CyberSecurity – What are some things that get a bad rap, but are actually quite secure?

Proxy vs VPN

CyberSecurity - What are some things that get a bad rap, but are actually quite secure?

CyberSecurity – What are some things that get a bad rap, but are actually quite secure?

Cybersecurity is an important issue for everyone, from individuals to large organizations. There are many things that get a bad rap when it comes to cybersecurity, but that doesn’t mean they’re not secure. For example, PGP (Pretty Good Privacy) is a method of encrypting emails that is considered to be very secure. However, it can be difficult to set up and use. Another example is using very long passwords that are actually a sentence. This may seem like a security risk, but it’s actually more secure than a shorter password because it’s more difficult for hackers to guess. Additionally, changing the default port for certain services like databases can help to prevent hacking. Unplugging the ethernet cable may also seem like a security risk, but it’s actually one of the most effective ways to prevent data breaches. Finally, browser password managers are often considered to be insecure, but they’re actually quite secure if used properly. Cybersecurity is an important issue, and there are many things that can be done to help prevent hacking and data breaches.

There are a lot of CyberSecurity myths out there. People think that X, Y, and Z are the most secure way to do things when in reality, they are the least secure. The biggest myth is that PGP is unbreakable. PGP has been broken many times and is not a reliable form of CyberSecurity. Another myth is that very long passwords are secure. The problem with very long passwords is that they are difficult to remember and often get written down somewhere. If a hacker gets ahold of your password, they can easily access your account. The best way to prevent CyberSecurity breaches is to use MFA, OAuth, and two-step verification whenever possible. These methods make it much more difficult for hackers to gain access to your accounts. While they may not be foolproof, they are the best CyberSecurity measure available.

1- PGP

PGP is a Form of Minimalism

As a protocol, PGP is surprising simple. Here is what happens if you want to use it to securely send a message to someone:

  1. You get from them a PGP identity (public key). How you do that is entirely up to you.
  2. Your PGP program uses that identity to perform a single public key encryption of a message key.
  3. Then the message key is used to encrypt the message which is added to the encrypted message key to make the encrypted message.
  4. Your correspondent does the opposite operations to get the message.

If you want to sign your message then you:

  1. Hash the message.
  2. Do a public key signature operation on the hash and attach the result to the message.
  3. Your correspondent checks the signature from your PGP identity, which they have acquired somehow.

The simple key handling is where the minimalism comes from. It is why PGP can be used in so many non-email contexts.

As a contrast, consider the Signal Protocol for instant messaging. I will not attempt to describe Signal in any detail as I would get parts of it wrong. It would also make for a pointlessly long article. There is a high level description of the Signal protocol here. None of the following comments are intended to be critical, they are intended to give an idea of the level of complexity of the protocol in total:

  • Signal has at least 2 systems for creating forward secrecy. Each system requires a system to deal with loss of synchronization.
  • A Signal session requires the storage and maintenance of a lot of state information.
  • Signal normally uses a server based “prekey” system to deal with the case where a client is offline and thus is unable to negotiate.
  • Signal achieves partial deniability with a triple Diffie-Hellman key exchange. OpenPGP achieves complete deniability by not signing the message in the first place.
  • Supporting the Signal protocol in practice requires a separate system to store and protect past messages1). Since this is at odds with forward secrecy such a system will end up with a system to delete old messages.

The Signal Protocol is built on ideas from the Off the Record (OTR) protocol. Interestingly enough, OTR was intended to improve PGP by adding extra functionality. Signal adds functionality on top of the OTR functionality. So Signal could be considered the result of an attempt to improve something by making it more complex.

I believe that reliability and security are best achieved with simple systems. OpenPGP is a standard that describes such a system.

2- Very long passwords that are actually a sentence

It could be bad if you just came up with it and forget it, and people think it’s bad if it only has lowercase and no numbers or punctuation. But a 5-6 word sentence could be quite secure, especially if it’s a bit weird. “Lemons make a delicious snack in my house.”

3- Writing passwords down.

I tell all my old relatives to write their passwords down in a little notebook. As long as there isn’t someone there regularly I don’t trust, it is much better than using same password and if their physical security at their house is compromised, there are bigger concerns than a notebook of banking passwords.

We write down all the passwords to our most secure systems – but then we rip them in half and put them in 2 separate safes.


Custom AI Chatbot

Imagine a 24/7 virtual assistant that never sleeps, always ready to serve customers with instant, accurate responses.

Contact us here to book a demo and receive a personalized value proposition



GeoVision AI

We combine the power of GIS and AI to deliver instant, actionable intelligence for organizations that rely on real-time data gathering. Our unique solution leverages 🍇 GIS best practices and 🍉 Power Automate for GIS integration to collect field data—texts, photos, and geolocation—seamlessly. Then, through 🍊 Generative AI for image analysis, we deliver immediate insights and recommendations right to your team’s inbox and chat tools.

