Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "cyber-security"
-
buzzword translations:
"cloud" -> someones computer
"big data" -> lots of somewhat irrelevant data
"ai" -> if if if if if if if if if if if if if else
"algorithm" -> something that works but you don't know why
"secure" -> https://
"cyber security" -> kali linux + black hoodie
"innovation" -> adding something completely irrelevant such as making a poop emoji talk
"blockchain" -> we make lots of backups
"privacy" -> we store your data, we just don't tell you about it40 -
Our designer (and frontender) just saved my ass big time. Had to do a tiny project involving design and frontend so I gave it a try and it looked like crap, deadline in a week. The designer made the most beautiful thing in like two days.
Kudos to all designers for doing what they're good at and ensuring that we, backenders (and cyber security people for that matter), can do our thing without having to worry about knowing how to design stuff and create interfaces because we might hate doing that and sometimes just really suck at it.
Kudos designer guys/girls!8 -
A while ago (few months) I was on the train back home when I ran into an old classmate. I know that he's a designer/frontend/wordpress guy and I know that he'll bring anyone down in order to feel good. I also know that he knows jack shit about security/backend.
The convo went like this:
Me: gotta say though, wordpress and its security...
Him: yeah ikr it's bad. (me thinking 'dude you hardly know what the word cyber security means)
Me: yeah, I work at a hosting company now, most sites that get hacked are the wordpress ones.
Him: yeah man, same at my company. I made a security thing for wordpress though so we can't get hacked anymore.
Me; *he doesn't know any backend NOR security..... Let's ask him difficult stuff*
Oh! What language did you use?
Him: yeah it works great, we don't get hacked sites anymore now!
Me: ah yeah but what language did you use?
Him: oh it's not about what language you use, it's about whether it works or not! My system works great!
Me: *yeah.....right.* oh yeah but I'd like to know so I can learn something. What techniques did you use?
Him: well obviously firewalls and shit. It's not about what techniques/technology you use, it's about whether it works or not!
That's the moment I was done with it and steered the convo another way.
You don't know shit about backend or security, cocksucker.16 -
So a fucking friend of mine makes me meet this fella who is a big shot according to his LinkedIn and please note has too much experience with Web Apps and Python
Me being naive actually trusted that and I meet him.
Fella: So what do you do?
Me: I am into Cyber Security nothing much I just do bug hunting for now
Fella: You know python will help you right?
Me: Sorry?
Fella: You see you have to be a python programmer for anything you want to do in CS
Me: Me yeah I kinda know python actually I am more into Ruby from start so ( Around this time I kinda sensed that he is a fake tech guy he is a corporate asshole)
Fella: show me any of your work
Me: (So to show him one of the thing I was working on I open GitHub desktop app) Me explaining blah blah blah
*Fella is in shock*
So at this point I was thinking probably he is impressed and that's why the shock right?
No a big fucking no
Apparently he never heard about GitHub or git and got blown away by the interface.
And the friend who made me meet that guy is not my fucking friend anymore that prick can die for ruining my day18 -
Another incident which made a Security Researcher cry 😭😭😭
[ NOTE : Check my profile for older incident ]
-----------------------------------------------------------
I was invited by a fellow friend to a newly built Cyber Security firm , I didn't asked for any work issues as it was my friend who asked me to go there . Let's call it X for now . It was a good day , overcast weather , cloudy sky , everything was nice before I entered the company . And the conversation is as follows :
Fella - Hey! Nice to see you with us .
Me - Thanks! Where to? *Asking for my work area*
Fella - Right behind me .
Me - Good thing :)
Fella - So , the set-up is good to go I suppose .
Me - Yeah :)
*I'm in my cabin and what I can see is a Windows VM inside Ubuntu 12.4*
*Fast forward to 1 hour and now I'm at the cafeteria with the Fella*
Fella - Hey! Sup? How was the day?
Me - Fine *in a bit confused voice*
Fella - What happened mate , you good with the work?
Me - Yeah but why you've got Windows inside Ubuntu , I mean what's the use of Ubuntu when I have to work on Windows?
Fella - Do you know Linux is safe from Malwares?
Me - Yeah
Fella - That's why we are using Windows on VM inside Linux .
Me - For what?
Fella - To keep Windows safe from Malwares as in our company , we can't afford any data loss!
Me - 😵 *A big face palm which went through my head and hit another guy , made me a bit unconscious*
I ran for my life as soon as possible , in future I'm never gonna work for anyone before asking their preferences .7 -
You think a junior dev pushing his code onto a production server is bad? Wait till you have that admin who is illegally mining Bitcoin on your production server. 😂
I went for a Cyber Security conference today with one of managers and this was one of the life experiences some of the speakers shared.18 -
Currently at a cyber security event.
The most ironic thing is that the WiFi here is not secured...20 -
So I've been looking for a Linux sysadmin job for a while now. I get a lot of rejections daily and I don't mind that because they can give me feedback as for what I am doing wrong. But do you know what really FUCKING grinds my FUCKING gears?
BEING REJECTED BASED ON LEVEL OF EDUCATION/NOT HAVING CERTIFICATIONS FOR CERTAIN STUFF. Yes, I get that you can't blindly hire anyone and that you have to filter people out but at least LOOK AT THEIR FUCKING SKILLSET.
I did MBO level (the highest sub level though) as study which is considered to be the lowest education level in my country. lowest education level meaning that it's mostly focused on learning through doing things rather than just learning theory.
Why the actual FUCK is that, for some fucking reason, supposed to be a 'lower level' than HBO or Uni? (low to high in my country: MBO, HBO, Uni). Just because I learn better by doing shit instead of solely focusing on the theory and not doing much else does NOT FUCKING MEAN THAT I AM DUMBER OR LESS EDUCATED ON A SUBJECT.
So in the last couple of months, I've literally had rejections with reasons like
- 'Sorry but we require HBO level as people with this level can analyze stuff better in general which is required for this job.'. - Well then go fuck yourself. Just because I have a lower level of education doesn't FUCKING mean that I can't analyze shit at a 'lower level' than people who've done HBO.
- 'You don't seem to have a certificate for linux server management so it's a no go, sorry!' - Kindly go FUCK yourself. Give me a couple of barebones Debian servers and let me install a whole setup including load balancers, proxies if fucking neccesary, firewalls, web servers, FUCKING Samba servers, YOU FUCKING NAME IT. YES, I CAN DO THAT BUT SOLELY BECAUSE I DON'T HAVE THAT FUCKING CERTIFICATE APPEARANTLY MEANS THAT I AM TOO INCOMPETENT TO DO THAT?! Yes. I get that you have to filter shit but GUESS WHAT. IT'S RIGHT THERE IN MY FUCKING RESUME.
- 'Sorry but due to this role being related to cyber security, we can't hire anyone lower than HBO.' - OH SO YOUR LEVEL OF EDUCATION DEFINES HOW GOOD YOU ARE/CAN BE AT CYBER SECURITY RELATED STUFF? ARE YOU MOTHERFUCKING RETARDED? I HAVE BEEN DOING SHIT RELATED TO CYBER SECURITY SINCE I WAS 14-15 FUCKiNG YEARS OLD. I AM FAMILIAR WITH LOADS OF TOOLS/HACKING TECHNIQUES/PENTESTING/DEFENSIVE/OFFENSIVE SECURITY AND SO ON AND YOU ARE TELLING ME THAT I NEED A HIGHER LEVEL OF FUCKING EDUCATION?!?!? GO FUCKING FUCK YOURSELF.
And I can go on like this for a while. I wish some companies I come across would actually look at skills instead of (only) study levels and certifications. Those other companies can go FUCK THEMSELVES.39 -
Got a call from a recruiter today. (Keep in mind that using WhatsApp is about a requirement over here.)
R: so can I app you (I hate that word to the fucking point) with further details?
Me: *oh fuck this is gonna get me fucked again* uhm I don't use it so yah...
R: ohhh okay, security reasons?
Me: *slight relief* yes indeed, sir
R: oh fair enough, you can always just text and call me!
*very relieved feeling*
It's for either a cyber security or linux job by the way.29 -
I'm a week into my new job right now. What do I love the most about it?
Learning things all day long and getting paid for it!
I'm learning about hosting things, DNS, cyber security, configurations, Linux (although my current skill set with Linux has been enough for now) and so on!
Hell, easy day today (not that many tickets) so decided to start learning Ansible! Next to that I've gotta learn vim (it just autocorrected that to cum.... O.o), work with hosting panels, mail stuffs (dns, debugging etc etc) and so fucking on.
The boss hasn't been at location yet which will happen tomorrow but he seemed like a very chill guy.
I love this!21 -
I'm a programmer and an aspiring cyber security specialist. Yesterday, after I gave a presentation about smart bulb hacking, I heard through a coworker that a cyber security company is interested in talking to me. Yay!11
-
(The PM is pretty technical)
One day:
Me: Could you create this subdomain?
PM: Sure, just a sec.
Me: Ohh and could you add a letsencrypt cert? (one click thingy)
PM: Why would you need that on this kinda site...
Me: Well in general for security...
PM: Nahh.
