In the world of webdesign, most creators focus on launches, layouts, and one-time project fees. A website goes live, the invoice is paid…Continue reading on Medium »

How modern AWS teams stop credential leaks before they happen.Continue reading on Medium »

Imagine this scenario: you launch a new application, and within a few months, it explodes to 100,000 users. Ratings are high, the…Continue reading on Android Alchemy »

Hi there! Java remains one of the main languages for server-side development. And for server applications, the most important thing is to…Continue reading on Medium »

เตือนภัย Ad Blocker ปลอมระบาด แกล้งทำ Chrome ล่ม หลอกให้กดแก้เองเพื่อฝังมัลแวร์Continue reading on Medium »

Read time: ~9–12 minutes Audience: IT admins, security leads, SOC/IR, MSPs, and SMB owners who need a “patch + prove + preserve” playbook.Continue reading on MeetCyber »

Payment Bypass Guide..Continue reading on Medium »

Si consideras cada uno de estos puntos puedes volverte invisible en la red por el tiempo que mantengas en linea tu propia lineaContinue reading on Medium »

For a successful cyber-attack we need access and not malware.Continue reading on Medium »

Learn how authentication works, why passwords are hashed, and how to spot suspicious activity on your computer.Continue reading on Medium »

Industrial automation systems are no longer isolated control environments. Today’s PLCs, industrial controllers, gateways, sensors, HMIs…Continue reading on Medium »

Sometimes it comes from exploiting trust assumptions. Zendesk worked exactly as designed, but the design optimized for frictionless support over adversarial thinking. submitted by /u/rangeva [link] [comments]

submitted by /u/NISMO1968 [link] [comments]

submitted by /u/donutloop [link] [comments]

Why Lasting Strength Lies in Knowing What Not to DoContinue reading on Medium »

Over the past few years, society has become increasingly aware of deepfakes, online scams, impersonation, and coordinated digital abuse…Continue reading on Medium »

I have a good number of Dmarc reports that I have to review. However I am need to download the report unzip the file and then read the reports. I was wondering how could I script something to aggregate many reports into one XML file that I could read on a weekly basis. submitted by /u/Fresh_Heron_3707 [link] [comments]

Cryptocurrency offers huge opportunities, but the truth is that scams continue to trap thousands of beginners every year. In 2026, as the…Continue reading on Medium »

Construction sites are bustling hubs of activity, but they can also be vulnerable to theft, vandalism, and safety hazards. Ensuring the…Continue reading on Medium »

IntroductionContinue reading on Medium »

As India celebrates another year of independence and progress, the definition of freedom has evolved. In today’s fast-paced world, true…Continue reading on Medium »

A real AI kill switch isn’t a privacy promise — it’s technical denial. If the assistant can’t connect, can’t fetch, and can’t send, it…Continue reading on Medium »

Unified Endpoint Management (UEM) Software market is entering a period of dynamic growth, fueled by the increasing complexity of IT…Continue reading on Medium »

submitted by /u/thejournalizer [link] [comments]

Microsoft's "responsible AI" commitment: They fired their entire Ethics and Society team in 2023, then shipped Windows Recall storing continuous screenshots in an unencrypted SQLite database accessible to any malware. It took 8+ months to add basic security measures that should have been obvious from the start. Independent Copilot research found 41% more bugs introduced into codebases. Emissions up 29.1% since their carbon negative pledge. I fact-checked 8 of Nadella's Davos claims. Only 1 held up. submitted by /u/jpcaparas [link] [comments]

Hello friends. Is it useful to have meaningful looking decoys during a brute-force attack? Say the secret message is “Hola.” The attacker brute forces and ends up finding variants like “Aló.” or “Mato”. The attacker can't know if they got the 'real' message or a decoy. Is there any real advantage to generating these “search spaces with meaning” instead of just random strings like “xjkl,”? submitted by /u/Tristanico [link] [comments]

Due to some circumstances a fintech SMB of 40-80 employees needs to get Data Leakage Prevention soft just for the sake of having it. Which DLP solution would you get to deploy on user workstations? Priority is - easy to set up, not too expensive, not too useless. (These levers can be tuned if nothing fits the bill) submitted by /u/passionlesse [link] [comments]

Hey people maybe a very frequently asked question but I’m trying to pick a solid cloud security platform for a 100 person company and could use some input. We’re looking for something that’s good at threat detection, helps with compliance stuff (SOC 2, ISO, etc.) and isn’t a nightmare to manage or super expensive. We don’t have a huge security team so ease of use and good integrations are pretty important too. Appreciate any thoughts! submitted by /u/Comfortable_Front561 [link] [comments]

Fortinet customers are seeing attackers exploiting a patch bypass for a previously fixed critical FortiGate authentication vulnerability (CVE-2025-59718) to hack patched firewalls. submitted by /u/rkhunter_ [link] [comments]

Once again, data shows an uncomfortable truth: the habit of choosing eminently hackable passwords is alive and well submitted by /u/tekz [link] [comments]

CVE-2025-59718, a critical authentication bypass flaw that attackers exploited in December 2025 to compromise FortiGate appliances, appears to persist in newer, purportedly fixed releases of the underlying FortiOS. submitted by /u/tekz [link] [comments]