Contact us here to book a demo and receive a personalized value proposition


Did I say passwords? I meant encryption keys.

4- Changing default ports for certain services like dbs

Most of the gangs out there use tools that don’t do a full search, so they go through the default port list

5- MFA in general.

Takes 60 seconds to set up, and an additional 5s each time you use it, but can save you hours if not days of manual recovery efforts with support to regain access to a compromised account. Yet people don’t like the idea.

If you are using TOTP for your MFA, you can even put it right in the browser with a plug-in. I use this approach for work. It’s very convenient.

If you use a password manager that supports TOTP and auto type (e.g. KeePassXC) then you don’t even need to mess with it once you have it set up.

6- Oauth for 3rd party apps.

Those “sign into our app with your (Google, Microsoft, etc) account” things. As long as you trust the ID provider and the app, it’s usually secure. More so, considering it prevents password reuse, and you aren’t exposed if any of those 3rd party apps have a breach.

7- Two-step verification.

Yes it’s annoying to need two devices every time you want to log into your most precious accounts, but trust me, I’d rather take the extra 10 seconds to authorize a login than go through the hell of having my account breached.

8-Biometric Authentication.

The argument is that ‘you can’t change your face/finger’ but it is actually more secure than other ‘magic link’ providers.

Let me be clear, there are some providers that are still iffy on security. But there are also some that have device native authentication (you need the device to auth), they don’t store passwords or password hashes, and only has public keys.

One example of this is https://passage.id/ which is about as secure as you can get.

9- Zoom.

Yes, they had a bunch of issues at the start, but they fixed them. I would much rather work with a company that had security assessments and fixed the problems rather than a company which has never been assessed.

10- Unplugging the ethernet cable.

11- Browser password managers?

Rant moment: reasons cybersecurity fails

<Rant>

People don’t see value of putting effort in cybersecurity because they don’t see any material gains from it. The best thing they can see is nothing bad happening.

No news isn’t good enough of a good news. This is enough to mostly ignore all cybersecurity advice altogether.


AI Unraveled: Demystifying Frequently Asked Questions on Artificial Intelligence (OpenAI, ChatGPT, Google Gemini, Generative AI, Discriminative AI, xAI, LLMs, GPUs, Machine Learning, NLP, Promp Engineering)

This is similar to people not taking care of themselves health-wise, because the best things they can see is not getting sick.

</Rant>

Why do cyber attackers commonly use social engineering attacks?

Hackers commonly use social engineering attacks because they can be very effective. By using social engineering, hackers can take advantage of people’s trusting nature and willingness to help others. They can also exploit the fact that people are often not well-informed about security and privacy issues. For example, a hacker might pose as a customer service representative and ask for someone’s password. Or, they might send an email that looks like it is from a trusted source, such as a bank or government agency, and ask the recipient to click on a link or download an attachment. If the person falls for the deception, the hacker can gain access to their accounts or infect their computer with malware. That is why it is important to be aware of these types of attacks and know how to protect yourself.

Cyber attackers commonly use social engineering attacks for a number of reasons. First, hacking into a person’s or organization’s computer systems is becoming increasingly difficult as security measures become more sophisticated. Second, even if a hacker is able to gain access to a system, they are likely to be discovered and caught before they can do any significant damage. Third, social engineering attacks allow hackers to bypass security measures and obtain sensitive information without being detected. Finally, social media platforms have made it easier for cyber attackers to obtain personal information about their targets and to carry out attacks. As a result, social engineering attacks are an attractive option for many cyber attackers.

To conclude:

Cybersecurity is often thought of as a complex and technical field, but there are actually many simple things that everyone can do to help stay safe online. For example, one way to protect your online communications is to use PGP encryption. This type of encryption is incredibly difficult for even the most skilled hacker to break, but it’s also easy to use. Another way to improve your cybersecurity is to use very long passwords that are actually a sentence. This may seem daunting, but using a phrase as your password makes it much harder for hackers to guess. Additionally, changing the default ports for certain services can help prevent unauthorized access. And finally, unplugging the ethernet cable when you’re not using it is a great way to physically block hackers from accessing your device. By following these simple tips, you can dramatically improve your cybersecurity and protect your privacy.

source: r/cybersecurity

Source: r/cybersecurity

  • CTF Online on 20th Feb
    by /u/ProfessorFyodor (cybersecurity) on February 16, 2025 at 1:28 pm

    🚀 CyberCarnival'25 CTF – Are You Ready to Hack Your Way to Glory? 🔥 Get ready for the ultimate cybersecurity showdown! 🏆 CyberCarnival'25 CTF is here to test your hacking skills, problem-solving abilities, and speed. Whether you're a beginner or a pro, this is your chance to prove your mettle! 🔹 Date: 20th February 2025 🔹 Time: 10:00 AM – 1:00 PM 🔹 Mode: Online While registering set the “Event Mode” as Online 💡 Compete, Learn & Win Exciting Prizes! 📞 For Queries, Do Contact Me submitted by /u/ProfessorFyodor [link] [comments]