*walks away*
Next day:
(referring to my internship manager/guider as Bob)
Bob: Hey... we have a new subdomain!
Me: Yup!
Bob: Wait why is there no letsencrypt certificate installed...?!?
Me: Well, the PM didn't find that neccesary...
Bob: (Oo) of course it is... are we going for security by default or what?
Me: Yup agreed.
Bob: *creates cert and sets everything up in under a minute*
It wasn't a high profile site (tiny side project) but why not add SSL when you can for free?8 -
Cybersecurity:
>nothing happens
>I can't believe we pay your useless ass to sit around doing nothing all day!
>something happens
>this is your fault1 -
Me: So what you are doing in the IT field?
Him: I am hacking bank websites.
Me: OK, that's cool. It is good in free time. What is your actual job?
Him: I am seriously hacking the bank Web site!
Me: Trust me, if you seriously doing that you will never ever mentioned it...
Him: No, I am doing it legally... The bank hiring me to try to hack the website...
Me: OK, you mean that you are cyber security tester?
Him: That is almost the same...
Me: So you are tester?
Him: I am hacking bank's websites...
Me:....7 -
Following a conversation with a fellow devRanter this came to my mind ago, happened a year or two ago I think.
Was searching for an online note taking app which also provided open source end to end encryption.
After searching for a while I found something that looked alright (do not remember the URL/site too badly). They used pretty good open source JS crypto libraries so it seemed very good!
Then I noticed that the site itself did NOT ran SSL (putting the https:// in front of the site name resulted in site not found or something similar).
Went to the Q/A section because that's really weird.
Saw the answer to that question:
"Since the notes are end to end encrypted client side anyways, we don't see the point in adding SSL. It's secure enough this way".
😵
I emailed them right away explaing that any party inbetween their server(s) and the browser could do anything with the request (includingt the cryptographic JS code) so they should start going onto SSL very very fast.
Too badly I never received a reply.
People, if you ever work with client side crypto, ALWAYS use SSL. Also with valid certs!
The NSA for example has this thing known as the 'Quantum Insert' attack which they can deploy worldwide which basically is an attack where they detect requests being made to servers and reply quickly with their own version of that code which is very probably backdoored.
This attack cannot be performed if you use SSL! (of course only if they don't have your private keys but lets assume that for now)
Luckily Fox-IT (formerly Dutch cyber security company) wrote a Snort (Intrustion Detection System) module for detecting this attack.
Anyways, Always use SSL if you do anything at all with crypto/sensitive data! Actually, always use it but at the very LEAST really do it when you process the mentioned above!31 -
Someone asked for an RSS feed for the security/privacy blog, I thought?
Well, hereby! There are three feeds:
https://much-security.nl/main.xml - a feed which is updated with both blog posts and external links relating to privacy/security I find interesting/useful.
https://much-security.nl/own.xml - a feed only containing the blogs posts themselves. For people who are only interested in that part.
https://much-security.nl/external.x... - a feed only containing external links. For people who'd like to stay updated on recent cyber security/privacy thingies.
Tracking: every time a feed is visited, a redis value for that feed get's incremented. No time, ip addresses, user agent or whatsoever is saved. Just one variable getting increased once.
New domain name will also be revealed soon (probs tomorrow, going to bed soon as I've just been sick) :D.
Oh and just a warning, the main/external feed are the only ones populated with exactly one item right now :P30 -
A: There is not even a single forum for cyber security. Let's build one.
Me: Are you sure that there is not even a single forum?
A: Yes, I'm a cyber security expert. I have 5 years of experience in this field.
Me: **walks out quitely**1 -
Fucking China!
The only time they ever come out of their pathetic walled internet is to attack your servers.
Fuck that country.10 -
Paranoid Developers - It's a long one
Backstory: I was a freelance web developer when I managed to land a place on a cyber security program with who I consider to be the world leaders in the field (details deliberately withheld; who's paranoid now?). Other than the basic security practices of web dev, my experience with Cyber was limited to the OU introduction course, so I was wholly unprepared for the level of, occasionally hysterical, paranoia that my fellow cohort seemed to perpetually live in. The following is a collection of stories from several of these people, because if I only wrote about one they would accuse me of providing too much data allowing an attacker to aggregate and steal their identity. They do use devrant so if you're reading this, know that I love you and that something is wrong with you.
That time when...
He wrote a social media network with end-to-end encryption before it was cool.
He wrote custom 64kb encryption for his academic HDD.
He removed the 3 HDD from his desktop and stored them in a safe, whenever he left the house.
He set up a pfsense virtualbox with a firewall policy to block the port the student monitoring software used (effectively rendering it useless and definitely in breach of the IT policy).
He used only hashes of passwords as passwords (which isn't actually good).
He kept a drill on the desk ready to destroy his HDD at a moments notice.
He started developing a device to drill through his HDD when he pushed a button. May or may not have finished it.
He set up a new email account for each individual online service.
He hosted a website from his own home server so he didn't have to host the files elsewhere (which is just awful for home network security).
He unplugged the home router and began scanning his devices and manually searching through the process list when his music stopped playing on the laptop several times (turns out he had a wobbly spacebar and the shaking washing machine provided enough jittering for a button press).
He brought his own privacy screen to work (remember, this is a security place, with like background checks and all sorts).
He gave his C programming coursework (a simple messaging program) 2048 bit encryption, which was not required.
He wrote a custom encryption for his other C programming coursework as well as writing out the enigma encryption because there was no library, again not required.
He bought a burner phone to visit the capital city.
He bought a burner phone whenever he left his hometown come to think of it.
He bought a smartphone online, wiped it and installed new firmware (it was Chinese; I'm not saying anything about the Chinese, you're the one thinking it).
He bought a smartphone and installed Kali Linux NetHunter so he could test WiFi networks he connected to before using them on his personal device.
(You might be noticing it's all he's. Maybe it is, maybe it isn't).
He ate a sim card.
He brought a balaclava to pentesting training (it was pretty meme).
He printed out his source code as a manual read-only method.
He made a rule on his academic email to block incoming mail from the academic body (to be fair this is a good spam policy).
He withdraws money from a different cashpoint everytime to avoid patterns in his behaviour (the irony).
He reported someone for hacking the centre's network when they built their own website for practice using XAMMP.
I'm going to stop there. I could tell you so many more stories about these guys, some about them being paranoid and some about the stupid antics Cyber Security and Information Assurance students get up to. Well done for making it this far. Hope you enjoyed it.26 -
Anyone here who also got super bored while on a porn site and ended up pentesting that porn site..?14
-
Got called up today by my org's cyber security team.
Reason: Installed a font called "Hack" (https://github.com/source-foundry/...)
🤦♂️🤦♂️🤦♂️🤦♂️🤦♂️1 -
I watched the news recently and they talked about cyber security.
To demonstrate "how serious the topic is" they showed a screen with a terminal and literally pinged google.com.
I thought that was funny7 -
I think I ranted about this before but fuck it.
The love/hate relation I have with security in programming is funny. I am working as a cyber security engineer currently but I do loads of programming as well. Security is the most important factor for me while programming and I'd rather ship an application with less features than with more possibly vulnerable features.
But, sometimes I find it rather annoying when I want to write a new application (a web application where 90 percent of the application is the REST API), writing security checks takes up most of the time.
I'm working on a new (quick/fun) application right now and I've been at this for.... 3 hours I think and the first very simple functionality has finally been built, which took like 10 minutes. The rest of the 3 hours has been securing the application! And yes, I'm using a framework (my own) which has already loads of security features built-in but I need more and more specific security with this API.
Well, let's continue with securing this fucker!10 -
I'm soon graduating from a tech/IT school which recently specialized in cybersecurity.
Today when I changed my password on their website, it displayed the old one in clear text.
God damn it people, THIS is the reason why our school's reputation has been slowly but steadily going down.1 -
Some years ago I was in cyber security in the military being shown some new tech for our use. Was challenged to try and get past it after being explained it's basics. Took me one long line in Linux about 10 seconds.
Anomaly detection firewall with machine learning seemed like a good idea.
Setting it to aggressive response and then change the package header to the firewall's own address however made it kill itself.
We didn't deploy that firewall that I know of.5 -
So... remember my first rants about my network at my last ship?
https://devrant.com/rants/2076759/...
https://devrant.com/rants/2076890/...
https://devrant.com/rants/2077084/...
Well... I had to visit them for an unrelated matter and found out that they are to pass general inspection the next week. Among the inspectors is a member of the cyber defence team. I took a quick look at the network, finding the things I'd expect:
- No updates passed to the server or installed since I left
- No antivirus updates since I left
- All certificates were expired
- Most services were shut down or unused
- All security policies were shut down
- Passwords (without expiration now) were written on post-it and stuck on screens
- ... and more!
I told the XO (the same idiot that complained about them CONSTANTLY) and he just shrugged me off and told me to """fix""" it. In one fucking afternoon.
I. SHIT. YOU. NOT.
The new admin there is a low ranking person who hasn't the faintest idea of how this works, and isn't willing to learn, either. They just dumped the duty on him, and he seems not to care. The cyber security inspector is going to have a field day. Or get grey hairs.