Hey all, first time joining here... was wondering if I could get opinions on a system I'm putting together and am ready to begin cloning for internal use for doing our paid internal assessments (not pentests). TLDR: From my pic, do you think there's anything essential I should add? In the past when we would do network scans and audits for clients, we would generally have our clients either set up an unused desktop/laptop or VM for us to run our RapidFireTools scans on, but I always felt like it was really lacking in scope for everything else we could do, so I began doing bloodhound scans and stuff like responder when possible... but it was always hit and miss because the system(s) they would provide us would often be locked down with EDR and/or we would only be able to connect through VPN, which has it's own limitations. So I was able to convince my boss to start buying these little MiniPC's with a high core/thread count and lots of RAM. Only mod was adding a 2tb NVME for extra space. The first one arrived last week and I got to work. It's got the below installed/configured: - Proxmox w/ 2 NICs and 3 virtual bridges vmbr0 - faces client network for direct interaction ideally with all VLAN tags available to us vmbr1 - internally facing with virtual network vmbr2 - paired w/ second NIC to connect to TAP/Spanned port for traffic monitoring - Virtual Firewall Has 2 virtual NICs... one WAN to vmbr0, LAN to vmbr1 Fulfills two needs: provides a controlled network w/ static leases for VMs with web UIs, and connects select services through a full site-to-site VPN to our data center if the client network has restrictive outbound filtering (e.g., QUIC). - Windows 11 VM I installed our usual go to Rapid Fire Tools suite here SharpHound, AzureHound Ping Castle Purple Knight - Kali VM We only plan on using a few tools here, we are not generally paid to do pentests, just scan assessments, so in general I plan on just using tools like responder to get a view of what is what... but if any of you have suggestions for simple tests to do here that doesn't drift in scope too much, I'd be happy to get input here - Ubuntu Container Host VM Technically I could have spun this up on the Kali VM, but preferred to do it in a separate instance since it's the system we're standing on for accessing this entire platform externally outside our clients network Containers include: Cloudflared Tunnel with SSO protected access to all WebUi's Nginx Reverse Proxy Manager - for routing to Web Ui's of various platforms and Interfaces SysReptor - For creating the markdown version of the report we'll be generating. The Ui is a little clunky, but I LOVE what it can do... if there's something better out there, I'd love to get input BloodHound for ingesting the Sharphound and Azurehound data KASM front end interface for RDP and KasmVNC access to the Windows and Kali VM's, plus I stood up a Kasm workspace for ParrotOS and Maltego (just for fun). OpenVAS - Security Onion (I haven't played w/ this in years, excited to use it for this) Set this up to monitor our activity and present it with our findings at the end in case our clients don't have anything seeing/alerting for our activity. vmbr1 is used for it's management interface, vmbr2 is the monitoring interface it's been a long time since I touched SO, so I'm still relearning the interface Note about SecurityOnion: I'm actually having some difficulty with the SecurityOnion setup on proxmox. By default it binds bond0 with the scanning NIC, but on install on ProxMox it always fails to complete and from what I can tell never finishes the bond0 to monitoring NIC configuration. I tried getting it set up manually, but TCP dumps always show there's nothing happening on bond0, whereas ens19 (the vmbr2 monitoring NIC) shows all the live data from the spanned port I'm plugged into. For now I've manually forced SecurityOnion to use ens19, but I don't think it's ideal. Anyways, please let me know your guys thoughts and suggestions. I'm excited to deploy this to our client's location (probably end of this week), and to get this going as a standardized toolbox for us doing other assessments with other clients. submitted by /u/Matt_CyberGuy [link] [comments]

submitted by /u/NISMO1968 [link] [comments]

Hi everyone. I'm doing some school research into the threat models and trust assumptions of current password breach checking methodologies for e.g., the HIBP API model. The prevailing model is centralized: the client sends a hash prefix (k-anonymity model), server returns a list of full hashes for the client to check locally. This is a great improvement over sending plain text. However, from a strict adversarial or "Zero Trust" standpoint, the server still receives a unique identifier (the hash prefix) and can link requests. In a high-sensitivity environment, even this metadata might be a concern. I'm hoping to spark a technical discussion: Protocol Design: Is there a practical way to design a breach check where the server learns nothing about the query (not the prefix, not the result)? Could techniques like Private Set Intersection (PSI) or Oblivious HTTP be applicable here, or are they too computationally heavy? Risk Assessment: How do you, as professionals, weigh the actual risk of metadata leakage from hash prefixes against the immense benefit of widespread breach checking? Is this a priority for enterprise security architectures? Adoption Barrier: If a more private protocol existed but required slightly more client-side computation or a different architecture, what would be the key factors for an organization like yours to consider adopting it? Looking for informed opinions, critiques of the premise, or references to relevant academic/industry work in this space. Thanks in advance! submitted by /u/Take_A_Shower_7556 [link] [comments]

submitted by /u/eatfruitallday [link] [comments]

https://cybernews.com/security/eu-launches-cve-alternative-gcve-vulnerability-database/ submitted by /u/Cybernews_com [link] [comments]