  • I'm losing my mind looking at these crazy salaries!
    by /u/Additional_Edge_2186 (cybersecurity) on February 16, 2025 at 12:51 pm

    I hear so many people say that they earn 200k-300k in cybersecurity. I just wanted to ask if this salary is real? If it is, how do you guys do it and what are your years of experience? submitted by /u/Additional_Edge_2186 [link] [comments]

  • How is Nmap used to find outdated OS's to compromise through the internet?
    by /u/itszesty0 (cybersecurity) on February 16, 2025 at 11:54 am

    I realize the title makes it seem like I am asking for advice on spreading malware but BEAR WITH ME; I am just curious on how the tech works. Ive seen a bunch of videos where they'll connect an old OS like Windows XP or older without a firewall and by just being connected to the internet the computer is compromised within just a couple minutes. They say Nmap is used to search for these things but how the hell does it do that?? Wouldn't searching through that humongous of a network be a giant undertaking? How do the hell do they do it? This simply fascinates me. Id love to know how it works and how hackers do it. submitted by /u/itszesty0 [link] [comments]

  • Hiding Shellcode in Image Files with Python and C/C++ -> Now Even Stealthier Without WinAPIs
    by /u/Possible-Watch-4625 (cybersecurity) on February 16, 2025 at 10:19 am

    Hi everyone! I just released a major update to my GitHub project on hiding shellcode in image files. Previously, the code relied on WinAPIs to fetch the payload from the resource sections. In this new update, I’ve implemented custom functions to manually parse the PEB/PE headers, completely bypassing the need for WinAPIs. 🎉 This makes the code significantly stealthier, taking evasion to a whole new level. 🔥 Check it out here: 🔗 GitHub Repository: 👉 https://github.com/WafflesExploits/hide-payload-in-images 🔗 Full Guide Explaining the Code: 👉 https://wafflesexploits.github.io/posts/Hide_a_Payload_in_Plain_Sight_Embedding_Shellcode_in_a_Image_file/ 📚 Updated Table of Contents: 1️⃣ Hide a Payload in an Image File by Appending Data at the End 2️⃣ Extract the Payload from an Image File on Disk Using C/C++ 3️⃣ Store the Image File in the Resources Section (.rsrc) of a Binary File 4️⃣ Extract the Payload from the Image File in the Resources Section (.rsrc) 5️⃣ NEW: Extract the Payload from the Image File in the Resources Section (.rsrc) via PEB Parsing - No WinAPIs Needed! I hope this update inspires fresh ideas or provides valuable insights for your projects. As always, I welcome any thoughts, feedback, or suggestions for improvement. Let me know in the comments! Happy hacking! 😀 submitted by /u/Possible-Watch-4625 [link] [comments]

  • Security flaw exposed billions of YouTube email addresses
    by /u/CannyOrange (cybersecurity) on February 16, 2025 at 9:22 am

    There were no truly private accounts on YouTube until recently. Security researchers demonstrated that any email behind an account could be pulled from Google using a relatively simple exploit. Google has patched the flaw and awarded researchers a $10,633 bounty. Source: https://cybernews.com/security/youtube-flaw-exposed-billions-of-emails/ submitted by /u/CannyOrange [link] [comments]

  • Want to get into contracting information security and cloud computing
    by /u/No_Perspective_1211 (cybersecurity) on February 16, 2025 at 7:11 am

    I’ve been studying AWS viciously for the past two years and getting my bachelors degree picked up some certifications on the side like AWS Sysops and Solutions and CCP I began first starting with information security although I got 3 years with that picked up some certs as well like sec+ cysa+ CCSP I want to start managing companies AWS environment or give some cloud consulting or information security consulting just something in the cloud management field information security with contracts for companies? Where would I start anyone got a guide here or anything just asking please help !!! I seen that I should go into government field seeing as I got some good certs and im IAM level 3 but im kinda stuck although I am kinda young so I dont know what company would work with a guy like me I got a guy who’s on the same skill level as me but he’s on the azure side and we wanna team up both of us 20M submitted by /u/No_Perspective_1211 [link] [comments]

  • How common is the impostor syndrome across Cybesecurity Analysts/Engineers/Architects?
    by /u/Same-Ad6119 (cybersecurity) on February 16, 2025 at 6:47 am

    How do you deal with the impostor syndrome while also knowing that everybody here seems to have seen it all and know it all? I have recently picked up hack the box, and I find myself not able to follow through so quickly as I would expect, given that I have devoted more than 9 years into this field already (blue team). This has demolished my confidence. I feel like a fraud. I recently started to call myself a Cybersecurity Clown. Maybe I should just embrace it and show up as an actual clown into my next job interview. submitted by /u/Same-Ad6119 [link] [comments]