I told the XO that I needed at least a week to get them into working order (I have to re-set up my virtual Windows 2012 R2 server, download 2 years' worth of updates, repair 2 years of neglect etc.). The answer was what I expected:
"You know computers, you can do your magic and get it done in an afternoon."
Thank god I got transferred and don't have to answer to that idiot any more. Now, popcorn time, as I watch the fireworks.
Yes, I am a vengeful guy. I have told them, twice now, of what would happen. They didn't listen. At least now, with an official report on their heads, they just might.3 -
Who's at fault for the recent Wanna Cry virus: The companies affected or Microsoft/NSA?
Personally, I think it's the companies affected. This is what happens when you try and be cheap when it comes to cyber security.8 -
!rant 📚 📑
Cybersecurity books @Humble Bundle
https://humblebundle.com/books/...
There is a really great Humble Book Bundle at the moment, starting at 1$. The bundle contains several cyber security books ("Practical Reverse Engineering" and "Security Engineering" have a good reputation).8 -
Cyber security. Deep knowledge of cyber security and networks is what I wish I had. The math stuff that no one bothers with, specifically.6
-
This isn’t gonna be a random because I do eventually get to a Tech and YouTube related topic.
YouTube is actually killing itself with all of the dumbass rules they’re implementing. Trying to child proof or limit educational content is genuinely a shit policy. The reason so many gaming channels are switching to twitch because it doesn’t try to censor you.
But now I don’t know if you’ve heard but YouTube updated their guidelines and they’re no longer allowing content that teaches people about Hacking essentially (and I hate putting it like that but I can’t remember the exact words they used Hacking just summarizes it) which is fucking ridiculous like what the fuck else, are they gonna stop allowing lock picking videos?
YouTube has always been an amazing FREE resource for people learning Programming, Cyber Security, IT related fields, and even shit like lock picking, cooking, car stuff, and all that stuff. Even sometimes when the tutorials aren’t as detailed or helpful to me they might be exactly what someone else needed. And Cyber Security can be a difficult topic to learn for free. It’s not impossible far from it, but YouTube being there was always great. And to think that a lot of those could be taken down and all of the Security based channels could either lose all revenue or just be terminated is terrifying for everyone but more so them.
A lot of people and schools rely on YouTube for education and to learn from. It’s not like YouTube is the only resource and I understand they don’t want to be liable for teaching people that use these skills for malicious purposes but script kiddies and malicious people can easily get the same knowledge. Or pay someone to give them what they want. But that’s unfair to the people that don’t use the information maliciously.
It’s the same for the channels of different topics can’t even swear and it’s ridiculous there’s so many better options than just banning it. Like FUCK kids nowadays hear swearing from their older siblings, parents, friends, and TV it’s inevitable whether someone swears or not and YouTube is not our parents, they aren’t CBS, so stop child proofing the fucking site and let us learn. Fuck.
TLDR YouTube is banning educational hacking videos and are being retarded with rules in general16 -
Fucked!
I have got my cyber security exam tomorrow morning and i just got a call from a client to make some urgent changes to his site.
To add to it, i already wasted around half an hour becoz GoDaddy Plex somehow decided to block my own IP in the firewall.
And now I am on devRant.
Crap. I am fucked!4 -
Doing compulsory cyber security training and it's like "if you click a malicious link report it to the IT helpdesk" I and I click agree knowing full well the closest thing to IT we have is me...2
-
So this just happened. Some background before I begin: We're understaffed, my desk is in the back of the building, and there's no one really at the front to greet people. No security either...
Guy walks in wearing a flannel jacket (no shirt under it), pajama pants, and sandals. He looks like hell. Explains he was just released from a hospital and his apartment is locked. I let him use my phone to call his sister.
When I talk to his sister, she barely wants to speak with him. Tells me his apartment is locked for a reason and he's not allowed back. I'm just like: "So... what would you have us do for him?" At this point if his sister won't help, I was going to ask him to leave. Oh, and that hospital was a drug rehab.
So it ends with him waiting for a ride, but he ends up napping on the couch in the front of our office. CEO/Owner and his business partner walk right past and say nothing. They go into a meeting. I'm trying to figure out if I ask him to leave, wait outside for his ride... I'm a developer, this isn't my job.
A good 45-60 minutes later, after the guy walked outside and then came back in and laid back down on the couch, he leaves with his ride. Shortly after the owner walks out of his meeting, so I ask him what to do in this situation - more hoping he'd realize the need for more security.
If this story isn't crazy enough, the business partner pipes up - absolutely serious - and says he didn't say anything because he thought the guy was a developer.
So I've learned that we've got extremely low hygiene standards for developers here, with a relaxed dress code and are allowed nap times on the front couch.
Thankfully our CYBER security is better than our PHYSICAL security. :|1 -
I am tired of my idiot ‘friends’ asking me if I can hack Facebook Instagram etc. because some other idiot made them mad. Like fuck no. 1 it’s unethical as hell 2 it’s illegal I don’t want to go to jail. 3 I’m learning cyber security NOT hack stuff because someone hurt your useless feelings.
Ohhh and they always get pissed off when I explain everything wrong with their idiotic request10 -
Please stop putting critical infrastructure to the internet. Security on the internet is a joke, and we won't be laughing the time when someone dies from a cyber attack on another pipeline/dam/weapons factory.23
-
Our local cyber security team has asked all to remove docker from their laptops, reason they can't track them
Most of our stack is aws fargate with nodejs and java springboot
Developers = wtf ?!!1 -
Well, here is another Intel CPU flaw.
I'm starting to think that all these were done on purpose...
https://thehackernews.com/2019/05/...3 -
OKAY BUT WHY THE FUCK DO PEOPLE HAVE TO ACT LIKE THEY'RE SOME KIND OF GOD WHEN THEY CAN'T EVEN PASS AN INTRO CLASS. Some background: I go to an early college in high school program which offers computer science where you take two college classes a semester starting you junior year in high school. AND THIS GIRL TALKS ABOUT THIS PROGRAM LIKE IT'S AWFUL AND SHE HATES IT AND HOW THE PROFESSORS DON'T TEACH AND SHE FAILED AN INTRO TO PROGRAMMING CLASS WHICH TEACHES JAVA BUT THEN SHE ACTS LIKE SHE'S WAY ABOVE THE OTHER KIDS IN MY CLASS BECAUSE SHE'S RETAKING IT. SHE'S ALSO A STUDENT ASSISTANT IN MY CYBER SECURITY CLASS BUT DOESN'T KNOW WHAT THE localhost IP IS. I UNDERSTAND THAT I DON'T KNOW EVERYTHING BUT AT LEAST I DON'T ACT LIKE I DO. IT'S SO INFURIATING!!!!!!
-
Anyone who's interested in cyber security, go follow Binni Shah (@binitamshah) on Twitter. The amount of tutorials and guides she retweets is crazy and very informative.
Also if you're not on Twitter you're missing out on a lot of content to learn from ✌️18 -
THE CODE USED IN MY MANDATORY ONLINE TRAINING ABOUT CYBER SECURITY AND STUFF LIKE THIS:
<script>window.showQuestion(someOverlyVerboseResponseFromTheServerWithTheCorrectAnswersMarked);
</script>
Oh boi it would be a real shame if someone proxied your precious function :)2 -
Comment a 1 if you’re a web dev.
Comment a 2 if you’re a game dev.
Comment a 3 if you’re a data scientist.
Comment a 4 if you’re in cyber security.
Comment a 5 if you’re in IT.
Comment a 6 if you don’t fit any of the above categories and you code only in PHP and refuse to learn any other language because you think PHP is the future.50 -
Rant considering the latest Cyber attack and the news around it.
(A recap: a lot of Windows computers were infected with ransomware (due to security hole on Windows), which demanded 300$ in bitcoins to unlock data. After 3 days the price would double, and after 7 days the data was to be deleted)
1) In our country, one of the biggest companies was attacked (car factory). The production stopped and they got for around 1 000 000€ damage in less than 24h (1300 people without work). The news said that they were attacked because they are such a big company and were charged more, as the hackers "knew who they were dealing with" - another reason being the fact that the text was in croatian (which is our neighbor country), but noone realized that it is just a simple google translate of english text - which is obviously not true. The hackers neither know nor care who is hacked, and will charge everyone the same. They only care about the payment.
2) In UK whole (or large part) of medical infrastructure went down. The main thing everyone was saying was: "Nobody's data is stolen". Which, again, is obvious. But noone said anything about data being deleted after a week, which includes pretty much whole electronic medical record of everyone and is pretty serious.
And by the way, the base of the ransomware is code which was stolen from NSA.
All that millions and millions of dollars of damage could be avoided by simply paying the small fee.
The only thing that is good is that (hopefully) the people will learn the importance of backups. And opening weird emails.
P.S. I fucking hate all that 'hacky thingys' they have all over the news.5 -
I find it hilarious the total misconception of hacking that the general public has. I tell people I know cyber security (Not as much as a lot of people around here) but it is a hobby of mine and I find it very useful/interesting.
But I can't stop but laugh when someone is like, can you get all the text messages my bf receives?
Can you hack this for me can you back that?
