Search the Community

Hi all, So I am currently studying for a Cyber Security Degree in England. I have had trouble finding anywhere that could offer any experience within the tech industry. Unfortunately, I am an unpaid carer so I have little flexibility for when I can work, I would be looking at between 9:30 am-2:30 pm Monday to Friday. I have looked at internships and other similar things but they all want full graduated people, does anyone know of anywhere I should look to contact? Thankyou

I have been reading a lot about cyber security recently. More so the security of actual real-world common devices (like mobile phones) and how Digital Forensic technicians at law enforcement agencies [Particularly the UK] use various third-party softwares such as Passware or Cellebrite to brute force passwords and passcode. The government agency pays these cracking companies (which are meant to be anonymous by the way) huge funds to utilize the software. There are a couple of other ways to obtain passwords other than brute force, that may involve looking at linked accounts, stored on the local memory etc. However, for a 2023 Google Android or even 2023 Apple iPhone, a lot of the methods used will be brute force still. The success can vary depending on the mixture of characters used, but more importantly, the length of the password/code. See the table below which shows a similar 2023 example of how long the above software's would take to brute force into a phone. Using this example, if you had the FINGERPRINT scanner enabled on say an Android/iPhone, but your back-up password (in case you get locked out) was 20 characters long and heavily mixed, would there be any way they could brute force it using the BioMetric security option? I guess they could take your fingerprints and somehow duplicate / transition them onto a replica if they really wanted to. However, assume your fingerprint data was unknown.

I work within the finance industry, but there has been a huge demand the last 2-3 years in my industry for people with Cyber security knowledge. My job is quite unique in a way, as you have the base role and then can pair it with another industry to focus on a particular market and become a valuable asset in that area. Some other examples include: -Finance + Aviation -Finance + Marine -Finance + Engineering -Finance + Space -Finance + Accounting etc etc, many more with over 100 different industries. However, Cyber security is the biggest growing area and I'm looking to educate myself in this field and expand my knowledge to gain a better understanding. Specifically, these will be some of the questions I will need to answer in my role. -How a cyber attack took place? -What could have been done to prevent it? -Who's fault is it for the breach? (Software issue / poor I.T security measures / employee error etc) -The extent of damage the attack caused to the business? -How to stop it from happening again? So, what can I do/where to start to learn Cyber Security without going to University? NOTE: The industry requires I just know and understand Cyber Security. I won't be coding / programming / designing software etc. It will only involve understanding the technical aspects and processes of things like DDoS attacks, Malware intrusions, server take downs etc, then performing a theory-only Root Cause Analysis following the attack. Also, are there any true Cyber Security qualifications that are worth getting? (In the UK if possible, or worldwide.) - No gimmick qualifications like 'Sign-up to this 1 day Cyber course to become the next Anonymous member' you see on sites like LinkedIn.

i was using this program Splashtop_Wired_XDisplay_Agent for months and then a couple months ago i scanned it in virus total and it shows its a malware so i deleted it: VirusTotal: https://www.virustotal.com/gui/file/fb7d9a5cf6ae1b52786827ab9357062ec5a7a9b49d1faaaaebc4b2e2b1c5f182 JoeSnadbox:https://www.joesandbox.com/analysis/604062/0/html intezer :https://analyze.intezer.com/analyses/8eebff93-815e-478f-911a-e9c5e6ba6f5a but then i scanned it again today in intezer and it shows its clean now can i use it? i couldn't find any alternatives ? intezer today scan :https://analyze.intezer.com/analyses/27cd4886-17cf-44c5-891b-e5d254cb55f5/genetic-analysis hybrid analysis : https://hybrid-analysis.com/sample/fb7d9a5cf6ae1b52786827ab9357062ec5a7a9b49d1faaaaebc4b2e2b1c5f182

Hey, I'm a high school student, heading to college in just a couple years. I have a great interest in basically anything related to technology and computers. My concern is that I do not yet know what I want for a career, therefore I do not yet know what I want to study in college. I'm currently looking towards a degree in Computer Science, considering that I've been told that it's a very valuable degree that can get me a big range of jobs to consider for a career. More specifically, I've also been getting some interest in a degree in Cyber Security, considering it's one of the most demanding jobs in the United States right now, which obviously means a GREAT pay. So, any tips/advice is dearly appreciated! Thanks

Due to the recent outbreak of WannaCry, I have just purchaced an external hard drive and want to back up certain folders of important information onto it. I want to know if there is a way that I can plug it in weekly and have my computer back up the files onto the hard drive. If it matters, I am using Windows 10 and a Seagate Expansion 2TB Portable External Hard Drive.

