I'm interested in leveraging advanced analytics, particularly predictive algorithms, to get ahead of potential vulnerabilities and attacks. Our team is facing a similar situation and is eager to learn more from others' experiences. Specifically, I'd like to understand: Do your peers use advanced analytics, especially predictive algorithms, to forecast vulnerability and attack trends? If so, what kind of data sources are they using (e.g., historical data, risk reports, threat intelligence)? What types of algorithms have proven most effective in this area (e.g., robust regression, neural networks)? We're open to collaborating or sharing best practices to improve our organization's security posture. I believe advanced analytics can be a powerful tool for proactive cybersecurity, and I'm keen to explore its potential further. submitted by /u/Thin-Parfait4539 [link] [comments]

What is Symbiote and setup in systemContinue reading on Medium »

submitted by /u/QforQ [link] [comments]

What's up y'all. I work on a data engineering team at a large aerospace manufacturer that has some very valuable IP and is under constant attack. We all get weekly social engineering attacks in the form of fake texts from our CEO, fake emails from our bosses, etc. With my day crammed with meetings and my focus not on our cybersecurity vulnerabilities, I feel that myself and others are not properly incentivized to take these daily threats seriously. I suggested to a security engineer in the company that we set up an incentive program to reward employees who find and report attacks and vulnerabilities they see that way people start paying more attention and we have a more proactive cybersecurity awareness program. My suggestion wasn't flat out rejected but wasn't taken seriously. I'm curious if other organizations have attempted something similar. It feels like security and detection engineering has become so sophisticated but then a simple social engineering attack flies right in the face of that sophistication. submitted by /u/meanmothafugga [link] [comments]

Show Love Through Actions, Not Just WordsContinue reading on Medium »

Is SSE the new thing, does it replace an AV? For context I am doing a project for a small business of 4 employees who mainly use documents, emails and have around 1TB of data. ( they also work remotely for around 5 months a year) Would you reccomend looking for an SSE solution or just stick with an antivirus Budget is not an issue submitted by /u/Fantastic_Set8169 [link] [comments]

Understanding the Mathematical Foundations of Quantum ComputersContinue reading on Medium »

This article explores the step-by-step process of reverse engineering an e-scooter application.Continue reading on Medium »

What is the GCIH certification?Continue reading on Medium »

(That would be Adaptive Security Appliance*,* of course...) What's Going On? This afternoon, Cisco released 2 new CVEs impacting their Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD), both of which are actively exploited by UAT4356. More on CVE-2024-20353 Vendor CVSS Score 8.6 Allows an unauthenticated, remote attacker to force a compromised device to reload unexpectedly, resulting in a denial of service (DoS) condition. More on CVE-2024-20359 Vendor CVSS Score 6.0 Allows an unauthenticated, local attacker to execute arbitrary code with root-level privileges. (Note: Administrator privileges are required to exploit this vulnerability.) Potential Risk? The APG and Cisco have confirmed that these two vulnerabilities are currently actively exploited in the wild! Specifically, Cisco's Talos Intelligence reported an ongoing campaign ("ArcaneDoor"), in which threat actors from UAT4356 deployed two backdoors (“Line Runner” and “Line Dancer”). These threat actors conducted multiple malicious activities, including: Configuration modification, Reconnaissance, Network traffic capture and exfiltration, and Potential lateral movement. How to Mitigate Today, Cisco recommends: Applying software updates with patches for the impacted Cisco ASA and FTD software. Using their provided Cisco Software Checker to help users identify vulnerability exposure to these and other CVEs. Note: Cisco has not identified other workarounds for either CVE-2024-20353 or CVE-2024-20359! For more information ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices Cisco Adaptive Security Appliance and Firepower Threat Defense Software Persistent Local Code Execution Vulnerability Cisco Adaptive Security Appliance and Firepower Threat Defense Software Web Services Denial of Service Vulnerability submitted by /u/blackpoint_APG [link] [comments]

The world we live in now is created by software Engineers, I’m not talking about the metaverse but cyberspace where all our digital…Continue reading on Medium »

Hi there! I’m Roman Panin, the head of the Security Architecture at Mobile TeleSystems (public company, the largest mobile network…Continue reading on Medium »

Strengthen your business against cyber threats. Conduct audits, update policies, collaborate with IT, control access, monitor users etc.Continue reading on Medium »