C'mon even if I knew how to do that without being caught you think I would even admit that to you. Do hackers just walk around with an index card pasted to their forehead of their skill? It's not even slightly reasonable to think this lol even for someone who doesn't know about the field -
Many people / engineers around me talk about trendy stuff like Cybersecurity or AI and show off what great encryption and neuronal networks they 'have built' ( I would rather say 'using').
I kinda get the feeling of 'Everbody talks about it - no one really knows what's goin' on inside (especially those guys who hate math and even algorithms).'
Am I just stupid or does somebody else here feel the same way? I mean people have been doing serious research about this stuff for years. And currently many kids are coming up with it as if it is easy stuff like the bubble sort.4 -
Just heard this on the news...
"The cyber security on my smart phone compared to the cyber security in medical equipment..."
Wtf did I just hear??? I mean, I get it...using terms the general public understands... But how about educating people instead. 😤1 -
Had my first interview for a cyber security gig.
1st round, preliminary questions about ethics in a security related topic, etc.
I wrote a report about that topic, but for some reason brain fogged the answer.
At the end of the interview, I also blurted out that I found the interviewer's presentation at a past conference and really liked it.
Pretty sure they now think I'm a creep.
That being said, it's been a few years since I've interviewed, so it feels great to get the dust off, even if I bombed it
Practice makes perfect, right?!2 -
What's a good book to read about hacking and/or cyber security? Doesn't have to necessarily a how-to guide, rather, just something to read on the subject.5
-
whenever i tell my dad about a technology that is going way beyond our imagination and tell him about the consequences of it and how we should worry about that
then he watches some random tv show about internet security/cyber security and various algorithms (very abstract) which are currently changing the world and how we should care about our data and what the consequences of X technology is...
he be like: "oh is that true? that's interesting, how does that work?"
i'm like😑 dad, i already told you about that😩
ever had similar experience?1 -
Learn about
-Cyber Security
-Machine Learning (especially Reinforcement Learning & GANs)
-Microcontrollers (ATtiny)
Of course I want to finish the projects I'm currently working on and maybe start a YouTube channel about my projects.
Yes I know, it's quite a lot to do, but I don't know if I will ever have the chance to do all that things in my free time again. -
Apparently Patreon has fired (and then outsourced) the entire cyber security team. What's the worst that could happen?
https://thehackernews.com/2022/09/...4 -
Never been a fan of podcasts before, but I'm fixing to take a stab at listening to some.
What's a good tech/programming podcast? (Bonus points if it's about Cyber security) -
Anybody else feel like their Internet traffic constanty being monitored after downloading pen testing tools?
Have our identities been added to lists of potential cyber criminals :/
Thoughts?
(For ethical purposes - involving your own site's security!!)2 -
My first job was writing a cloud based malware analysis system from scratch for UTSA's Institute for Cyber Security.
My direct supervisor was a womanizing, lazy, prick with a PHD. I wonder where he is now.3 -
Pentesting for undisclosed company. Let's call them X as to not get us into trouble.
We are students and are doing our first pentest at an actual company instead of assignments at school. So we're very anxious. But today was a good day.
We found some servers with open ports so we checked a few of them out. I had a set of them with a bunch of open ports like ftp and... 8080. Time to check this out.
"please install flash player"... Security risk 1 found!
System seemed to be some monitoring system. Trying to log in using admin admin... Fucking works. Group loses it cause the company was being all high and mighty about being secure af. Other shit is pretty tight though.
Able to see logs, change password, add new superuser, do some searches for USERS_LOGGEDIN_TODAY! I shit you not, the system even had SUGGESTIONS for usernames to search for. One of which had something to do with sftp and auth keys. Unfortunatly every search gave a SQL syntax error. Used sniffing tools to maybe intercept message so we could do some queries of our own but nothing. Query is probably not issued from the local machine.
Tried to decompile the flash file but no luck. Only for some weird lines and a few function names I presume. But decompressing it and opening it in a text editor allowed me to see and search text. No GET or POST found. No SQL queries or name checks or anything we could think of.
That's all I could do for today. So we'll have to think of stuff for next week. We've already planned xss so maybe we can do that on this server as well.
We also found some older network printers with open telnet. Servers with a specific SQL variant with a potential exploit to execute terminal commands and some ftp and smb servers we need to check out next week.
Hella excited about this!
If you guys have any suggestions let us know. We are utter noobs when it comes to this.6 -
Because I am very interested in cyber security and plan on doing my masters in it security I always try to stay up to date with the latest news and tools. However sometimes its a good idea to ask similar-minded people on how they approach these things, - and maybe I can learn a couple of things. So maybe people like @linuxxx have some advice :D Let's discuss :D
1) What's your goto OS? I currently use Antergos x64 and a Win10 Dualboot. Most likely you guys will recommend Linux, but if so what ditro, and why? I know that people like Snowden use QubesOS. What makes it much better then other distro? Would you use it for everyday tasks or is it overkill? What about Kali or Parrot-OS?
2) Your go-to privacy/security tools? Personally, I am always conencted to a VPN with openvpn (Killswitch on). In my browser (Firefox) I use UBlock and HttpsEverywhere. Used NoScript for a while but had more trouble then actual use with it (blocked too much). Search engine is DDG. All of my data is stored in VeraCrypt containers, so even if the system is compromised nobody is able to access any private data. Passwords are stored in KeePass. What other tools would you recommend?
3) What websites are you browsing for competent news reports in the it security scene? What websites can you recommend to find academic writeups/white papers about certain topics?
4) Google. Yeah a hate-love relationship, but its hard to completely avoid it. I do actually have a Google-Home device (dont kill me), which I use for calender entries, timers, alarms, reminders, and weather updates as well as IOT stuff such as turning my LED lights on and off. I wouldn"t mind switching to an open source solution which is equally good, however so far I couldnt find anything that would a good option. Suggestions?
5) What actions do you take to secure your phone and prevent things such as being tracked/spyed? Personally so far I havent really done much except for installing AdAway on my rooted device aswell as the same Firefox plugins I use on my desktop PC.
6) Are there ways to create mirror images of my entire linux system? Every now and then stuff breaks, that is tedious to fix and reinstalling the system takes a couple of hours. I remember from Windows that software such as Acronis or Paragon can create a full image of your system that you can backup and restore at any point to get a stable, healthy system back (without the need to install everything by hand).
7) Would you encrypt the boot partition of your system, even tho all data is already stored in encrypted containers?
8) Any other advice you can give :P ?12 -
I have been a professional Dev for about a year for a cyber security startup. Unfortunately, startup died do to finance mismanagement. My lead Dev said that he wanted to start a co-op contract business and since we all work great together than we should stick around. So we tried to obtain contracts and it is going much slower than imagine. I am going on my second month of no work or contract work. I'm working on my own site to do some freelance work on the side for myself offering ever, marketing and ERP software services. That is the goal for side hustle. However, for the main hustle well I'm stressed now of being home and we'll meetings not turning into money. I actually want to call it quits and do my own thing and look for normal gig. It just feels rough as he has been my mentor and offered me my first software gig. I don't feel like I own anyone anything I'm regards money or time. However, I do feel bad of I take off it will hurt them from being able to handle larger contract if they do get one.
Note: I'm pulling from my savings
Thoughts??3 -
!rant
I'm a computer engineering student.
I'm very much interested in Systems and networking.
That's why I was thinking of persuing cyber-security as a career option.
But I'm not quite sure if that is a good choice.
Also I don't know how to proceed in order to achieve excellence in cyber-security.
It would be a great help if you guys could help me.
Thanks :)20 -
When in an application security talk put on by our cyber security department and one team (not mine) is being chastised for only doing client side validation, another dev asks so at what point can we trust the user? A few people nod and indicate they want an answer, and the speaker, said never, you never trust the user.
I can't believe people can graduate and get a job and keep a development job, especially in a highly government regulated company like where I work2 -
About two weeks ago I had a cyber security competition. I spent a week or so working on a bash script so I didn't have two spend hours and hours on end doing tedious tasks to get points.
So here comes competition day and I have about 12 or so scripts that I predicted to get 60 or so of the 100 points. I open the competition image, grab my scripts, and run my call script (script that calls all the other scripts). Maybe 15 minutes later, the script is done...
ZERO FUCKING POINTS. I double checked all the files that the scripts configured and all of them worked. But NONE the vulnerabilities that my script fixed were vulnerabilities that the scoring report counted. Instead of me taking 20 to 30 minutes on the image it took my and 1:07... doesn't sound like much but the highly competitive people finished in around 1 hour and the people who just didn't give a shit about Linux took 3 hours...
Luckily... I was put onto the highly competitive team after that and it all worked out... I'll hopefully add more to this script before next competition. -
*Has more advanced knowledge on computers and cyber security...
Mother still cant trust with repairing phone, asking which phone to buy, and naggs about the amount of time i spend on my laptop saying i'd break it. -
Honestly, school is useless for me as of right now. I know I should be well rounded and stuff, but do I honestly need to know the symptoms of cervix cancer while going into a tech career? My eyes have been set on tech for my whole life, ever since I left the womb, and I know that if I do switch careers, it'll be from comp sci to cyber security not from IT to med school...
