Specifically in the Uk? I need a change the vendor I work for is being left behind and is so far behind the times it’s worrying. submitted by /u/corematrix [link] [comments]

I recently picked up an extensive engineering jira story on my organisation’s “assessment” Epic for Mitre Assessment to identify “if the monitoring controls are enabled for relevant Log sources.” The expectation is : Check the mitre techniques and filter out the ones which are valid for our environment. Then check if we have the prevention/detection enabled for it or not. Since Mitre has about 14 tactics and 240 Techniques, it seems like a tall order to accomplish. Are there any tools which I can use to skip manually mapping everything on excel? submitted by /u/elon_Tusk_420 [link] [comments]

submitted by /u/Choochy89 [link] [comments]

Im talking about next 5 years or so. Where do you think the AI train will lead us to? submitted by /u/Shoddy_Vegetable_115 [link] [comments]

submitted by /u/DerBootsMann [link] [comments]

I have a government internship interview next friday. I'm getting mixed opinions on this tho since some people are saying it's better to try to intern at a regular tech company than the government. I'd like to ask which one looks better on a resume? submitted by /u/wolfiiism [link] [comments]

Im a Security Architect working for a large org. Recently I picked up some interest in Malware and ML models. I think in generak in Cybersec we consider Av/EDR massive complex software projects way too large for one or a small team to take on. I see this similar to games like Call Of duty or massive studio multimillion dollar project. Is ther a thing such as Indie projects for Cybersec? Do you know of any one you like? Bit small scope but could still prove some value. Or am I crazy? I found quite some interesting Malware/Antimalware projects in github decently sized. Im curious what you think. submitted by /u/Reasonable_Chain_160 [link] [comments]

submitted by /u/Audible_Choco [link] [comments]

I work for a medium-sized school district. In our endpoint security software, we recently had an Exchange server showing that "Cobalt-A" "Disrupt_7h" and "DynamicShellCode" exploits were attempted but basically immediately cleaned up by our endpoint software. Our endpoint protection vendor, who also sells a 24x7 managed detection/response (MDR) service, reached out to us and really made it seem like we MUST upgrade to their MDR service immedately because we're likely about to experience a lot of pain since clearly a bad actor is in our network and trying to access things. So far, all we have as evidence of an attack are the 10 minutes of naughty activity on the Exchange server yesterday morning, that all appeared to get detected and cleaned. The vendor even said it appeared "they haven't moved laterally to other systems" yet. We have endpoint protection on almost all devices on the network, and no other systems have triggered similar alerts. No one is reporting any issues. My question is... Does the detection of a few attack attempts on one server such as this warrant the reaction of spending an extremely large amount of money to bring in this vendor to scrub every corner of our network/systems to make sure there are no problems? It just feels like a lot of money to throw at what only appears to be a few malicious attempts in one 10-minute period. Am I underreacting to what could potentially be a huge issue? We're in a tough budget year, and I don't want to panic buy a product we can't really afford, unless the outcome of not moving forward with it could actually be catastrophic. EDIT: Just want to add: I do realize there's an issue we need to address if there's activity like this going on, but there's got to be a more cost effective, simpler solution when the scale of the issue appears to be fairly manageable? submitted by /u/Kashek32 [link] [comments]

So I've only ever worked at three place. Two of them are with the Army and the last one is with the DOJ. From my experience with the Army, ISSE is higher. My understanding of the ISSE was its an ISSO with the expectation of having more technical knowledge to be able to take on additional duties in implementing as needed. I've take a DOJ job to help accredit a system (as an ISSE) and in talking with some sysadmins. They believe the ISSO is higher. That the grunt work falls on the ISSE so that the ISSO can focus on writing policies and documentation. Like I said, I only worked at 3 locations so I don't know. So the answer may not be black and white but rather it depends on the organization. What are your thoughts and experiences? submitted by /u/Outsourcing_Problems [link] [comments]

We are in the process of looking at different vendors and based on Gartner, they have Vectra, Darktrace, and Extrahop listed. Are there any others we should be looking at? submitted by /u/littleknucks [link] [comments]