Strengthen your business against cyber threats. Conduct audits, update policies, collaborate with IT, control access, monitor users etc.Continue reading on Medium »

In the bustling metropolis of London, where life moves at a rapid pace, ensuring safety and security is paramount. Amidst the vibrant…Continue reading on Medium »

Photo by FlyD on UnsplashContinue reading on Medium »

Nowdays we need to secure our APIs more than ever and JSON Web Tokens helps us with itContinue reading on Medium »

So I'm a middle school kid who wants to eventually work a cybersecurity job. I want to show colleges that I am proficient at this field, and I want to evaluate my own skills. Any ideas for popular CTFS? submitted by /u/Jarvis_Creator24 [link] [comments]

Nehmen Sie an CyberConnect’s Season 2 Rewards Programm teil und erleben Sie eine neue Ära des Social NetworkingContinue reading on Medium »

Nehmen Sie an CyberConnect’s Season 2 Rewards Programm teil und erleben Sie eine neue Ära des Social NetworkingContinue reading on Medium »

While America looks forward to the potential of cyberspace and associated technologies to improve the quality of human life, threats…Continue reading on Medium »

Join CyberConnect’s Season 2 Rewards Program for a New Era of Social NetworkingContinue reading on Medium »

Imagine a world where even politicians don’t lie. Sounds strange, right?Continue reading on New Writers Welcome »

Aisha Malik — TechCrunch “President Biden has signed a bill that would ban TikTok if its Chinese parent company, ByteDance, fails to sell…Continue reading on Medium »

submitted by /u/Offsec_Community [link] [comments]

Discussion topic—At what point does a Sr. Security Analyst cross into a Security Engineering role? And when would the right time be to ask for that promotion or raise? submitted by /u/MadMax303 [link] [comments]

submitted by /u/CYRISMA_Buddy [link] [comments]

submitted by /u/CYRISMA_Buddy [link] [comments]

submitted by /u/CYRISMA_Buddy [link] [comments]

In the realm of data protection, Fidelity Height has long been synonymous with innovation and reliability. Our latest release, Opal Lock…Continue reading on Medium »

Unlocking Productivity: Discover the Top Tools Revolutionizing Remote Work in TechContinue reading on Bootcamp »

I’m new to doing GRC. I’m also aware there are a lot of people in GRC that aren’t technical. So to the nontechnical GRC, how do you assess controls after the developers or IT implement them? Are you using the honor system trusting others work? Do you wait for an auditor to do it or something else? submitted by /u/Ronin3790 [link] [comments]

Hey there, I would like to get some advice from you guys on how to transition from penetration testing to a Soc analyst L1 position. I've been Applying for the job since last month but it's failed. Also, I would like to add that I already attained some certifications like BTL1(Security Blue Team), EJPT(eLearnSecurity), and AZ-900 from Azure. what steps do you think I need to take for me to land the job? I have 5 years of experience in cybersecurity In my first 3 years I was a Technical support engineer I handled some security solutions like AV, EDR, and DLP. After my technical support engineer days, I became a Penetration tester. Thank you in advance for your advice. submitted by /u/Tempest120404 [link] [comments]

submitted by /u/gawdarn [link] [comments]

submitted by /u/formacarta [link] [comments]

Hey there, So, I'm a European student currently grinding through my first year of a Bachelor's degree in IT. I've got this opportunity lined up a six-month internship as a cybersecurity analyst that could potentially lead into a full-time job. But here's the kicker: juggling work during the day and hitting the books at night is proving to be one heck of a struggle. I'm not sure I can keep this up for another two years. Here's the burning question: In the job market, what's more important—having two years of hands-on cybersecurity experience but no degree, or having that degree but lacking real-world experience? I've noticed a ton of job listings demanding a degree, so I'm curious to hear your thoughts on this dilemma. submitted by /u/Defiant_Rip1515 [link] [comments]

https://arstechnica.com/security/2024/04/hackers-infect-users-of-antivirus-service-that-delivered-updates-over-http/ submitted by /u/vicariouslywatching [link] [comments]