I earnt my first wings by learning the ins and out of building my first PC ( thank you you tube and linus tech tips big inspiration ) specked it 10 times and built it in a month last year and my interest in PC tech, advances and threats have sky rocketed since then. I'm learning Python in my spare time to get a computer language under my belt but where do I go from here. Also I know AI, deep learning and machine learning will take over many tech jobs so what jobs will be left for us in the near future and how do I go about getting them? Anyone with knowledge, experience and advice I'm all ears. Orion

Hey Linus, if Linus Media Group exists in like 10 years, then I will be a Cyber Security Analyst for you.

#illshowyoumineifyoushowmeyours This one I got from my COMPTIA SmartBrief news letter... With all of the current controversy between the US government and Kaspersky, I guess it's only normal for the behavior of American companies to be hidden from mainstream media. Both McAfee and HPE shared source code with Russia with hopes of entering the Russian Market. There is frar this could leave the US vulnerable to cyber security risks. As far as I'm aware, many government agencies and educational establishments have contracts with McAfee. I find it very untrustworthy for the sudden move to hide the source code for an antivirus software at this level. I would imagine these organizations would want to see this code to make sure they knew what was being out on their system. And if I remember correctly, didn't Kaspersky offer to open up their source code to US officials? I wasn't aware of this. Not sure why Intel would want McAfee. Is the decision not to reveal source code an initiative to safe guard Intel vulnerabilities, proprietary information, or other architectures? US officials are very worried that sharing this information with Russia couldake US assets more vulnerable. The previous sharing of source code with Russia was to be able to gain access to the Russian Market.... However, HP wanted to join in as well. Although McAfees sharing seems to have a more legitimate base, the HPE actions seem very questionable. We are constantly talking about internet security, and we seem to out a lot of blame on the US government for it's faults and leaks... However, maybe the issue isn't the government. Maybe it relies on companies that make poor decisions in hope for economic gain? Does no one think before acting? I cannot find anything specific, but what is the financial incentive in the Russian Market? I'm sure Russian government wouldn't use US companies for cyber security. http://thehill.com/policy/cybersecurity/357333-mcafee-stops-allowing-foreign-source-code-reviews

I'm sorry if I misplaced this topic in the forums I'm 16 and I live in Bahrain (middle east if u dunno where that is)...my whole life I loved technology and Id experiment on whatever I can get my hands on...but now since I'm 16 I grew even more curious and I started building pc's wich I really love doing, not much of a pc but it does the job...anyways since I'm 16 I should make the decision pretty soon on what I want to study in college...I have no experience in coding or programming whatsoever but I really want to learn...I have basic software knowledge and a pretty good knowledge in pc hardware...anyways I really want to either study IT or Computer science but I don't know what jobs I can work on either of these and if the paycheck would be good or not...I really want to work in cyber security but as I said...I'm not sure what exactly they do...or if it pays well or not... What can I study + work that has to do with what I like to do and what I'm interested in?...I'm lost and I seriously need help since I don't know any experts in any of the above...and where I can start on learning on how to code... P.S. I forgot to mention this but I have really good marks...we don't use the A/A+/A- system unfortunately P.P.S. I live gaming too btw I really don't know what else to say or include...but tell me if there is anything I should have mentioned that I didn't... I would deeply appreciate any help you guys can provide <3

The US government is looking to start to tame the wild west that is the internet of things. This is a great thing as anyone will tell you that there are millions of compromised devices connected to the met and with the idea of "Lets put a webserver of it" running through the world like crazy at the moment it's only going to get worse. https://www.google.ca/amp/s/www.recode.net/platform/amp/2017/8/1/16070996/congress-internet-of-things-cybersecurity-laws