I feel like I could really be devoting my time towards something better than writing a 5 page essay on a healthy food choice.
Every night I think to myself, "You know what, I'm going to lock myself in a room and write bash scripts all day" but then I wake up in the morning, and remember I have to take a quiz on reproductive systems, learn about the procedure of organ donations for driver's ed, write 2 paragraph definitions of vocab words, and read a book about communism.
The most useful thing I learned last year, was how to efficiently navigate the java API, and that's something you don't even learn, you just encounter it. Schools need to start having more specific specialties and stop enforcing knowledge of pointless topics.
I'm not saying to remove all core classes and stuff, I'm saying why waste space in our brains with something we won't use ever again? I get it, some people don't know what career they're looking for yet so you can't make them choose, but it honestly sucks some serious ass that I can't learn what I want to at school, and as a matter of fact, I can't even learn at home, because they're filling my schedule with pointless work because they feel that they have to fill our time somehow.
Point of this long ass rant is: Why lock yourself in a room and learn about something if it isn't something you want to learn about? The space in our brain is finite enough, why can't it be filled with things we're interested in rather than things that will only be used to get good grades in the future then overwritten with useful knowledge. Same thing with time. We have a very finite amount of time in a day, and now that I think of it, a lifetime. Why spend it on something that doesn't, and never will, make your life enjoyable?7 -
I take a moment for myself and assess the situation from a bird's view.
Then, I objectively look at the current situation and my response/reaction to this and try to change my thinking process/acting to a more rational one.
But, also, my general way of thinking in the cyber security world plus how I'm hardwired to think in a 'paranoid' kind of way makes my current job so fucking perfect for me that i often think about that and the fact that there aren't many people around who have this.1 -
Has anyone used python within cyber security?
I really want to get into cyber security. I'm curious what programming languages are used within that industry.4 -
How did you learn cyber security, especially pentesting ?
I know that making VM lab and/or doing CTFs and reading writeups can help a lot, but is there any more "formal" way to get into things like pentesting etc. ?
(Without having to pay for OSCP, Sans and all this)5 -
Pretty sure someone else said it before but: chose something else.
The market is over saturated with developers. There are plenty of other spaces in which you can work with computers and code.
Think: system administration, cyber sec (which also pays higher in a lot of places compared to development since resource security is a priority), networking etc.22 -
I chose Network/Cyber Security because it was my internship experience and they were willing to pay me good money to stay on... No but seriously I am much better at understanding how complex systems work than coding them. This job, as stressful as it is, is a different kind of stressful that the deadline-fraught jobs of software developers worldwide.
And i can do it fully remote.2 -
Laziest habit? Anything done between 1pm-4:30pm and 4:59pm-8pm. During that time, habits include unnecessary refactoring, poking the CI/CD containers, editing already made prototypes in gimp inkscape, pasting stackoverflow topics to youtube, bouncing from macOS, windows and kde distros in search of zen/rice, adding a calendar emoji on my slack :), making useless automation scripts, building on every variable's value change, tinkering pixels, shades, gradients (and their angles), dimens, anim values, anim curves, opacity, blurs and just nuking the ui just to copy paste an old one, 60% just chatting in code alongs, changing key bindings (from ide to OS), and ultimately zoning out on a podcast about cyber security. And of course: waiting for ++ and comments
-
Hey everyone. I am a freshman in college studying Cyber Security. I have been practicing various programming languages such as httml, css, java script and SQL. Does anyone have any recommendations for resources to study? My end goal is to be blue teaming for my schools Cyber Defense team in the fall.5
-
Hey,
Any tips on how to apply for job, I apply to 10-15 new opportunities daily but haven't received positive response from 99% of them. I don't know what's wrong.
Currently, I am a cyber security analyst at a startup since February 2023.
My resume I use to apply for job
https://ganofins.com/ganesh-bagaria...21 -
So first time here seems awesome I'm an aspiring cyber security expert I know very basic c++ and I'm looking for people to talk to about what I should be doing5
-
Typical insurance company BS approach.
Listening to xmas music, Spotify ad kicks in about 'just being "hacked"':
Buy our cyber security insurance product to quickly recover and retain liquidity in case of a cyber security beach.
Not a single word about preventing the incidents in the first place...
Lucky to work in a place that doesn't skimp on IT.5 -
So I went for a "special" interview to a company whose slogan is "experience certainty" (fresher, was hoping to get a role in cyber security/Linux sysadmin). Got shown what the "real" hiring process of an indian consultancy company is...
We were called because we cleared a rank of the coding competition which the company holds on a yearly basis, so its understood that we know how to code.
3 rounds; technical, managerial and HR...
Technical is where I knew that I was signing up for complete bullshit. The interviewer asks me to write and algo to generate a "number pyramid". Finished it in 7 minutes, 6-ish lines of (pseudo) code (which resembled python). As I explained the logic to the guy, he kept giving me this bewildered look, so I asked him what happened. He asks me about the simplest part of the logic, and proceeds to ask even dumber questions...
Ultimately I managed to get through his thick skull and answer some other nontechnical questions. He then asks if I have anything to ask him...
I ask him about what he does.
Him - " I am currently working on a project wherein the client is a big American bank as the technical lead "
Me (interest is cybersec) - "oh, then you must be knowing about the data protection and other security mechanisms (encryption, SSL, etc.)"
Him (bewildered look on face) - "no, I mostly handle the connectivity between the portal and data and the interface."
Me (disappointed) - "so, mostly DB, stuff?"
Him (smug and proud) - "yeup"
Gave him a link to my Github repo. Left the cabin. Proceeded to managerial interview (the stereotypical PM asshats)
Never did I think I'd be happy to not get a job offer...1 -
So I went to a car repair center and asked if they could fix my bike. They said they could but they won't. This is outrageous, obviously a bike is less complicated than a car and they can actually fix it, they just won't because it's "not their job". Unbelievable!
//This didn't really happen of course
//people don't think this is acceptable, but if I won't fix their laptop they are surprised and act the same way. I study ICT (embedded software engineering and cyber security, but they don't understand that so ICT it is) so I HAVE to fix their laptop....
//Non-techies should really learn that just because we can do something, we don't have to do what they ask of usrant hi linuxxx fuck people repair unrealistic expectations stupid people we don't have to laptop hi -angry-client-11 -
Okay so, I’ve recently started going through our products’ security postures and their teams’ related practices and processes. I knew things were in a bad state, but I have to admit I’m a bit anxious at how bad things are… and it’s not like nobody cared or anything, quite the opposite; the teams are quite motivated about cyber sec. It’s just that they don’t know what the fuck to do and where to start even if they did.
Okay, that’s my job to figure out the roadmap to improving their security posture and processes and help them implement it. If it wasn’t bad enough that there’s half a dozen products whose cyber sec roadmaps I need to prioritise and manage somehow, I heard this week that due to some organisational rearrangements, the number of products under my stern guidance will nigh on double at some point very soon…
I need a team. Give me a team.2 -
Just had a so called "cyber security" seminar in college today.
The guy who claimed to be a trainer or somewhat network security guy or something behaved enigmatically with utter consistency. He obviously claimed to know facebook hax0ring though.
They were basically there to advertise their complete crap: csksrc.org
(Ethical Hax0ring Course) (also claimed their site to be 99.9% secured - GREAT!)
After obtaining a ISO*** standard cert or after taking multiple sessions on "advanced ethical hacking" if you go about telling peeps in colleges that: "The single way to hax0r a facebook account is CSRF!" "Will hack your facebook account by MITM through malicious WiFi Ap." Then, NO neither I want your shitty cert nor do I want to be in your team and create the next level of "advanced ethical hax0ring - CEH course". Reason why I get cringed when peeps start about their certs and the ISO*** value it contains. What ISO value does your brain cells contain though? -
Question - my field is information security (or cyber security if you want to think of me as a time lord), but I wanted to know;
Front end and back Devs, how much time do you spend on security issues and/or implementing security measures?10 -
Any of us had annoyances with people with “a million dollar app idea” but what about these which gives unsolicited career advice?
I’m dealing with a boomer which keeps trying me to change my career and work into cyber security (because TV told him it’s a well paid field) despite me kindly telling him for multiple times which it’s not going to happen because I won’t throw away a career I love to work in a field which seems deadly boring to me (I love anything about coding from design to typing for hours on Vim meanwhile the only thought of reading for hours obscure documentation to find potential vulnerabilities on a system kills my spirit).8 -
I'm a bit frustrated. I'm 23 and I finished a Bachelor's Degree in Computer Engineering last 2015. Working on a career path in cyber security. Is it normal to just understand and test the concepts and not fully memorize everything? It really bothers me that I feel I don't know anything despite developing small tools, testing other people's work, reading about related topics and playing with Kali.5
-
So I just got the cyber security pack on humblebundle... $15 for a year of PIA, a year of spider oak one cloud backups and a year of Dashlane are the notable ones (I’ll give away the antivirus ones for free since I don’t have windows).
But that wasn’t the awesomest part...
I installed Dashlane and after transferring all my stuff over from LastPass, I went to delete my LastPass
Dashlane autofilled the username...