More than a month ago while trying to open notion I clicked on first result of google search which was an ad. Usually I don't click on ads but this time I was in a bit of hurry and didn't pay attention. The name, description but most important the link looked good but on click it opened completely different site. I recorded a video (https://youtu.be/fI3U2Blo8DY) just in a case and planned to investigate in a bit but got carried away with work and completely forgot about it. I thought that I understand how internet works but it this part is a bit confusing. One time I was helping a friend of mine to investigate similar issue with his wordpress site and we found a sneaky virus that was redirecting selected request to some Japanese store. But I don't think that this is the case with notion as they are big enough not make this types of mistakes. So can I just give arbitrary links in google ads and pretend to be any site or there is other technique that I am missing? submitted by /u/tootac [link] [comments]

New Microsoft guide for Incident Response is great. Link to article and pdf below, i especially like the way they talk about the Forensics Artifact application along with Common Pitfalls: https://www.microsoft.com/en-us/security/blog/2024/04/23/new-microsoft-incident-response-guide-helps-simplify-cyberthreat-investigations/ https://cdn-dynmedia-1.microsoft.com/is/content/microsoftcorp/microsoft/final/en-us/microsoft-brand/documents/IR-Guidebook-Final.pdf submitted by /u/Ok_Revolution5780 [link] [comments]

I am currently working as a SOC Manager, and will have 40 cybersecurity students attending our office next week to understand what we do, and also participate in a workshop focused on incident response. I intend to split the students into teams of 4 or 5 and each team will work through the same exercises independently, and I will then review feedback from each team as we progress through the exercise. The exercise will likely be a few hours. We do table top exercises with customers, but nothing of this scale. So, I need some engaging ideas that will make this exercise manageable, enjoyable and informative. I have asked ChatGPT for ideas, but I would like to know if anyone has participated in anything similar that has worked well? (FYI, It is too late at this stage to arrange a technical exercise (E.g CTF, Computer-based exercises). submitted by /u/kmsec [link] [comments]

submitted by /u/Odd-Access3591 [link] [comments]

Hi everyone, I'm reading Mandiant's most recent M-Trends Special Report - Excutive Edition (grab you copy here) and the second sentence is (emphasis mine) Dwell time is the number of days an attacker is on a system from compromise to detection, and in 2023 the global median dwell time is 10 days, down from 16 days in 2022 . Now, IBM Security (here) reports were different figures for what I see as similar metrics: Compared to 2022, both the mean time to identify (MTTI) and the mean time to contain (MTTC) breaches saw only marginal changes. [...] In 2022, it took organizations 207 days to identify a breach. In 2023, it took only 204 days. On the other hand, organizations required an average of 73 days to contain breaches in 2023, while they required just 70 days on average in 2022. Am I wrong in thinking that those two figures shouldn't be that different, even taking in consideration the different sample the figures are calculated from? Or I am missing something and the two reports are referring to two very different facts (i.e. "dwell tme" <> "mean time to identify")? Thanks in advance for you help and insight! submitted by /u/Maxferrario [link] [comments]

as title states, wanted to see if this is normal or a odd org structure. Corporate devices and SaaS stuff for the workforce is managed by IT who is under the CFO, Technology created and used by the company, along with Me the Security Lead, are under the CTO. This is the first place ive had an org structure like this where different C-level folks are managing different parts of the infrastructure. CTO is very involved in Engineering and Security, CFO basically unaware of what IT does besides budget from what it seems like. Engineering under CTO has been moving towards a more mature Org, IT is in a “its always been like this” mindset. Feeling frustrated as IT is not very cooperative and slow walks anything security related, not much CTO can do, we have constant discussions about ITs ability. submitted by /u/Azurite53 [link] [comments]

Does the company take on a small portion of the responsibility or suggest that the company engage a full SOC submitted by /u/Arvid23 [link] [comments]

One can assume that their personal information has been leaked dozens of times over the years. From SSN’s (for Americans), passwords, full names, addresses, PIN’s, and much more. One thing I’ve been surprised hasn’t happened - the electronic stealing of funds from central banks. I’m not talking about gaining access to someone’s personal bank account and draining funds. Or draining crypto. I’m talking about gaining access to central financial databases and editing balances, causing havoc and widespread panic, or simply skimming a little off the top. Can this even be done? submitted by /u/teknoprep [link] [comments]

This is the weekly thread for career and education questions and advice. There are no stupid questions; so, what do you want to know about certs/degrees, job requirements, and any other general cybersecurity career questions? Ask away! Interested in what other people are asking, or think your question has been asked before? Have a look through prior weeks of content - though we're working on making this more easily searchable for the future. submitted by /u/AutoModerator [link] [comments]