I am getting a new laptop and have decided to do a total cyber security audit of my pc, network, and online accounts. I am looking to maximize security and am looking to make a comprehensive checklist. Feel free to recommend anything you feel will help. Some things I have thought of include: Switch to a password manager/Change all passwords make sure all updates are in place (anti virus, anti malware, windows, etc.) enable bitlocker full drive encryption secure the uefi/bios (I know it can be erased by removing the cmos battery, but its a step) encrypt everything backups switch to standard user account, secure administrator account Edit UAC (user account control) settings Enable 2FA (two factor authentication) where available. Start using a vpn (any recomendations?) maybe switch to tor lock down unused ports I am running windows 10 pro and I am pretty technically inclined, however feel free to add any recommendations. My point is to maximize security even if the user experience could be slightly effected. I want to lock down my pc and network as best I can.

There was a video released recently by Fidra Group on youtube which was directly related to the recent spate of cyber threats in this particular case aimed at Ports across the world where IT and Automation is becoming more and more prominent. The video was aimed at raising awareness of where the weakest links in security on a network is, and It's quite a chilling but true video. and I think it might be worth a watch regardless of if you work at a port or not, but what are your thoughts on it.

I'm trying to change my password from ubisoft because it was a really old password, so i use my special method and use special characters in the password and make it pretty long. ubisoft gives me an error and says my password doesn't follow the guidelines. these are them: look i can understand unicode restrictions and username not in password etc. but limited to 16 characters??? only numbers and letters???? fuck that. my bank is also pretty bad with this, max password length is 12! TWELVE!! passwords are hard to remember as it is so why all these arbitrary upper limits? i understand the minimum 8 characters but this? whats the worst user security you've seen recently from a big company (don't say yahoo lmao)

SOURCES: https://www.cnet.com/news/words-with-friends-hack-reportedly-exposes-data-of-more-than-200m-players/ https://haveibeenpwned.com/ https://www.pcworld.com/article/3173791/stop-using-sha1-it-s-now-completely-unsafe.html Another day, another large organisation suffers a massive data breach. This time it's our friends at Zynga. A hacker name Gnosticplayers has taken responsibility saying they stole data from 218 million Words with Friends player accounts in September 2019. Per CNET: Per HaveIBeenPwned: HIBP also ranks the Zynga data breach in the top 10 largest data breaches it's come across. I'd recommend anyone who isn't using HaveIBeenPwned to start, it's a great way to learn about what data breaches are occuring across the world and if you are personally affected. My Thoughts: I don't know what to say really. These types of breaches are becoming all too common place. SHA-1 is an older standard of encryption and shouldn't be used nowadays. At least Zynga recommended 'some users...to change their passwords'. It seems like things are bound to get worse before they get better.

I don't have too much time to go into detail at the moment since I'm kind of busy at the moment with other obligations. The gist of it is the mega browser extension is compromised with malicious code and is attempting to steal passwords and crypto currency. discovered on 9/4/2018 here is the link to the original artical I saw while I was browsing the web: https://www.bleepingcomputer.com/news/security/mega-chrome-extension-hacked-to-steal-login-credentials-and-cryptocurrency/