  • FastCMS Template Menu menu Cross Site Scripting- CVE-2025-1332
    by /u/Severe_Store_527 (cybersecurity) on February 16, 2025 at 6:20 am

    A vulnerability was found in FastCMS up to 0.1.5 and classified as problematic. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2025-1332. The attack may be initiated remotely. Furthermore, there is an exploit available. This product does not use versioning. Learn More : https://prashantdangi.github.io/cve/xss/fastcms-xss/ For AI Automation, Cybersecurity and Tech Updates join this free telegram group: https://t.me/prashantdangiblogs submitted by /u/Severe_Store_527 [link] [comments]

  • AI Law emerges as a specialized field addressing unique challenges.
    by Nilima Bhadange Kurup (Cybersecurity on Medium) on February 16, 2025 at 6:11 am

    The increasing use of AI in our systems brings up numerous questions across the whole fabric of our societies. There are specific issues…Continue reading on Law & Tech-Current Affairs »

  • Cybersecurity Threats in 2025: How to Stay Safe Online
    by TP Technicals (Cybersecurity on Medium) on February 16, 2025 at 6:11 am

    As technology advances, so do the tactics of cybercriminals. In 2025, cybersecurity threats are more sophisticated, posing serious risks.Continue reading on Medium »

  • Oski Malware: A Forensic Analysis -Based Infostealer Attack
    by Abdelrahman Metwaly (Cybersecurity on Medium) on February 16, 2025 at 6:02 am

    An In-Depth Investigation of the Oski Threat Using CyberDefenders Lab EnvironmentContinue reading on Medium »

  • Today’s Top Cyber Intelligence Highlights — Feb 16, 2025
    by Dr. Fahim K Sufi, CTO & Research Scientist (Cybersecurity on Medium) on February 16, 2025 at 6:00 am

    Continue reading on Medium »

  • Day 22 — Vulnerability Assessment and Python Data Structures |
    by Sushrita Swain (Cybersecurity on Medium) on February 16, 2025 at 5:55 am

    Continue reading on Medium »

  • Digital Forensics Fundamentals — TryHackMe
    by Ryan Hunt (Cybersecurity on Medium) on February 16, 2025 at 5:52 am

    Hello everyone! In this post, I’ll be going over the TryHackMe — Digital Forensics Fundamentals Room, and hopefully this helps you out…Continue reading on Medium »

  • Phishing Incident Analysis: A Cyber Threat Intelligence Report with Proactive Detection Strategies
    by Seenu Bhupala (Cybersecurity on Medium) on February 16, 2025 at 5:49 am

    The following CTI report format was inspired by Adam Goss in his blog, Cyber Threat Intelligence Report Template (+FREE Download). The…Continue reading on Cyber Threat Intelligence (CTI) »

  • AI Security Weekly — Feb 17, 2025
    by Tal Eliyahu (Cybersecurity on Medium) on February 16, 2025 at 5:49 am

    🔍 Each week, I share key insights on how AI is being applied in cybersecurity — here are the latest.Continue reading on InfoSec Write-ups »

  • AI Security Weekly — Feb 17, 2025
    by Tal Eliyahu (Security on Medium) on February 16, 2025 at 5:49 am

    🔍 Each week, I share key insights on how AI is being applied in cybersecurity — here are the latest.Continue reading on InfoSec Write-ups »

  • 100 Days of Python — Cybersecurity Focus
    by Odhiambo Justin Gabriel (Cybersecurity on Medium) on February 16, 2025 at 5:44 am

    Day 7: Functions and ModulesContinue reading on Medium »

  • CCNA Training And Certification In Delhi
    by Cyberyaan Training & Consultancy (Cybersecurity on Medium) on February 16, 2025 at 5:39 am

    Cyberyaan Training and Consultancy in Delhi offers a comprehensive Cisco Certified Network Associate (CCNA) 200–301 Training and…Continue reading on Medium »

  • Cybr Academy:[LAB] Kubernetes Control Plane and Worker Nodes
    by marianita_cloud (Security on Medium) on February 16, 2025 at 4:00 am

    Configure your AWS CLI 🧪Continue reading on Medium »

  • Is Your Toaster Trying to Kill You? (Probably Not, But This Book Will Make You Think About It)
    by Tina Ginn (Security on Medium) on February 16, 2025 at 4:00 am

    Okay, folks, let’s be real. The world is a scary place. You’re probably thinking, “Yeah, yeah, I know. Climate change, killer robots, the…Continue reading on Medium »

  • Privacy and Security in Philippine Social Media
    by Nipino.com - Bridging Japan and the Philippines (Security on Medium) on February 16, 2025 at 3:44 am

    Social media has revolutionized communication in the Philippines, offering unparalleled connectivity while presenting significant…Continue reading on Medium »