It’s like so subtly aggressive in an unintentional way. Honestly this password manager Battle Royale is totally worth the $15 regardless.13 -
I recently joined DevRants, and with me joining any new site or media where you can share I am usually the guy who is shy and likes to sit back and watch/read. However I wanted to post a question as I am trying to get a job within the Cyber Security field. I have a computer science degree and honestly I feel like I can't even code at a level I should be able to. I am also currently working/studying for my CompTIA Security+. It has been going good but, I always second guess myself and doubt my abilities. I guess this a a slight rant and question so far.
My question is how can I better improve both my skills (coding, linux, and security) and also my mental. I would say its imposter syndrome but I don't have a job so I don't think it would be fair to say it is. I just want to break into the job field and show people that if given the help and resources I can excel at the task given. I do learn fast and pick things up pretty good. Any help/recommendations is much appreciated, and I look forward to more talks.3 -
Looking at colleges on summer break between learning python and some projects can't decide between computer science and cyber security as a major 😰 why can't I choose2
-
I'd love to get into a career within the cyber security industry.
Anyone got advice?
I've played around with Kali/Parrot and setup a proxmox box to perform pen testing and have a fair number of PDF ebooks and audio books on networks, security and pen testing12 -
/*
No Rant
*/
anyone here with a cyber security cert? i kinda want to go that route of cyber securty. so im curious if its worth it.12 -
I think the thing that sucks about high school (or school in general, really) is that they don't really have many opportunities for the people that like to program or do anything with computers.
The only classes that have to do with computers at all (In my high school) is Intro to Programming (Which is what I'm taking, which has HTML, CSS and JavaScript), some computer science classes and finally the Cyber-patriot team. (Which is for Navy ROTC and it consists of Cyber Security, competitions and actual Linux computers).
The only few of eight classes I find actually interesting is Intro to Programming, NJROTC, and Plant Science. (Because not only the subjects, but the teachers (and Sergeant) actually make it fun, interesting and easy to understand, while the rest don't feel like they're doing a good job.)4 -
Not sure how to ask this. I really enjoy Network side of IT. Maybe even throw in a little Cyber Security as well. I feel like I'm trying to every too fast. I got no certifications yet. This is stressful 😫1
-
So hypothetically I have a friend who wants to get a job in cyber security but has no formal education or means to afford one, at the moment. He knows enough about computers to navigate and execute most common tasks, and certainly has the drive, common sense, and brains to succeed but can't afford to in this almost cutthroat field...
How would he begin to teach himself?
He has a laptop, Kali Linux, The BTFM and RTFM books, The Hacker's Playbook 3; and the internet.
Make his day with your two cents.1 -
Some competitions are so unorganized.
So me and my team went for this national level technical paper presentation competition. Our topic was a cyber security topic and they put us under Mechanical branch even though I had informed them about this discrepancy two weeks back. Apparently the girl whom I complained to wasnt on the organising committee although she was the one who was promoting this competition in the first place. Sheer irresponsibility!!3 -
Hey guys, I want to do a cyber security career. For me it's the most interesting field in CS. How can I get started? Is it worth to do some online courses where you get certifications (asking this because they are kind of pricey). I'm a QA Tester with 1 year of work experience, don't know if I should just apply to jobs or acquire skills/certificates first. Thanks for all the incoming answers. :D5
-
I am learning cyber security, the weird thing is, 90% of the times i find theory in lectures...so less practical content is present, even then web sites like tryhackme provide work machines which are next to use less if you dont pay for a subscription...FML!4
-
How does someone with. A+ certs and a Network + and Cyber Security certifications and still only getting Help Desk jobs calling them 🤷♂️2
-
Discord server under development for software engineering, cyber security, networking, and IT talk in general. Looking to meet new people and talk :). @ me if you're interested in testing it.4
-
Whatever be the current trend on Linked-In, at the end of the day the product development life cycle remains quite the same.
Still, as developers which general domains in software do you think would flourish in the near future?
My picks (not in order) -
>> Cyber security : automation, both offensive and defensive
>> Block chain : trustable data platforms
>> Applied AI : a few key models, applied to all niches, bettering existing UX
>> IOT : wearables, embeddables, smart appliances
>> AR : Navigation prompts, real time info about real life objects
>> VR : Immerse entertainment. (Metaverse 🤮)
>> Quantum computing : first gen costly commercial releases, new algos
What would you add or subtract from this?1 -
Why do most people think that a person can only be great at one thing.
I've just started working as a developer and when I tell people I am also learning cyber security they are like what's the point of it. And how I should focus on one thing and blah blah.
Man, nobody questions Elon Musk when he is learning new things everyday. But then why can't we do the same and man we don’t need to be judged. A little support would be so much better.6 -
Happy Friday. Facebook just disclosed hackers have exploited multiple vulnerabilities to get access to potentially 50 million users. I guess... no weekend for the blue team? https://mobile.twitter.com/dnvolz/...
-
I'd like to one day work on security consulting/advising (incident response, opsec, SOC, etc). For those of you here that are currently in or have worked with people in that field: what advice do you have for handling cyber risk situations?1
-
I'm looking for a project idea in cyber-security...
Any ideas?
I'm good with x86 assembly, c, c++, python and shell scripting.
I'm very well versed with Linux operating systems and basic networking stuff.
I'm willing to learn new concepts11 -
the red haired girl and the blue haired girl.
there was this story about a programmer who spent years studying computer science before finally getting a job.
the dev studied only computer science and was put on blue team after a few days.
a few hours into one of the constant coding sessions, the boss told the devs that red team members and blue team members would be working in pairs.
the person from red team transferred the devs work to their data base without the dev knowing, then locked down the devs computer. the dev could not do anything. later, the dev got fired for not doing any work. after that, the company got millions of dollars, and the dev did not see any of it.
both the dev and the managers made a note not to hire any programmer who cannot secure their work.
it is not ethical to teach people programming without also teaching them cyber security.
computer networking, programming and security should all be the same major.
it is a bad idea to teach people how to build anything without telling them how to secure it.
the story above was just a scenario, but it probably happens way more often than people think.
Schools should teach both things in the same major.5 -
Firstly give me the skill equivalent to the best in the field. If the rules allow it all of these skills listed and if not any of these :-
1. Computer networking to the point of having the same knowledge as the best in the field. Why? I am curious about that stuff and being able to work as a network engineer if I don't get a good Dev job
2. Cyber security. Why? I enjoy it and being able to make sure my code is not easily exploitable is a cherry on top. Also having a backup job in case I don't get a good dev job
3. Being able to communicate with non dev people about developer or non developer stuff easily and being a really good leader.
4. Being a good developer in whatever language I use and instantly being able to learn new programming languages and frameworks or libraries with ultra in depth information. -
Where I learn networks and cyber security, we started working with Scapy. I have a problem with pycharm, it cannot resolve half of Scapy's functions. Do any of you know how you fix it (the program runs but pycharm still doesn't like it)3
-
The minefield of crypto assets and fraudulent financial loss, especially, can be overwhelming to cross for many individuals and organizations. However, there is still hope. Professional security protection and means of lost crypto recovery guidance are provided to aid your daily life with the help of a highly skilled team at CYBERGENIEHACKPRO, with its essential suite of services. These services are rooted in an understanding of the wide-reaching and destructive impacts that financial setbacks—be they through cyberattacks, data breaches, or other unexpected catastrophes can cause. The highly trained analysts are responsible for closely examining the damage's extent, identifying root causes, and developing a customized strategy that would reduce the impact. From restoring lost or corrupted data to restoring compromised systems and the network's hardening, CYBERGENIEHACKPRO leverages state-of-the-art technology combined with best practices to help customers regain their financial footing. Additionally, their support goes beyond just technical services; their empathetic case managers offer a compassionate ear and pragmatic guidance on the frequent emotional and logistical challenges caused by financial turmoil. Fully committed to client success, CYBERGENIEHACKPRO is a reliable ally in overcoming financial loss and provides the critical services and reassurance needed for getting back up, stronger, and more resilient. I was a victim, and the CYBERGENIEHACKPRO team turned things around, guiding me to recover my lost/stolen crypto assets and securing me from all future potential cyber threats or attacks. Get in touch,
WhatsApp-: + 1 25 22 71 89 00
E/mail-: Cybergenie @ Cyberservices. c o m22 -
How to Get Back Lost, Hacked, or Stolen Cryptö? GrayHat Hacks Contractor
Recovering lost, hacked, or stolen cryptöcurrency can be a challenging and often uncertain process. However, you can recover your assets or mitigate the damage by utilizing Cryptö Recovery Services. GrayHat Hacks Contractor is one of the most recommended agency that specialize in tracking and recovering stolen cryptöcurrency.
Exploring How GrayHat Hacks Contractor Analyses Blockchain in Cryptöcurrency Investigations
The examination of blockchain activities plays a vital role in identifying fraudulent transactions and recovering misappropriated cryptöcurrency assets. This intricate process involves multiple critical steps as discussed briefly in this submission.
GrayHat Hacks Contractor (GHH) conduct thorough investigations of blockchain records related to stolen digital currencies in order to trace their movement from their original source to their current state. By clustering related addresses, GHH can effectively track the movement of stolen funds across various wallets, providing insights into the strategies employed by cybercriminals.
