnecessary box.

I’m digging into this more in my research, but let me know what you think about this?

The original post: /r/cybersecurity by /u/msotela on 2024-12-01 13:54:03.

https://theobjective.com/espana/2024-12-01/agencia-tributaria-ciberataque/

The original post: /r/cybersecurity by /u/mooreds on 2024-12-01 13:50:07.

The original post: /r/cybersecurity by /u/100bhat on 2024-12-01 13:18:42.

Why haven’t they been fixed?

The original post: /r/cybersecurity by /u/CodeBlackVault on 2024-12-01 08:49:39.

The original post: /r/cybersecurity by /u/Such-Phase-6406 on 2024-12-01 07:59:52.

I studied the book "Picus The Complete Active Directory Security Handbook" some time ago, and it was one of the best resources I came across when I first started studying Active Directory (AD). I have reorganized my notes and created a summary of the book, including all the attacks along with their mitigations, and added some extra helpful points. In the final section, you’ll find the references from the book, which include a total of 51 references.

• https://karim-ashraf.gitbook.io/karim-ashraf-workspace/writeups/the-complete-active-directory-security-handbook

The original post: /r/cybersecurity by /u/Znjus on 2024-12-01 07:52:43.

Hello everyone, I am starting the process of going through updating my resume with personal projects in order to show relevant skills/knowledge besides going through certifications. I have just completed my first project of setting up Active Directory and assigning roles to users and stuff. And I will be starting a cybersecurity specific lab soon. I want to document the process and put this project into my resume. So I have the following questions

1. Where and how would you store and show off the documentation? Would Google docs be sufficient enough or putting it on a website? What steps would you suggest?
2. Do you have any suggestions on projects that I should do? The next project that I will be doing is following instructions to create a cybersecurity lab in the below link but I would be more then happy to get some recommendations for another project I should be doing. As of right now I want to focus on getting to know Splunk more and STIG's.

Upcoming Project:

https://www.youtube.com/watch?v=XIvn0ZDSmKA

The original post: /r/cybersecurity by /u/Plenty_Contact9860 on 2024-12-01 06:44:26.

The original post: /r/cybersecurity by /u/digicat on 2024-12-01 06:09:02.