  • ☁︎ AWS IAM Complete Hands-On Guide
    by Anvesh Muppeda (Security on Medium) on February 16, 2025 at 2:39 am

    ⇢ A Step-by-Step Walkthrough of Groups, Roles, Policies, and More! 👨‍💻💡Continue reading on Medium »

  • Blogs / Newsletter / Newsrooms / Forums
    by /u/Vixeliusdelius (cybersecurity) on February 16, 2025 at 12:56 am

    Hey Guys Lets create a list with the best Hacking / Cybersec Blogs, Forums, Newsletters and Newsrooms for Techheads 🙂 submitted by /u/Vixeliusdelius [link] [comments]

  • The Feds Push for WebAssembly Security Over eBPF
    by /u/position-Absolute (cybersecurity) on February 16, 2025 at 12:46 am

    https://thenewstack.io/the-feds-push-for-webassembly-security-over-ebpf/ submitted by /u/position-Absolute [link] [comments]

  • How to Turn Off Two-Factor Authentication: A Step-by-Step Guide for Social Media
    by Alayna Ferdarko (Security on Medium) on February 16, 2025 at 12:35 am

    Two-factor authentication (2FA) is an excellent way to add an extra layer of security to your online accounts. However, what happens when…Continue reading on Medium »

  • Implementing Envelope Encryption with AWS KMS — A Step-by-Step Guide
    by Noble W. Antwi (Security on Medium) on February 16, 2025 at 12:28 am

    IntroductionContinue reading on Medium »

  • Authentication & Protocols: Securing FastAPI with Google OAuth — A Python Guide
    by Sai Nitesh Palamakula (Security on Medium) on February 16, 2025 at 12:23 am

    In today’s digital world, authentication is the cornerstone of security. Whether you’re logging into your email, authorizing an app to…Continue reading on Medium »

  • Who do you follow for cybersecurity news, info, and learning?
    by /u/Dark-Marc (cybersecurity) on February 16, 2025 at 12:14 am

    Looking for recommendations—who are your favorite experts for staying updated on cybersecurity news and learning new skills? Could be bloggers, YouTubers, researchers, etc. submitted by /u/Dark-Marc [link] [comments]

  • Use blockchain immutable DB to provide decentralized device identity at scale
    by lei zhou (Security on Medium) on February 16, 2025 at 12:10 am

    As I discussed in previous article pinned here, the blockchain’s ledger is append-only and immutable, guaranteed by cryptographic hash and…Continue reading on Medium »

  • Is WannaCry the Biggest Ransomware Attack in History?
    by /u/Anam_011 (cybersecurity) on February 15, 2025 at 11:46 pm

    submitted by /u/Anam_011 [link] [comments]

  • Harden a Simple Website — Backend(part 1)
    by Bharat Mukheja (Security on Medium) on February 15, 2025 at 11:24 pm

    Security Hardening SeriesContinue reading on System Weakness »

  • Cybers and tech governance and risk career
    by /u/Big_Couple_3712 (cybersecurity) on February 15, 2025 at 10:53 pm

    Hi all, I'm a recent accounting graduate starting a big 4 audit roles. It's still early days in my career, but I really don't see myself being satisfied in an accounting career, which is why I am considering a move to a tech-related area in the future, with cybersecurity always being an interest of mine. I noticed that there are some accountants who make the transition to a cybersecurity role in an area called "cyber and technology risk and governance". What exactly is this area, is it less techcnical than other cybersecurity roles, and is it a good space for an accountant to get into? Thanks a lot! https://imgur.com/a/Bz0YtUO - LinkedIn example of person in this area submitted by /u/Big_Couple_3712 [link] [comments]

  • Cyber Advisor + Assured Service Provider and Cyber Essentials+ (UK)
    by /u/naasei (cybersecurity) on February 15, 2025 at 9:36 pm

    UK folks, Your thoughts on these. Are you a Cyber advisor? Do you work for an Assured Service Provider(ASP)? Has your company becoming an ASP brought you more business? Does your company get any business leads for holding this accrediation? Please share your thoughts. submitted by /u/naasei [link] [comments]

  • I am working on a free threat intelligence service, take a look!
    by /u/Alexander_Chneerov (cybersecurity) on February 15, 2025 at 8:45 pm

    https://northrecon.com/incident/1 Hey there. The link above is for the first incident we covered, check the attack flow pdf for more details. I would love to hear some feedback on what you would like to see. Thanks! submitted by /u/Alexander_Chneerov [link] [comments]

  • Warwick vs Manchester - MSc in cybersecurity- Please help me decide
    by /u/brxenpetals (cybersecurity) on February 15, 2025 at 8:03 pm

