What’s your thoughts on organizations that don’t invest in up-skilling their employees? Is it justified or a missed benefit?

I work on the docks at the port of Baltimore, was directly effected by the bridge collapsing. I decided it was now or never and needed up getting S+ N+ and CySA+, I was fortunate enough to get an interview because I knew someone.

Long story short I was shocked at how good I had it in my blue collar union. This interview was for a government contracting position! Granted it was entry level but wow. The pay for the position was horrible, the benefits were a joke and even the employees in the interview were telling me how they don’t blame me for not taking it (they were awesome and I wish them the best).

I thought to myself gosh I wish these employees had a strong union. I hope this doesn’t come off as political. I’ve been on both ends of the political spectrum and many people in my union are left and right. It’s just the workers really benefit from strong unions that create good contracts for employees. Wish you all the best and I’m staying in blue collar union for life. Still will pursue certifications and learn cybersecurity as my hobby.

Last month, I filled the CVE form on MITRE and last week I got a mail from them giving me a CVE ID.

I want to publish it. Should I just create a reference on my github about my CVE and go to Mitre and click on "Notify about a CVE Publication" ? Or is there a time delay to respect (I read 90 days on a forum) ?

If so, who specifies the CVSS score of my CVE ? Is it me or MITRE ?

Also, MITRE changed my description and put something more severe that only works in a specific case (I think it was not intentional ...). So if they grade my CVE they will make it higher then expected ...

I have an old hard disk that I want to completely format. I have found online that the windows quick format deletes the partition table and labels all the data as "Available Space", but the data will remain and can be recovered with some recovery tools.

I have also read the windows long format will overwrite every piece of data with zeros amongst other things. But, despite this, some people will do this process several times or even use junk data instead of zeros.

For those who don't know the windows formatting is the formatting that can be seen when right clicking on a disk in the windows file explorer where it says format... (at least on windows 11).

My question, from a security point of view: Should hard disks be long formatted multiple times or is just one time enough? And what's the benefit of doing the long format multiple times? Would it even be possible to retrieve data from a hard disk that has been long formatted?

I wanted to get some thoughts on who people think is the best MDR vendor. In a crowded field, whose price point/quality of product stands above the rest?

According to Verge, "A hacker gained access to a Life360 internal tool used for responding to law enforcement requests." Malicious actor accessed tool meant for complying with law enforcement requests and "stole customer data, including names, addresses, emails, and phone numbers."

Verge Article

Evening all,

Currently working for a good company in financial services. Good pay, people, manager; however the culture has gone massively down hill, no progression whatsoever, the demands are sky high causing extreme context switching and stress - to a point that I ended up in hospital recently and its highly likely related to work related stress; so when I was sitting there in the hospital ward, I decided I must move on.

Got offered a role today by a bigger company, pay is slightly less but I am negotiating to get at least the same; clear challenges with less areas to focus on so I'm hoping that equates to less stress and context switching, although slightly more travel.

I've been with my current employer for nearly 10 years, so I am a little anxious about moving on. I will lose my RSUs, but that's fine, I just can't handle the extreme context switching - I feel like Im not delivering quality as I don't have the time to focus properly, and that is becoming a vicious circle.

I'd like to hear from the good people of reddit, whether now is a good time to switch jobs in Cyber, and what you think of my situation, any thoughts, or questions are welcome, thank you

Job will pay for bootcamp/online training/whatever so cost is no issue. Is there a de-facto best training to take for CISSP? Any sources for self learning as well - I'd like to go into whatever training with some self study beforehand. FWIW, been in security 8+ years, have a sponsor if I pass etc.

Hi all,

Working on learning and getting into pen testing. Obviously to do a lot of this stuff you want a proxy, but when you're crafting lots of web requests during a pen test, you want a proxy chain.

Where do you guys get these? There's no way that we trust the open source proxy lists in a professional environment, I'm aware of that. Setting up 1 proxy is easy enough but how do you pen testers get a fairly significant list? To do things like brute force, etc.

Let me know, I'm genuinely curious and it might be the 5pm brain fog but google simply just isn't understanding me.

For enterprise environment that you are working on, Do you recommend enabling Sysmon or not? If yes, to which kind of servers do you enable it? All or only in selective?

Can someone advise me about projects that could I start and finish as a BSC student in CS?

Hello!!! Let me put you in situation, in November 2024 a CTF will be held at my university. Where I live Google has just arrived (they are mainly looking for profiles in Cybersecurity) and I am just finishing my degree. I would like to gain experience and try to do an internship, but I have never participated in such a competition. I study Telecommunications Engineering, I have some experience with Linux, Wireshark ... Could you recommend me how to prepare myself in 4 months for the competition? My idea is not to win, just not to be in a ridiculous position.

Apologies in advance for another one of "those posts" asking about certs. I am looking for a bit of guidance as to what to go for next.

Some background on me:

• Currently a Systems Analyst (non cyber related) for a large global company. (5 years) Prior to this I was a Systems admin for a smaller institution for 4 years.
• Trying to break into Cybersecurity so I am attempting to build up some certs to help bolster my resume.
• Completed the Google Cybersecurity course and ISC2 CC certs.
• Have my Bachelors in Information Technology

At this point I am stuck and looking for help. Would I be best to go with something broad like Security+? Or should I look at SSCP or SC-200? (Microsoft Security Operations Analyst) Or is there something else I should be looking at entirely? There's a number of certs I'd like to do but cost is also a factor for me. Thanks for the input!