GHH examine transaction behaviors for anomalies or red flags that may suggest illegal activities, such as hacking or financial theft. Leveraging historical transaction data, GrayHat Hacks Contractor can identify recurring attack patterns, enabling them to spot potential threats before they escalate, thus helping in the formulation of preemptive countermeasures. Blockchain analysis sometimes necessitates collaboration with other agencies, cryptöcurrency exchanges, and other stakeholders to effectively immobilize and reclaim stolen assets.
In the field of cryptöcurrency investigations, blockchain analysis collaborates with open-source intelligence OSINT to offer a well-rounded perspective on security incidents. Tools like Etherscan and Nansen assist investigators like GHH in gathering essential information about individuals and organizations linked to cyber crimes, enhancing their capability to track down culprits and retrieve stolen funds.
While the steps to recovery may differ as each case is unique, there is still a good chance you can recover your lost funds if reported to the right team. The decentralized and pseudonymous nature of cryptocurrency makes it particularly difficult to trace or recover assets once they’ve been stolen. This makes it crucial for anyone seeking to recover stolen funds to employ the service of experts in the field.
You can reach out to them via WhatsApp +1 (843) 368-3015 if you are ever in need of their services.2 -
BITCOIN RECOVERY EXPERT FOR HIRE REVIEWS \\ REVENANT CYBER HACKER
Losing a Bitcoin wallet containing a substantial amount of cryptocurrency can be a devastating experience. However, the feeling of despair and loss was transformed into pure happiness when I received the incredible news from REVENANT CYBER HACKER that my lost Bitcoin wallet, holding 132,000 bitcoins, had been successfully recovered. In this article, I will share the rollercoaster emotional journey I went through when I lost my wallet, the subsequent discovery of REVENANT CYBER HACKER, the process they employed to retrieve my precious digital assets, and the lessons learned along the way. This is a story of hope, resilience, and the power of professional recovery services in restoring lost Bitcoin wallets. Ah, the sweet sound of good news. There I was, minding my own business on an average Tuesday morning, when I got a notification that would make any bitcoin enthusiast jump for joy. It was a message from none other than REVENANT CYBER HACKER, informing me that my long-lost bitcoin wallet had been found. And not just any bitcoin wallet, mind you, but one containing a whopping 132,000 units of the beloved cryptocurrency. Now, for those living under a rock or perhaps too preoccupied with the latest cat videos, let me give you a crash course in Bitcoin 101. Bitcoin is a digital currency that has taken the world by storm, captivating the minds of tech-savvy investors and casual enthusiasts alike. It operates on a decentralized network, meaning it doesn't answer to any central authority like a bank. Instead, it relies on blockchain technology, which adds a layer of security and transparency to every transaction. To own bitcoin, you need a wallet – a digital container where your precious coins reside. Think of it as a virtual piggy bank, except you don't need a hammer to break it open. Your wallet comes with a unique address, like a digital fingerprint, that allows you to send and receive bitcoin. Losing access to this wallet is as heart-wrenching as misplacing your favorite pair of socks. Trust me, it's not a pleasant feeling. My encounter with the disappearance of my Bitcoin wallet taught me a valuable lesson about the importance of implementing proper security measures. It's not enough to rely on luck or hope that your digital assets will remain safe. Taking proactive steps to protect your investments is crucial in the wild world of cryptocurrencies. From using strong and unique passwords to enabling two-factor authentication, every layer of security adds another brick to the fortress that safeguards your digital wealth. Trust me, you don't want to learn this lesson the hard way. It has changed my life to be able to retrieve my misplaced Bitcoin wallet thanks to REVENANT CYBER HACKER amazing services. It made me realize the worth of tenacity.
Website: revenantcyberhacker {DOT} org
Email: revenantcyberhacker {AT} Gmail {DOT} com
Telegram: revenantcyberhacker
WhatsApp: + 1 (208) 425-8584
WhatsApp: + 1 (913) 820-07392 -
The lessons learned from the illusion of cryptocurrency recovery can be a cautionary tale for those who have experienced the heartbreak of lost digital assets. The story of the "BLOCKCHAIN CYBER RETRIEVE that helped recoup a staggering 55,000 bitcoins serves as a prime example of the complexities and risks involved in this arena. While the initial promise of a miraculous recovery may have seemed like a lifeline, the reality is often far more nuanced. This episode underscores the importance of comprehensive security measures, the dangers of placing blind trust in unverified sources, and the harsh realities that can unfold when navigating the murky waters of the crypto ecosystem. Cryptocurrency, with its decentralized nature and lack of centralized oversight, can be a double-edged sword. On one hand, it offers unprecedented financial freedom and control, but on the other, it presents a unique set of challenges when things go awry. The allure of the "BLOCKCHAIN CYBER RETRIEVE" service, with its claims of specialized expertise and the ability to recover even the most elusive of lost funds, can be tempting for those desperate to reclaim their digital wealth. However, the reality is that such services often operate in a legal and ethical gray area, with little to no accountability or guarantees of success. The lessons learned from this experience underscore the critical importance of proactive security measures, such as the use of hardware wallets, multi-factor authentication, and regular backups of private keys. It also highlights the need for greater transparency and regulation within the cryptocurrency industry, to protect consumers from falling victim to fraudulent schemes and unscrupulous actors. Furthermore, this incident serves as a stark reminder that the recovery of lost cryptocurrencies is a complex and challenging endeavor, requiring specialized technical expertise and a deep understanding of the underlying blockchain technology. As the cryptocurrency landscape continues to evolve, it is essential for investors and enthusiasts alike to approach the recovery of lost assets with caution and a clear understanding of the risks involved. By learning from this experience, individuals can better equip themselves to navigate the treacherous waters of cryptocurrency recovery, prioritizing security, due diligence, and a realistic assessment of the challenges at hand. I can say without hesitation that BLOCKCHAIN CYBER RETRIEVE is a genuine, trustworthy company that offers real solutions for those who find themselves in a similar situation. If you’ve lost access to your crypto, whether it's ETH or another currency, and you've been burned by other so-called "recovery" firms, I urge you to give BLOCKCHAIN CYBER RETRIEVE a chance.
Their contact information;
WHATSAPP:+ 1 520 564 8300
EMAIL:blockchaincyberretrieve @ post .co m3 -
Dear Fellow Programmers,
I want to become Cyber Security Specialist and currently learning Java (beginner ). Please, tell me is it a good language for this type of activity and what else should I learn.2 -
CONSULT
TELEGRAM ID TECHCYBERFORC
EMAIL ID Tech cybers force recovery @ cyber services . com
TECH CYBER FORCE RECOVERY helped me recover a substantial amount of $102,000 worth of Bitcoin that I believed was lost forever, and I am very grateful and thrilled to share my success story with them. I was stuck in a financial quagmire until I found TECH CYBER FORCE RECOVERY, but I could recover what looked unattainable because of their professionalism, knowledge, and committed attitude. I shed a sizable portion of my investment in the cryptocurrency market a few months ago, a scenario many Bitcoin investors worry about. At first, I thought I had everything I needed to invest. However, a string of regrettable incidents, such as a security lapse and a problem with the platform I was utilizing, caused me to lose all access to the website. I was devastated when I recognized the seriousness of the situation. This loss wasn’t just an ordinary amount of money—it was a sum of $102,000, a significant portion of my savings and plans. I attempted all possible recovery methods independently and reached out to the exchange I was using for help, but nothing seemed to work. I received generic responses, no real solutions, and a growing sense of hopelessness. I was about to resign myself to the fact that this money would never be recovered until I found TECH CYBER FORCE RECOVERY. I was apprehensive when I initially contacted TECH CYBER FORCE RECOVERY. Ultimately, I had already attempted to get help but had been unsuccessful. However, I knew I had discovered a competent and reliable crew as soon as I described my circumstances. TECH CYBER FORCE RECOVERY's customer service representatives paid close attention, understood how frustrated I was, and promptly started laying out a concise and doable recovery plan. They avoided committing anything that wasn't attainable. Rather, they described the procedures they would follow to recover the money: a thorough blockchain analysis, tracking down the misplaced money across many addresses, and employing advanced tools to penetrate the security layers that had locked my wallet. Knowing that I was collaborating with professionals who were knowledgeable about the intricacies of cryptocurrencies, this transparency provided me with the confidence I needed to proceed. As soon as I gave TECH CYBER FORCE RECOVERY the all-clear, they started working. Finding out where my money had disappeared required a painstaking recovery process that included tracking my Bitcoin through multiple addresses and performing a thorough forensic investigation of the blockchain. The fact that the team employed highly specialized software and collaborated with elite blockchain analysts to meticulously monitor the movements of my investment rather than merely depending on general tools or strategies pleased me the most. Recovering $102,000 worth of Bitcoin wasn’t just a financial victory—it was a testament to the expertise and dedication that TECH CYBER FORCE RECOVERY brings to the table. If you are facing a similar situation, don’t hesitate to reach out to them. They have the skills, technology, and experience to help you recover what you thought was lost forever.4 -
WHATSAPP +1 252 378 7611 PROFESSIONAL BITCOIN RECOVERY EXPERT FOR HIRE CONTACT CYBER CONSTABLE INTELLIGENCE
Information of Cyber Constable Intelligence
WhatsApp info: + 1 2 5 2 3 7 8 7 6 1 1
Email info: (support (@) cyberconstableintelligence ). com)
As a retired dentist, I found myself with ample free time but limited financial security. In search of a way to grow my savings, I turned to cryptocurrency trading. I joined several online forums and communities, where I read about the success others had found with Bitcoin. Their testimonies inspired me to take the plunge. With careful research and strategic investments, I managed to turn my initial investment into $250,000.The financial success brought a renewed sense of purpose and stability to my retirement. However, this newfound prosperity also attracted the envy of someone close to me: my financial advisor, whom I had trusted for years. Unbeknownst to me, he had been monitoring my success closely. One evening, while I was cooking supper, my financial advisor accessed my phone and changed the passwords to my accounts, attempting to transfer my Bitcoin to his wallet. I discovered this betrayal shortly after, feeling a mix of shock, panic, and anger. My financial future was in jeopardy, and I needed to act quickly. In my desperate search for a solution, I stumbled upon Cyber Constable Intelligence, a service specializing in recovering hacked accounts and lost cryptocurrency. With my savings hanging in the balance, I reached out to them, hoping for a miracle. The team at Cyber Constable Intelligence was prompt and professional. They reassured me that, despite the seriousness of my situation, there was a good chance they could help. Their calm and confident demeanor provided some much-needed comfort. They guided me through the recovery process, taking over the technical aspects and working tirelessly to regain control of my accounts. In a remarkably short time, Cyber Constable Intelligence managed to restore my access to my accounts and secure my Bitcoin. The relief I felt was indescribable. Not only had they recovered my funds, but they also provided essential advice on how to enhance the security of my digital assets. This experience taught me several valuable lessons. Firstly, trust must be carefully placed, even with long-term associates. Secondly, it's crucial to secure your digital assets with strong, unique passwords and two-factor authentication. Lastly, seeking professional help in times of crisis can make all the difference. After regaining control of my accounts, I severed ties with my financial advisor and took steps to ensure my assets were protected. Despite the ordeal, I emerged more knowledgeable and determined to safeguard my future. My experience with Cyber Constable Intelligence not only saved my investments but also reinforced the importance of vigilance and security in the digital age. -
Once again the department head fucks up my degree plan!