    Hey everyone, I’m deciding between Warwick and Manchester for an MSc in Cybersecurity and need advice on which to choose. I’ve tried researching about both of these and honestly I’m unable to make a decision. Warwick’s program is NCSC-certified, but the certification is set to expire by 30/09, and I’m starting in Fall 2025, so I’m not sure if that will still be relevant. It has a more technical focus on cybersecurity engineering and is closer to London, which could help with jobs in finance and tech. Manchester’s program is broader, has ties to GCHQ, and is in a growing tech hub with lower living costs. For anyone familiar with these programs or working in cybersecurity, which university has better industry connections and job opportunities? Any insights would be really helpful. Thanks! submitted by /u/brxenpetals [link] [comments]

  • The Arctic Battleground: How Geopolitics Will Shape Cybersecurity in Greenland
    by /u/PredictiveDefense (cybersecurity) on February 15, 2025 at 7:25 pm

    Just read this blog on how geopolitics can impact cybersecurity in Greenland, and it’s an insightful analysis. The article does a great job of mapping out the key players involved, outlining the different factors that contribute to cyber risks, and exploring the various ways cyber activity could impact Greenland. One thing that came to mind while reading was how high-profile geopolitical narratives can be exploited in cyber operations. Take Trump’s repeated remarks about buying Greenland. While not directly related to cybersecurity, this kind of widely discussed topic could easily be used as a lure in spear-phishing campaigns. This isn’t something the article explicitly discusses, but it’s a good example of how cyber threats often exploit geopolitical discourse. One part where I didn't fully understand the reasoning was the statement that U.S. cyber activities targeting Greenland or Denmark are highly unlikely unless relations deteriorate. Given Greenland’s increasing strategic value, both in terms of natural resources and military positioning, I’d expect cyber operations from multiple state actors regardless of diplomatic status. Even among allies, cyber espionage and intelligence gathering are common. It would be interesting to get more insight into the author's reasoning. A way to extend the analysis would be to consider how different policy directions Greenland could take would impact its cyber threat landscape. For example, if Greenland aligned itself more closely with NATO and restricted foreign investments, we might see increased cyber activity from Russia or China attempting to protest or undermine those policies. Exploring these scenarios would add a useful layer to understanding the cyber risks at play. Overall, though, this was a strong and well-researched piece. It highlights how Greenland’s strategic position makes it a focal point for cyber risks and does a great job of connecting geopolitical shifts with cybersecurity threats. Definitely worth reading for anyone interested in geopolitical cyber threat intelligence. submitted by /u/PredictiveDefense [link] [comments]

  • Wiz Defend, Cortex Cloud: Who handles detection & remediation?
    by /u/EnvironmentalPea1666 (cybersecurity) on February 15, 2025 at 5:19 pm

    Who is looking at these new products? What are you considering them for? SaaS apps or IaaS/containerized? What’s the workflow for handling & remediation? Alerts in the SOC > dev teams? IT ops? Just curious who the intended audience is for these products and how you might be considering using them in your org. submitted by /u/EnvironmentalPea1666 [link] [comments]

  • Open source lists of proxy IP addresses used by bots, updated daily
    by /u/antvas (cybersecurity) on February 15, 2025 at 2:55 pm

    submitted by /u/antvas [link] [comments]

  • Advice for interview security architecture
    by /u/Flaky_Video_4381 (cybersecurity) on February 15, 2025 at 1:25 pm

    Hi folks, I have an interview for a security architecture position, however my background so far has been 7-8 years in Network Security (some design, implementation, operations), and Vulnerability Management, Risk Assessment. They're looking for someone to: Contribute to the definition of the security architecture model, and its alignment to firm policy and taxonomy. Contribute to the development of a controls and threat-based architecture process. Apply and own the security architecture across some key domain. Integrate and adopt Enterprise architecture processes and concepts and actively participate with the architecture governance forums Which I honestly have to say don't much experience of. I was reading through SABSA but I find it a bit difficult to wrap my head around it. Maybe I'll understand better if I find some real examples. My biggest fear is going through the process, getting the job and then being under qualified and failing. submitted by /u/Flaky_Video_4381 [link] [comments]

  • PostgreSQL flaw exploited as zero-day in BeyondTrust breach
    by /u/anynamewillbegood (cybersecurity) on February 15, 2025 at 12:12 pm

    submitted by /u/anynamewillbegood [link] [comments]

  • Relaunch Of My Weekly Cyber Quiz
    by /u/jaco_za (cybersecurity) on February 15, 2025 at 10:51 am

    Hallo! I’ve restarted my weekly cyber quiz, covering current events and new research. Have a go and let me know what you think. ————— 💘 It's Friday, It's Valentine's Day, it's SocVel Cyber Quiz Time! 💘 New quiz is officially out, testing you on: 💸 Stumbling on credit breaches 🔌 Electricity Grids getting taken down 💡 Kimsuky rolling new tactics 📈 Ransomware trends increasing #surprise 🤓 A new acronym to learn 🎯 Sandworm burrowing to somewhere else 🏗️ Tunnels in reverse 🍣 Chinese hackers pivoting to badness 📸 Image files hiding code https://www.socvel.com/quiz submitted by /u/jaco_za [link] [comments]