I am transitioning to a cyber security job by studying for the sec+ to get a better foundation. But I always have this question that is isn't clearly answered and I always get vague answers from people I talk to, so coming to reddit for help. As my question states how do I know if I am ready for a CS job? My background I have years of experience as a Help Desk and System Administrator. If someone asked me how do I know I am ready for a help desk or system administrator job I would ask them the first few simple things if they know these terms or subject: Do you know what AD, Active directory is? Do you know how to add, remove, edit, unlock users and groups in AD? Do you know what and how to use NTFS? Do you know how to search how a file or folder is open and know how to close it because someone needs access to it? Do you know how to setup or use RDP? VPN? VPN products? Do you know what Group policy is? Do you know what ITSM is? Do you know how to setup firewall rules? Do you know any firewall products? Do you know how to setup a physical server? VM server? Have you used M365? Mail handler? O365? Intune? So asking the community for help to provide some real world questions or terms that if I looked at that I SHOULD know from the top of my head if I want to go into cybersecurity. submitted by /u/ExaminationSquare [link] [comments]

submitted by /u/wewewawa [link] [comments]

submitted by /u/riambel [link] [comments]

Heyya Guys, I always see in LinkedIn that Network is one way on how you can get a job. I'm about to be laid off within the next few months and I'm actively looking for a job.. getting interviews here and there.. but I wanted to see how Networking can help me land a job.. English is not my native language so it's kinda tough to understand the jokes and the other stuff that other people talk about. But if it's security technologies or terminologies, I know I can talk to them even for a long long time. ​ How do you guys do Networking? submitted by /u/Shobart [link] [comments]

I'll elaborate here in the description. I recently finished watching Mr. Robot, and my god did it get me interested in how the field of cybersecurity works. Of course fiction often exaggerates the excitement of a given job, and most jobs likely have a lot of routine BS. That being said, I was wondering the following: Most Curious About: Have you ever helped tackle a major cybersecurity threat that would've greatly impacted your nation (or a lot of people), which very few people knew about? Something like the pipeline hack that happened in the US. How often do you have to put out fires in general, and be in an "all hands on deck" mode? Piggyback off of #2: Which kind of jobs allow for this excitement on a more frequent basis? submitted by /u/Yakima42 [link] [comments]

CVE-2023-5129 - ** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Duplicate of CVE-2023-4863. The description of CVE-2023-4863 has been changed to "Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)" and CVSS is a 8.8 submitted by /u/Ready-Philosophy7516 [link] [comments]

There are a ton of posts about VM leakage to the host. But what about the opposite? Let's say the following exists: You question the security / confidentiality of your host machine, whether due to use by other parties or otherwise You absolutely trust and, for the purposes of this question, know, the virtualization software is bug/exploit free You isolate the VM from the host, so no shared files/folders, bridged network, etc. VM image is of course EAR With that in mind, if the host gets popped, absent a keylogger scenario where the VM password is compromised, what scenarios exist to exploit the VM? I'm thinking some kind of in-memory attack, but this ain't my forte and I don't know how this would work in the wild. My feeling is that the VM is pretty isolated from the host if the proper controls are in place. Thoughts? submitted by /u/FleetingFelix [link] [comments]

Link to this TryHackMe room:Continue reading on Medium »

I'm 22, I have majored computer science in undergraduate. I have two years work experience as a Software Engineer. I'm resigning my job (I'm not much interested on the tech I work and I work 12-13 hrs most of the days eventually ending up with no time to study other stuff) in two months to learn Cybersecurity skills. I always want to end up in Cybersecurity domain since I took computer science major but couldn't find much time to upskill. I have did some courses from udemy by Z-Security. I did prepare for CCNA certification few months back. However it lacked so much consistency while learning due to other factors. Now I really want to deep dive into this field. I found this study plan on git (https://github.com/jassics/security-study-plan), do you think this has a good structure? Please comment your recommendations. submitted by /u/v1shalnaps [link] [comments]

Learn how wallet drainers have stormed web3 and how to stay safe.Continue reading on Medium »

Hi hackers, I’m Hazem El-Sayed (zoma), A Junior Computer Science Student, and Offensive Security Enthusiast, , At this time i am learning…Continue reading on Medium »