I'm getting my associates degree in Cyber Security. So we have to take networking courses and what not. So my institution recently became a Cisco certified teaching establishment or something along the lines of that.
The department head said that everyone who was enrolled in classes before the upcoming fall semester would have to take the new Cisco networking classes and not switch to the new degree plan. (We would take 3 Cisco classes instead of the new degree plan which is 5 or 6) so we planned and register for those classes.
Now he comes back and says we don't have to take those new classes. So it just fucks up the whole shit.
Switching to the new degree plan would add like 3 semesters to my total semester count and I'm supposed to graduate. August 2018
Fuck this new shit. Even tho I need Cisco.
I plan on taking The Cisco classes after I graduate with my associates degree while I'm going to a university for a dual degree in Software Engineering and Cyber Security -
HIRE A CRYPTO RECOVERY EXPERT; BEST BITCOIN RECOVERY SERVICE VISIT CYBER CONSTABLE INTELLIGENCE
It was a devastating blow - one moment I was the proud owner of a small digital fortune, 8,000 Bitcoin that I had painstakingly accumulated over years of savvy investing and cautious storage. The next, that entire life-changing sum had vanished without a trace, lost to a cruel twist of fate and my own careless misstep. I had fallen victim to a data breach, leaving me helpless to prevent the thieves from making off with my entire cryptocurrency holdings. The anguish was palpable, a sinking feeling of hopelessness and despair as I realized the scale of my loss. Thousands upon thousands of hard-earned Bitcoins, now in the hands of faceless criminals, beyond my reach. But I refused to give in to despair. Determined to recover what was rightfully mine, I sought out the services of Cyber Constable Intelligence, a specialized team of blockchain forensics experts renowned for their ability to track down and reclaim stolen digital assets. Through their meticulous investigative work, leveraging the transparency of the Bitcoin ledger and their deep technical expertise, they were able to painstakingly trace the movement of my stolen funds, identifying the wallet addresses the thieves had used to launder the cryptocurrency. With this critical intelligence in hand, Cyber Constable Intelligence then coordinated with law enforcement to freeze those illicit accounts, preventing the funds from being moved any further. The final step was a delicate negotiation process, with the recovery team using their connections and influence to compel the thieves to return the stolen Bitcoins - a tense and high-stakes affair, but one that ultimately proved successful. After weeks of anxious waiting, I was overjoyed to have my 8,000 BTC safely returned to my control, a true testament to the skill and determination of the Cyber Constable Intelligence team. It was a harrowing ordeal, but one that reinforced the importance of robust security measures and the remarkable capabilities of specialized firms dedicated to combating cryptocurrency crime and restoring rightful ownership. Losing 8,000 BTC was one of the most stressful events of my life, but thanks to Cyber Constable Intelligence, I was able to reclaim what I thought was lost forever. Their professionalism, technical expertise, and commitment to security made all the difference. If you find yourself in a similar situation, I cannot recommend them highly enough. Cyber Constable Intelligence turned a financial disaster into a remarkable recovery, and I will forever be grateful for their role in securing my assets.
CYBER CONSTABLE INTELLIGENCE INFO:
Website: w w w. cyberconstableintelligence com3 -
The Right Crypto Assets Recovery Service - iBolt Cyber Hacker
If you’re considering a reliable and professional cryptocurrency recovery service, iBolt Cyber Hacker stands out as a trustworthy option. Here’s why I would recommend their services:
From the initial consultation to the completion of the recovery process, iBolt Cyber Hacker maintains clear and consistent communication. They explain their methods in a way that’s easy to understand, fostering trust and confidence in their work.
If you’ve found yourself in the unfortunate position of losing access to your cryptocurrency, iBolt Cyber Hacker is a dependable ally. Their combination of expertise, transparency, and security makes them one of the top choices for crypto asset recovery. While no service can guarantee 100% success, iBolt Cyber Hacker’s track record and professionalism make them top
WhatsApp: …… [+39, 351..105, 3619]
Contact Email: …. [Support @ibolt cybarhack. com]
Homepage: ……… [http s:// ibolt cybarhack. com /]6 -
Bitcoin Recovery Services: Restoring Lost Cryptocurrency
If you've lost access to your cryptocurrency and unable to make a withdrawal, I highly recommend iBolt Cyber Hacker Bitcoin Recovery Services. Their team is skilled, professional, and efficient in recovering lost Bitcoin. They provide clear communication, maintain high security standards, and work quickly to resolve issues. Facing the stress of lost cryptocurrency, iBolt Cyber Hacker is a trusted service that will help you regain access to your funds securely and reliably. Highly recommended!
Cont/Whtp + 3. .9 .3. .5..0. .9. 2. 9. .0 .3. 1 .8.
Website: h t t p s : / / ibolt cyber hack . com / -
EFFORTLESS BITCOIN RETRIEVL WITH, DIGITAL TECH GUARD RECOVERY
Behind the Scenes: The Professional Recovery Process of my lost bitcoin by Digital Tech Guard Recovery is a fascinating look into the intricate and high-stakes world of digital asset recovery. When faced with the devastating loss of valuable cryptocurrency, many individuals feel helpless and unsure of where to turn. However, the expert team at Digital Tech Guard Recovery has developed a meticulous, multi-step process to track down and retrieve even the most elusive of lost or stolen bitcoins. The recovery journey begins with a thorough investigation, as the Digital Tech Guard Recovery analysts meticulously comb through transaction histories, blockchain data, and other digital footprints to pinpoint the location of the missing funds. This sleuthing work requires an advanced understanding of cryptocurrency protocols, wallet structures, and the ever-evolving tactics used by cyber criminals. With patience and persistence, the team is able to follow the trail, no matter how convoluted, gradually closing in on the lost assets.
Contact with WhatsApp: +1 (443) 859 - 2886
Email @ digital tech guard . com
Telegram : digital tech guard recovery . com
website link :: https : // digital tech guard . com
The delicate extraction stage follows, during which the Digital Tech Guard Recovery experts must use specialized tools and negotiate intricate security measures to gain secure access to the compromised wallet or account. To prevent further loss or damage, this procedure requires a high degree of technical proficiency in addition to painstaking attention to detail. The group works hard, employing state-of-the-art methods to get past encryption, get login credentials, and start the process of recovering the money that belongs to them. To wrap up what is frequently a difficult and nerve-racking process, the recovered bitcoin is carefully checked, cataloged, and given back to the appreciative customer. The Digital Tech Guard team makes sure their clients feel educated, empowered, and confident during the entire recovery process by offering them caring support, frequent updates, and total transparency. These digital asset recovery experts are a true ray of hope for people dealing with the terrible effects of cryptocurrency loss because of their unmatched knowledge and unshakable dedication. For more information contact them via following instructions.3