  • The top US election security watchdog has been forced to freeze all of its efforts to aid states in securing elections
    by /u/wiredmagazine (cybersecurity) on February 15, 2025 at 3:48 am

    submitted by /u/wiredmagazine [link] [comments]

  • DOGE Exposes Once-Secret Government Networks, Making Cyber-Espionage Easier than Ever
    by /u/2RM60Z (cybersecurity) on February 14, 2025 at 6:48 pm

    submitted by /u/2RM60Z [link] [comments]

  • Anyone Can Push Updates to the DOGE.gov Website
    by /u/EveYogaTech (cybersecurity) on February 14, 2025 at 10:33 am

    submitted by /u/EveYogaTech [link] [comments]

  • Mentorship Monday - Post All Career, Education and Job questions here!
    by /u/AutoModerator (cybersecurity) on February 10, 2025 at 12:00 am

    This is the weekly thread for career and education questions and advice. There are no stupid questions; so, what do you want to know about certs/degrees, job requirements, and any other general cybersecurity career questions? Ask away! Interested in what other people are asking, or think your question has been asked before? Have a look through prior weeks of content - though we're working on making this more easily searchable for the future. submitted by /u/AutoModerator [link] [comments]

  • Megathread: Department of Government Efficiency, Elon Musk, and US Cybersecurity Policy Changes
    by /u/Oscar_Geare (cybersecurity) on February 6, 2025 at 6:48 am

    This thread is dedicated to discussing the actions of Department of Government Efficiency, Elon Musk’s role, and the cybersecurity-related policies introduced by the new US administration. Per our rules, we try to congregate threads on large topics into one place so it doesn't overtake the subreddit on those discussions (see CrowdStrike breach last year). All new threads on this topic will be removed and redirected here. Stay On-Topic: Cybersecurity First Discussions in this thread should remain focused on cybersecurity. This includes: The impact of new policies on government and enterprise cybersecurity. Potential risks or benefits to critical infrastructure security. Changes in federal cybersecurity funding, compliance, and regulation. The role of private sector figures like Elon Musk in shaping government security policy. Political Debates Belong Elsewhere We understand that government policy is political by nature, but this subreddit is not the place for general political discussions. If you wish to discuss broader political implications, consider posting in: r/politics – General U.S. political discussions r/PoliticalDiscussion – Moderated political discourse r/NeutralPolitics – Non-partisan analysis r/geopolitics – Global political developments See our previous thread on Politics in Cybersecurity: https://www.reddit.com/r/cybersecurity/comments/1igfsvh/comment/maotst2/ Report Off-Topic Comments If you see comments that are off-topic, partisan rants, or general political debates, report them. This ensures the discussion remains focused and useful for cybersecurity professionals. Sharing News This thread will be default sorted by new. Look at new comments on this thread to find new news items. This megathread will be updated as new developments unfold. Let’s keep the discussion professional and cybersecurity-focused. Thanks for helping maintain the integrity of r/cybersecurity! submitted by /u/Oscar_Geare [link] [comments]

What is Google Workspace?
Google Workspace is a cloud-based productivity suite that helps teams communicate, collaborate and get things done from anywhere and on any device. It's simple to set up, use and manage, so your business can focus on what really matters.

Watch a video or find out more here.

Here are some highlights:
Business email for your domain
Look professional and communicate as you@yourcompany.com. Gmail's simple features help you build your brand while getting more done.

Access from any location or device
Check emails, share files, edit documents, hold video meetings and more, whether you're at work, at home or on the move. You can pick up where you left off from a computer, tablet or phone.

Enterprise-level management tools
Robust admin settings give you total command over users, devices, security and more.

Sign up using my link https://referworkspace.app.goo.gl/Q371 and get a 14-day trial, and message me to get an exclusive discount when you try Google Workspace for your business.

Google Workspace Business Standard Promotion code for the Americas 63F733CLLY7R7MM 63F7D7CPD9XXUVT 63FLKQHWV3AEEE6 63JGLWWK36CP7WM
Email me for more promo codes

Active Hydrating Toner, Anti-Aging Replenishing Advanced Face Moisturizer, with Vitamins A, C, E & Natural Botanicals to Promote Skin Balance & Collagen Production, 6.7 Fl Oz

Age Defying 0.3% Retinol Serum, Anti-Aging Dark Spot Remover for Face, Fine Lines & Wrinkle Pore Minimizer, with Vitamin E & Natural Botanicals

Firming Moisturizer, Advanced Hydrating Facial Replenishing Cream, with Hyaluronic Acid, Resveratrol & Natural Botanicals to Restore Skin's Strength, Radiance, and Resilience, 1.75 Oz

Skin Stem Cell Serum

Smartphone 101 - Pick a smartphone for me - android or iOS - Apple iPhone or Samsung Galaxy or Huawei or Xaomi or Google Pixel

Can AI Really Predict Lottery Results? We Asked an Expert.

