cybersecurity
Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please)
Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.
Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!
Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please)
Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.
Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!
Big or small, we make decisions every day. Rules, policies, processes, templates, etc. **How do you document the process and results of your decision making and track changes?** To give you some background, a lot of departments discuss certain topics every two weeks, but nothing is written down - it takes a lot of time and worse, some decisions change every two weeks. I've been trying to fight this battle with OneNote atm and was inspired by some software change management frameworks (wild mix of things): Each decision/problem gets a new page. - What is the question/problem? - Why is this decision necessary? - What are the pros and cons? - Which departments need to be involved? What is the scope? (department, site, country, continent, international, etc.) - What are the alternatives and consequences of not implementing? - plus changelog - plus metadata, such as parties involved, who proposed it, dates, etc. Still a work in progress, but it is a mix of RFC, ADR, and some other frameworks. How do you handle that?
Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!
Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please)
Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please)
Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.
Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!
Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please)
im aiming to make a chat app secure as theorhetically possible as a webapp. for transparency its open source. id like the user experience to be as close to possible to a regular chat app. its important to note; there are limitation with p2p and webapps such that messages cant be sent if the peer isnt connected. to keep this post brief, please take a look at the [readme](https://github.com/positive-intentions/chat/blob/staging/README.md). it has all the information and links. i dont think its ready to replace any app or service, but id love to get feedback on what you think would make it so you would use it more than once.
Hi all, Interesting problem. An open-source project gets their app removed from google play, so they post a message on mastodon that -for the time being- you can download the app via direct download. I post a reply saying that directing people to a direct link is not a good idea, as hackers could start doing the same to spread malwhere, better use an official repo (like f-droid, where they are already on). A typical problem of somebody who writes a genuine post, but without realising it himself writes something that is very close to what a phishing message would look like. However, this got me thinking. What you want to avoid is that people get used to the idea that it is OK to download and install apps from a random URL. But if you point people to f-droid, they need to also download the apk for that, and configure the security on your phone that apk's downloaded via <browser> may be installed. I guess, the later should surely be avoided as most people will then leave that option enabled. (I had to search deep into the security setting to find the option to switch it off again). What are your opinions on this? What would be the best way to do this and not teach people bad security habbits? Direct download or f-droid? Other ideas? Is there a good sollution for this? Kr.
Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!
Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.
Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!
www.blackhat.com
Links to Black Hat talks that include the slides.
Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please)
Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.
Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!
Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please)
www.helpnetsecurity.com
Cirrus is a command-line tool written in Python to facilitate environment access and evidence collection across Google Cloud.
Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!
Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please)
Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.
Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!
Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.
Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!
Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please)
Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!
Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please)
Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.
Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!
Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.
english.elpais.com
(...) the internet went down across the country. A wave of cyberattacks left all systems on hold for more than seven days. First, the main national websites failed, from the official news site to the booking page of the national airline. Then, the Asian state’s connections with the rest of the world were interrupted. Emails could not be sent or received; there was no connection to cloud services. The blockade was complete.
Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!
cybersecurity
!cybersecurity@infosec.pubAn umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!
Community Rules
- Be kind
- Limit promotional activities
- Non-cybersecurity posts should be redirected to other communities within infosec.pub.
Enjoy!