DEF CON 32 - Abusing Windows Hello Without a Severed Hand - Ceri Coburn, Dirk jan Mollema
2.8M subscribers in the hacking community. A subreddit dedicated to hacking and hackers. Constructive collaboration and learning about exploits…
Cyber SubReddits
Vatican and Israel implicated in Italian hacking scandal, leaked files reveal
2.8M subscribers in the hacking community. A subreddit dedicated to hacking and hackers. Constructive collaboration and learning about exploits…
Change Healthcare Breach Hits 100M Americans – A Reminder of Healthcare’s Cybersecurity Gap?
It’s alarming that the recent breach at Change Healthcare has exposed the data of 100 million Americans. With hospitals and healthcare organizations…
DDoS site Dstat.cc seized and two suspects arrested in Germany
994K subscribers in the cybersecurity community. This subreddit is for technical professionals to discuss cybersecurity news, research, threats, etc.
Microsoft: Chinese hackers use Quad7 botnet to steal credentials
993K subscribers in the cybersecurity community. This subreddit is for technical professionals to discuss cybersecurity news, research, threats, etc.
Why is it a thankless job to report valid bugs in Fortune 500 Company?
Recently I found subdomain takeover in OTIS (Otis is the world's leading elevator and escalator manufacturing, installation and service company.)…
USB security for air gapped networks
Hi https://www.wired.com/story/goldenjackal-hacking-group-new-tools-air-gapped-machines/ We support an air gapped network. Using the mighty…
China's Quantum Tunneling Breakthrough: The Future of Encryption is at Risk
983K subscribers in the cybersecurity community. This subreddit is for technical professionals to discuss cybersecurity news, research, threats, etc.
Vulnhuntr: Autonomous AI discovers dozen+ 0-day vulnerabilities
983K subscribers in the cybersecurity community. This subreddit is for technical professionals to discuss cybersecurity news, research, threats, etc.
Is it possible to have secure authentication without emails, text messages, or other identifying external services?
Web dev here, but curious about security practices. I feel like it's fairly common to feel annoyed about giving your email to yet another random…
Windows question -- automated tool to determine if non-MS issued certs are installed?
Hi. I'm a non-Windows person so forgive me if this is a stupid question. I know how to look at the certs but there are lots installed. I wouldn't…
CISA confirms Veeam vulnerability is being used in ransomware attacks
980K subscribers in the cybersecurity community. This subreddit is for technical professionals to discuss cybersecurity news, research, threats, etc.
Malicious ads exploited Internet Explorer zero day to drop malware
976K subscribers in the cybersecurity community. This subreddit is for technical professionals to discuss cybersecurity news, research, threats, etc.
Websites for students to test OWASP ZAP?
Hi everyone! For a school project, I have to do a passive scan (to analyze HTTP requests and responses for known vulnerabilities) and spidering…
Administrator Protection feature - what it is about ?
In a blog post on Dark Reading titled “New Windows Feature Limits Admin Privileges,” it is mentioned: “Once the elevated admin token is activated…
European cyber insurance startup Stoïk secures $27M
972K subscribers in the cybersecurity community. This subreddit is for technical professionals to discuss cybersecurity news, research, threats, etc.
How can I make sure a job offer is legit?
I've been talking with an HR rep from a (legitimate) company for a couple of weeks, I've had several online interviews with other staff members too…
Blue team, IR folks: If you knew an adversary was in your system, what steps would you take?
Ive been invited to participate in a full-day security training exercise involving a situation where my entire network is compromised by a simulated…
SIEM Hunt - Deal killers and reasons to avoid
We're evaluating SIEM technologies, and would love any feedback on major differentiators between the top tools, like "Stay away from X if you care…
Best Hands On Training For Experienced IT Professional
Howdy, I’m looking to make a career switch to Cyber and was hoping to get some advice on best website/platform for hands on Cyber training. I’m…
TOTP in your Password Manager; should you?
I have a Bitwarden pro subscription and moved a few of my accounts TOTP 2FA credentials into Bitwarden. While very convenient, is it really a good…
I am building an XSS attacks defender => Please roast my solution (feedback request)
Cross-site scripting is the most prevalent security vulnerability online. Please roast my proposed solution mitigating this risk…
Has Archive.org been hacked?
965K subscribers in the cybersecurity community. This subreddit is for technical professionals to discuss cybersecurity news, research, threats, etc.
ADT says hacker stole encrypted internal employee data after compromising business partner
964K subscribers in the cybersecurity community. This subreddit is for technical professionals to discuss cybersecurity news, research, threats, etc.
Is Daniel Miessler a Messiah or a crank with AI?
I saw his projects with AI seems to assume he cracked the human problemswith AI. Anyone tried his tool?
firmware analysis / verification
Rolling out some IoT devices and am looking for suggestions for BIOS / firmware analysis. Would like to make sure there was no obvious tampering by…
ISO 27001 Lead Implementer certification - UK
Have any of you pursued ISO 27001 Lead Implementer? If so, do you have any recommendations if I'm self-funding? I've seen that some of these cost a…
Crowd-Strike Evaluation - Internship Assessment
Hey everyone, I'm super excited about the chance to intern at Crowd-Strike, especially given my passion for cybersecurity. I've been following their…
Python for SIEM Engineer Interview Questions?
Hi all! I have an interview for a SIEM and Detection Engineer position which is what I do now. One of the sections will be testing my in Python. I…
Are there any recommended coding practice problems to prepare for a security engineer interview?
I’m a Security Engineer but I’ve lost touch with DS/algorithms since transitioning to security from data science and dev role. I’m preparing for…