Ace the 2023 AWS Solutions Architect Associate SAA-C03 Exam with Confidence Pass the 2023 AWS Certified Machine Learning Specialty MLS-C01 Exam with Flying Colors

List of Freely available programming books - What is the single most influential book every Programmers should read



#BlackOwned #BlackEntrepreneurs #BlackBuniness #AWSCertified #AWSCloudPractitioner #AWSCertification #AWSCLFC02 #CloudComputing #AWSStudyGuide #AWSTraining #AWSCareer #AWSExamPrep #AWSCommunity #AWSEducation #AWSBasics #AWSCertified #AWSMachineLearning #AWSCertification #AWSSpecialty #MachineLearning #AWSStudyGuide #CloudComputing #DataScience #AWSCertified #AWSSolutionsArchitect #AWSArchitectAssociate #AWSCertification #AWSStudyGuide #CloudComputing #AWSArchitecture #AWSTraining #AWSCareer #AWSExamPrep #AWSCommunity #AWSEducation #AzureFundamentals #AZ900 #MicrosoftAzure #ITCertification #CertificationPrep #StudyMaterials #TechLearning #MicrosoftCertified #AzureCertification #TechBooks

Top 1000 Canada Quiz and trivia: CANADA CITIZENSHIP TEST- HISTORY - GEOGRAPHY - GOVERNMENT- CULTURE - PEOPLE - LANGUAGES - TRAVEL - WILDLIFE - HOCKEY - TOURISM - SCENERIES - ARTS - DATA VISUALIZATION
zCanadian Quiz and Trivia, Canadian History, Citizenship Test, Geography, Wildlife, Secenries, Banff, Tourism

Top 1000 Africa Quiz and trivia: HISTORY - GEOGRAPHY - WILDLIFE - CULTURE - PEOPLE - LANGUAGES - TRAVEL - TOURISM - SCENERIES - ARTS - DATA VISUALIZATION
Africa Quiz, Africa Trivia, Quiz, African History, Geography, Wildlife, Culture

Exploring the Pros and Cons of Visiting All Provinces and Territories in Canada.
Exploring the Pros and Cons of Visiting All Provinces and Territories in Canada

Exploring the Advantages and Disadvantages of Visiting All 50 States in the USA
Exploring the Advantages and Disadvantages of Visiting All 50 States in the USA


Health Health, a science-based community to discuss human health

Today I Learned (TIL) You learn something new every day; what did you learn today? Submit interesting and specific facts about something that you just found out here.

Reddit Science This community is a place to share and discuss new scientific research. Read about the latest advances in astronomy, biology, medicine, physics, social science, and more. Find and submit new publications and popular science coverage of current research.

Reddit Sports Sports News and Highlights from the NFL, NBA, NHL, MLB, MLS, and leagues around the world.

Turn your dream into reality with Google Workspace: It’s free for the first 14 days.
Get 20% off Google Google Workspace (Google Meet) Standard Plan with  the following codes:
Get 20% off Google Google Workspace (Google Meet) Standard Plan with  the following codes: 96DRHDRA9J7GTN6 96DRHDRA9J7GTN6
63F733CLLY7R7MM
63F7D7CPD9XXUVT
63FLKQHWV3AEEE6
63JGLWWK36CP7WM
63KKR9EULQRR7VE
63KNY4N7VHCUA9R
63LDXXFYU6VXDG9
63MGNRCKXURAYWC
63NGNDVVXJP4N99
63P4G3ELRPADKQU
With Google Workspace, Get custom email @yourcompany, Work from anywhere; Easily scale up or down
Google gives you the tools you need to run your business like a pro. Set up custom email, share files securely online, video chat from any device, and more.
Google Workspace provides a platform, a common ground, for all our internal teams and operations to collaboratively support our primary business goal, which is to deliver quality information to our readers quickly.
Get 20% off Google Workspace (Google Meet) Business Plan (AMERICAS): M9HNXHX3WC9H7YE
C37HCAQRVR7JTFK
C3AE76E7WATCTL9
C3C3RGUF9VW6LXE
C3D9LD4L736CALC
C3EQXV674DQ6PXP
C3G9M3JEHXM3XC7
C3GGR3H4TRHUD7L
C3LVUVC3LHKUEQK
C3PVGM4CHHPMWLE
C3QHQ763LWGTW4C
Even if you’re small, you want people to see you as a professional business. If you’re still growing, you need the building blocks to get you where you want to be. I’ve learned so much about business through Google Workspace—I can’t imagine working without it.
(Email us for more codes)