Hey everyone, I’ve been thinking about learning cybersecurity and wanted to ask for some honest advice. I’m an Afghan war veteran and I currently work in the social work field. I see people getting scammed all the time mostly because they don’t have basic computer skills. I’m not an expert myself either, but seeing this every day made me curious about cybersecurity and how this stuff actually works. I’m in my 40s and I’m trying to be realistic. I’m not trying to switch careers overnight or pretend I’m going to be some kind of hero. I just want to actually understand the basics properly and keep learning at my own pace. What I’m hoping to do is: Learn the fundamentals of cybersecurity in a way that makes sense Learn some Python at a beginner level but in a practical way Maybe get a certificate at some point If it works out, possibly do something part time or learning focused later on A few questions I have: Books Are there any books you’d recommend that explain cybersecurity in a big picture way without being overly technical or full of hype Also any Python books that are good for someone who is still learning computers in general Hardware I’m currently using a MacBook with an M1 chip Is that fine for learning and practice or would it be better to get a cheap used laptop just for labs Linux virtual machines etc Courses or certificates Are there any self paced courses or beginner friendly certs that are actually worth the time Something that doesn’t assume a strong tech background and is doable while working full time I know Reddit can be sarcastic sometimes and that’s fine. Just putting this out there that due to service related injuries I sometimes take things more literally than intended. Straightforward answers would really help. Thanks for reading and I appreciate any advice. submitted by /u/Odd-Conversation5108 [link] [comments]

Hey everyone. I recently made it to the third round of interviews with a large holdings company for a cybersecurity analyst role. On paper, the position seemed focused on phishing and malware triage and incident response. After the second interview, though, I found myself feeling pretty intimidated. The interviewer spoke at length about how strong and experienced the team is and how demanding this role can be. The position involves owning projects and areas of subject matter, serving as a resident expert in certain domains, coordinating with vendors and internal teams to meet project goals, participating in daily meetings, and providing weekly progress updates directly to the CISO. For some background, I currently work at a smaller company where I have a lot of autonomy and flexibility. I am confident in my skills and performance, but everything I do is on a much smaller scale than what this role would require. I am only three years into my career, and honestly, I do not feel fully qualified for this position. That said, they keep moving me forward in the process, which makes me think they see potential in me that I do not quite see myself. The offer would be nearly double my current salary and includes a hybrid schedule, which makes it very tempting. At the same time, I am worried about leaving a comfortable role only to be overwhelmed in a much more demanding environment and risk not succeeding. Has anyone else been in a similar situation, or dealt with this kind of career leap before? submitted by /u/jasee3 [link] [comments]

there are none, swear I've searched a ton, it's like 1/50 internships as of right now and the qualifications and requirements go bazonnga, most of them require you to be fully graduated, or have won multiple ctf competitions, I gave up searching and accepted an offer for IT infrastructure, this is just my experience, what about you guys? submitted by /u/Apprehensive_Mud864 [link] [comments]

submitted by /u/Bad_Grammer_Girl [link] [comments]

Sophos XDR detected a file named svhost.exe located at: C:\Windows\System32\svhost.exe A few things about this file feel off, and I’m trying to determine whether this is a true red flag or some edge-case behavior. Observations: The filename is svhost.exe (not svchost.exe), which already raises suspicion. It’s located in System32. The file has the AHS attributes. It’s hidden and not visible in File Explorer. It can only be seen via CMD using dir /a. File size is approximately ~802 MB, which seems extremely unusual for anything named like a system binary. unable to retrieve File hash & owner The file is not actively running as a process. However, there are file system interactions associated with a Sophos PID. Observed DLL interactions: hmpalert.dll user32.dll sophosED.dll comctl32.dll winmm.dll cryptbase.dll powrprof.dll umpdc.dll At the moment, I’m trying to identify: Persistence mechanisms - registry, services, scheduled tasks, WMI Execution history - was it ever launched, by what, and when I’m unable to calculate the hash or determine ownership, which is making deeper analysis difficult. Questions: Has anyone encountered a similar scenario with Sophos XDR? Would you consider a hidden ~800 MB executable in System32 with a typo-squatted name to be a strong indicator of compromise? What would be the recommended hunting approach here beyond the usual persistence checks? Any Sophos-specific telemetry or Windows artifacts you’d suggest focusing on? Appreciate any insights or real-world experiences with cases like this. submitted by /u/rick_Sanchez-369 [link] [comments]

With so many cybersecurity events happening across Asia in 2026, I’m curious whether people still find big conferences valuable. Do they offer real technical insights, or are they mostly vendor-driven now? Interested in perspectives from folks who’ve attended regional cyber events recently. submitted by /u/Educational-Split463 [link] [comments]

submitted by /u/Dramatic_Thought_259 [link] [comments]

This is the weekly thread for career and education questions and advice. There are no stupid questions; so, what do you want to know about certs/degrees, job requirements, and any other general cybersecurity career questions? Ask away! Interested in what other people are asking, or think your question has been asked before? Have a look through prior weeks of content - though we're working on making this more easily searchable for the future. submitted by /u/AutoModerator [link] [comments]