Intro: What I have and what I know Antivirus So I've been using McAfee for a little over a year because my Dad said it's one of the best anti virus, but my Dad only knows the big brands and was somewhat good with tech but what he's been using for a while isn't the best anymore, especially to many tech enthusiasts like me and everybody on LTT forums. VPN I also never use VPN unless I might need to unblock some random sites (no, not Porn) in countries overseas so for stuff like that I just use some random free VPN I can find on the Google Play store. The problem is most free ones don't really work that well and usually degrade the quality of the WiFi connection to the point that it's unusable, and some work enough to unblock sites but when I try to keep it on when I do my normal stuff, the WiFi becomes unsuable. Password Manager So I used to use a free password manager that was really good, 1Password, but I honestly never really needed it cause there was like one main password I used for almost everything and sometimes (rarely) would I modify it for some sites. But it's paid for the PC and when I changed phones, I just decided to stop using it. Then I started to need to sign up with many more very important sites because I started having to look at colleges, start studying for the SAT, and take AP exams, etc. And I also started really changing up my passwords, to the point that it was definitely impossible to remember them, so I started looking towards ways to organize my passwords. When I asked my Dad if he could let me buy a password manager I really liked he said, there's no use, just do what I do. What he does is write his passwords in a document and changes parts of the password that he uses often into little codes and it makes it quite unreadable. So for some time I used a combination of binary, coding syntax, a secret language my cousin made up a while ago, Cesar cipher, and used in weird ways to secure my passwords that I would put into a document on google drive. And I guarantee that anyone who tries to decode them would not be able to, here's the whole current list Data Set Inpeeps = Eeep Langeep; Int varEeep = Norm; inputShift(even.Num) = inpeep.Num(odd.Num); Ex.input {1st key = [Int indexNumber myEvnShft = OdShft;]} Ordeep = code.bineep; lrn = educateep, scheep; frum = foreep, Teep’s Hardweep; shp = Ebeep, Amazeep; prfsnl = busineep, careep; prsnl = meep, priveep steep; gmng = videep geeps, gameep acceeps; ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890!@#$%^&*() 00000001Int lrnCnnUggru = Epvkbjkj4499!; 00000010Int frumPiitXiitXiit = Jgrxm&&!!; 00000011Int shpTkkvKmm = Litzo((##; 00000100Int prfsnlOummx = SlihuvuKv2qAA%%; 00000101Int frumcwoozLooz3 = Pmx4sCC&&; 00000110Int prfsnlZm8umzoqq2 = Roz6uEE((; 00000111Int gmnga3xss4 = Yron121Q28wGAGA; 00001000Int prsnl!WOOZ = S40ypxyxatqICICI; 00001001Int gmngV1!uww8 = cvsr565UKKK; 00001010Int prfsnlnyy0p3y&yy0 = W8$3t232exuGGGGG; 00001011Int lrnY!8811@X11@ = gzwv909YII; 00001100Int prfsnll71633$ = i2ya@*7QQQ; 00101000Int manyvids = hello7tele89wo#rmus; But my process was too slow and if I was to make it less complicated then it wouldn't be that secure and I would not be able to put it onto a cloud storage service like Google Drive. I also had way too many passwords and I've decided I'm just gonna use a password manager. Need: What I'm looking to gain from you guys What I'm here for is to ask you guys for... Good Antivirus: I think I'm gonna switch to bitdefender ASAP cause I've heard a lot of great things about it. Good VPN: When I was checking bitdefender's plans I found that you can add their VPN to it but when I searched up about it, people said it's just a rebrand of hotspot shield (or something like that) and it's really bad. So I need a good VPN that is able to protect my data and privacy from my ISP and anything bad. Good Password manager: Lastly, I want a good password manager that people like, trust, and actually recommend to others. I also need it to have these requirements Support for PC and other devices, most importantly Android. It needs to work well with other devices and not just a good PC app but an Android app that was just thrown together with a shitty UI (like the Steam app on IOS) I also want to be able to store a bunch of passwords. And any other features would be good like it works well with android to the point that it could ask me if I want it to fill a certain app's password when it comes up or that it auto fills in google chrome well unlike Truekey's trash autofill (although I haven't tried it in a while so it might have improved) I am kind of asking a lot but just please tell me what you can and help me out to the best of your abilities. All help is appreciated

I'm attending ASU for their bachelor in cyber security starting in fall and I want a laptop that can do light causal gaming (Overwatch/Siege) but one that can handle the programming I need to do. Is the dell xps 5 with the gtx 1050 or 1050ti a good choice? If not, any recommendations?

So, I finally installed an adblocker after hearing some advice about avoiding things like crypto mining bugs, but I noticed something.. I reset my browser to try and troubleshoot something and it turned off the adblocker. When I went to youtube, I instantly got hit with a scareware page and something started downloading! I stopped it right away before it finished. This sort of thing never happened before installing the ad blocker. I also can't seem to white list individual youtube pages. This is with adblock plus. So, does installing an adblocker turn off some other kind of security feature? Why does this happen?