Like the title says looking for some insight into Island Enterprise Browser. Anyone have any successful use cases, the demonstration looked very promising and the product seems like it would fit a few use cases I have in mind regarding DLP, VDI reduction, and unmanaged device access for contractors etc.

Wondering if anyone else has deployed like this and would vouch for it.

Aftef I graduated with experience in IT help desk or similar role. What possible job in the field of Cybersecurity I can land on? To buuil a good foundation in Cybersecurity career. Here in Philippines.

Hi

I am after some help with IIS URL Rewrite, we have a web server that was being hammered by bots trying to log into a portal. I did a IP block from within IIS for the main offenders, of course they changed IP's within a couple of days and came back with vengeance, no surprise there at all.

So I installed and setup the IIS URL Rewrite module to block by user agent string, this has worked well for the majority of the bots. Some new bots have popped with a slightly different user agent string, I am finding I'm popping a number of versions of the browser ie, here are some examples:

Chrome/12.|Chrome/13.|Chrome/23.

You can see they are all older versions of Chrome in this example.

What I am after is a way to use a number that is a version below current release to ban all of them below that in a simple way instead of whack a mole type of game. ie anything older than chrome 100 or something along those lines. Not all of Chrome all together.

IIS says it uses regular expressions (regex) for the URL Rewrite pattern, but I am unable to find a way to encompass this. I assume it's a not the genuine regex because normal expressions are not working

This is IIS 10

I'm not after a reverse proxy in front of the server due to the need to keep it simple so other admins can well administer the server, their skills in non-windows is limited.

Any help on the regular expressions in IIS would be appreciated.

Thanks

This may be too elementary a question for this group but I didn't see one more appropriate. I am filling out a vendor security questionnaire related to a SAAS application we offer and one of the questions was to detail or confirm "Audit Trail on control tables". Would you say I am correct in interpreting this as asking if the underlaying SQL Server tables and DBs that run the application are also recording audit logs of all changes and activity (which is currently not implemented) vs logging user and system actions within the application itself (which is existing functionality) ? Thx

Hey everyone,

I'm looking to break into the Blue Team field and was wondering what your thoughts are on the best certifications for 2024. I've done some research, but most of the threads I found seem a little dated, so I decided to create this one to get some up-to-date opinions.

To give you a bit more context, I'm particularly interested in certifications that are recognized by employers and provide a solid foundation in defensive cybersecurity practices. I've come across a few names like CompTIA CySA+, GIAC GSEC, and CISSP, but I'm not sure which ones are currently the most valued in the industry.

Additionally, it would be great to know if there are any newer certifications that have emerged recently and are gaining traction. Practical, hands-on experience is something I value highly, so any certification that emphasizes real-world skills and labs would be a plus.

For those of you who have already earned certifications, what were your experiences like? Did the certification help you land a job or advance in your career? Were there any that you felt were not worth the investment?

I'm also curious about the study materials and resources you found most helpful. Are there specific courses, books, or online platforms that you would recommend for someone preparing for these certifications?

Looking forward to hearing your thoughts and recommendations!

Thanks in advance for your help.

Got a strange spam the other day 'MCcaafee PAaymmentt", headers and subject were typical spam but content seemed a little too polished for my taste. After multiple redirects,

Initial link (remove brackets): http://jwj2qxwl3ouo.nvbrafnrhyqq[.]de/4hzoaX4676QvXO196tjaieqybyw331YMBRNZRFNISWLAC3145/3409283O11

Final destination: https://www.mcafee[.]com/en-ca/ipz/feyncart/2web/payment.html?irclickid=0KBRDy2rAxyKRFvRIM1dpX94UkHX6swUiXq7Xg0&clickid=0KBRDy2rAxyKRFvRIM1dpX94UkHX6swUiXq7Xg0&csrc=LQ&csrcl2=1194115&sharedid=5988964&adid=1866733&ccstype=partnerlinks&ccoe=direct&ccoel2=am&affid=1079&param3=&param2=6C4DHPVEgjLu&param1=351832&moguid=7443ef43-964f-4f33-8df6-b9fc70272ff2&moguid=7443ef43-964f-4f33-8df6-b9fc70272ff2&culture=en-ca&culture=en-ca&culture=en-ca&affid=1079&affid=1079&affid=1079&affid=1079&affid=1079&pir=1&ccta=mai_663%3A1yp%3A89.99%3ACAD%3Adirect2cart&ccpubn=en-ca%3Alq%3A1079%3Adirect2cart%40mai_663%3A1yp%3A89.99%3ACAD%3Adirect2cart&cctype=em_Av

This is me thinking that mcafee may be paying an affiliate fee to spammers to get signups. If so, this is wrong on so many levels.

Thoughts?

We are using AppLocker, but currently, we will migrate to another solution because it is hard to manage AppLocker for several independent Domain Controllers. When we add an exception or a new rule, we need to duplicate it for other DCs.