We led Slope’s earliest round with $5m. Back then, it was really just a pre-revenue, pre-PMF concept and this was our largest check ever…Continue reading on Medium »

Continue reading on Internet Stack »

As I am working on building my own Active Directory lab and going through HTB Academy’s Active Directory modules, I thought I would try…Continue reading on Medium »

AbstractContinue reading on Medium »

The systemd journal is a log of everything that happens on your Linux computer.Continue reading on Medium »

IntroductionContinue reading on Medium »

Realm Subscribers!Continue reading on Medium »

Continue reading on Medium »

Continue reading on Medium »

In today’s rapidly advancing tech world, quantum computing stands out as a game-changer, especially for cyber-security. With quantum…Continue reading on Medium »

Introduction: In today’s world, internal communication plays a pivotal role in determining an organisation’s success. With changing…Continue reading on Medium »

Hi there, fellow tech enthusiasts! Get ready for some juicy insider info straight from the US government’s antitrust trial against Google…Continue reading on Medium »

Distributed Timestamp Server & Proof-of-Work (PoW) — Source Code snippetsContinue reading on Medium »

1. Unmatched SecurityContinue reading on Medium »

SUID stands for “Set User ID” its a special permission in Unix and Linux operating systems which allows a command to be executed with the…Continue reading on Medium »

Triton Systems, a dynamic and innovative company, has been making waves in the world of technology and engineering since its inception…Continue reading on Medium »

Hi Team, I am having 7 Yoe as sys admin and SOC I am working in MSS currently and we are managing multiple security products like Crowdstrike, intune, defender, trendmicro and McAfee. Now, for knowledge and money purpose, should I concentrate on Vendor neutral certification like CCSP, CISSP like that ? Or only a specific vendor certifications like Microsoft Az-500, Sc-100, sc-200 like that and specialize on Microsoft alone in future ? My main motto - To earn huge money 💰 in future. Please suggest me submitted by /u/Krish03101991 [link] [comments]

Links to the NIST CVE along with one good summary article that contains a compiled list of affected software so far. If anyone knows of other affected software and patch status updates, please post. https://nvd.nist.gov/vuln/detail/CVE-2023-5129 https://www.cyberkendra.com/2023/09/webp-0day-google-assign-new-cve-for.html?m=1 submitted by /u/A-Series-of-Tubes [link] [comments]

Is there generally a bright future or is it a dead end office job? Is it lucrative or will it leave me working a second job at night? I am debating either continuing on the GRC path or jumping into something more technical? submitted by /u/Ornatbadger64 [link] [comments]

So for almost 1 year I've been working alone as a soc analyst, I trained myself and understand the concept of SIEM & monitoring. Now it's 3 years since I've been soc analyst (ive been i tech for 7 years) and I'm hoping to switch department. So my co worker ABC have been working for a year now as SOC analyst. And I trained her along side new grad. They all graduated with Bsc in cyber I'm Bsc in computer science and master in data science. My coworkers A & B say " i didn't graduate from uni with cybersecurity certificate to close & report alert or monitoring network" she have been saying the same thing since the 1st month she started working. And the new grad too are not impressed by Blue team or SOC process and procedures they are expecting something from a movie even my co worker A&B she said "yeah me too i expected something like in the movie" I'm planning to tell my manager that now I deserve to move in my career to different job position, but I just don't know how i can tell him that I deserve new position and I don't see hope with people. It's making me frustrated that they don't understand the importance of soc analyst or monitoring network submitted by /u/sk8er_girl90 [link] [comments]

submitted by /u/nareksays [link] [comments]

Recently took a remote job as a SOC analyst, and my bosses and coworkers all pull 90 hour weeks. I’m big on work life balance, but I’m also used to performing well and giving my all. Has anyone else encountered this? submitted by /u/dazeandconfuzer [link] [comments]

This is the weekly thread for career and education questions and advice. There are no stupid questions; so, what do you want to know about certs/degrees, job requirements, and any other general cybersecurity career questions? Ask away! Interested in what other people are asking, or think your question has been asked before? Have a look through prior weeks of content - though we're working on making this more easily searchable for the future. submitted by /u/AutoModerator [link] [comments]