I've been honing my windows defender triggers in the task scheduler and I noticed something that could be a problem. If you've set it to turn on at idle and turn off when you start using the computer again, that makes you susceptible to bugs that mine with your system without your permission. Like that bug that you'll get if you're foolish enough to use "The Pirate Bay". Since your CPU won't clock down and will effectively never idle if you have that bug, how is Windows Defender supposed to nuke it if it's set to not turn on unless the PC is at idle? So yea, if you have custom settings for Windows Defender in your task scheduler, you need to go and check to make sure that's not turned on. Start - type task scheduler - open it - expand the task scheduler library folder in the left menu - go to Microsoft - Windows - Windows Defender - double click on 1 of the 4 items in there - go to the conditions tab - and ensure that the top box is not checked - repeat the process for the rest of the 3 items in there.

Hey everybody, I am looking at doing a degree in cyber security in the future and I want to learn a bit about the job. Is there anyone in the cyber security field who can tell me about their job. Is it very stressful, what sort of things do you do. I just want some insight into the field. Thanks everyone Shaqtin

source: http://www.reuters.com/article/us-intel-m-a-idUSKCN0ZC0WS yeah ... I don't understand what their though process was when they decided to buy McAfee previously, Intel didn't had any stake in consumer oriented software market, and frankly .. they chose the wrong product to acquire back in 2011, McAfee had a 4.64% worldwide market share, fast forward to 2015: 6.2% worldwide market share - these includes both consumer and enterprise products

The United States Pentagon will usually send you to jail (*gaol*) for trying to "Hack the Pentagon" but until May 12 a select group of responsible hackers are being sought to try and breach the Pentagon's security. With a bounty of US$150,000 for those who opt in for a complete background check prior to attempting to carry out the breach, the U.S. Secretary of Defense Ash Carter said that he is “Inviting responsible hackers to test our cybersecurity........ I am confident this innovative initiative will strengthen our digital defenses and ultimately enhance our national security.” It is aimed to bring to light security flaws in DoD websites, no critical infrastructure systems will be harmed in the HackerOne process. Ashton Baldwin "Ash" Carter is the United States Secretary of Defense. He is also a physicist and a former Harvard University professor of Science and International Affairs- Wikipedia "The registration site is now live and can be accessed at https://hackerone.com/hackthepentagon." The criteria if you want to be involved is quite strict as you "must be a U.S. person, and must not be on the U.S. Department of Treasury's Specially Designated Nationals list, a list of people and organizations engaged in terrorism, drug trafficking and other crimes..." It is possible to opt out of the background check but as they are spending taxpayer dollars, this would mean you forfeit any bounty you may earn too. Do you think they would noticed if someone applied through a VPN service with fake a green card / social security details, such as elements of China’s military...*maybe*...? Link: Source- abc NEWS "Pentagon Will Reward Hackers Who Find Security Problems on Its Websites" story by Alyssa Newcomb Statement by Pentagon Press Secretary Peter Cook on DoD's Partnership with HackerOne on the "Hack the Pentagon" Security Initiative

So i don't know how many of you know about this, but if you scan two different fingers of two different people IN THE SAME SCAN SEQUENCE, the one plus two will happily accept both the fingerprints. https://www.youtube.com/watch?v=6KFpywrrW4g PS: not an exploit but just a fault. My bad.

Now, this was posted the other day (1 October 2014) on BBC under the tech articles. Basically what happened (You can read the article, link below) is during a meeting, EU "Digital Head" Günther Oettinger called the celebrities dumb, and is now facing major flak for this statement. If you have anything to add or comments, please place them in the comments below. 1st Off, can we call this politically correct? In my view, as a major official of the EU, it wasn't really the brightest move, and could have definitely worded his statement much better. 2nd Of all, we have to bring up the fact that could this be victim bashing? Whenever you call these people in a meeting "Dumb" is it not attacking their character, much less not taking into account that much of the general public, doesn't really quite know the risk to this. (Note: Yes Celebrities are part of the general public, at least in terms of tech. They are not part of the industry and it's doubtful that they know much about cyber security) 3rd What does this mean for the future? If a major official is calling celebrities dumb over this incident, therefore some action must be taken. Could it be some sort of education program, or simplification of the long contracts that you click a "little bubble" to agree to without reading, saying that there is no guarantee that we can protect your privacy. EU commissioner: Nude celebs 'dumb' http://www.bbc.co.uk/news/technology-29443022