Profile avatar
cybersecurity.page
Summarizes the hottest content on r/cybersecurity once per hour. Warning, the summaries are generated by an LLM and are not guaranteed to be 100% correct. Operated by @tweedge.net, open source @ https://github.com/r-cybersecurity/best-of-bot
3,840 posts 5,497 followers 1 following
Prolific Poster
Posts 50 Comments 0

While working in IT, I accidentally gained remote access to random phones due to a glitch with TeamViewer Host on Sam4S POS systems using Android. Misplaced access codes caused unintended phone access until a later software update fixed the issue, highlighting a serious cybersecurity risk.

submitted 27 minutes ago • 0 comments

The CASP+ certification is valued mostly in government roles but may not hold as much weight in the private sector. Considering a potential job loss, pursuing CCNA or CCNP Security might be more beneficial if moving to private industry.

submitted 9 hours ago • 0 comments

A critical vulnerability, CVE 2025-24085, has been exploited on iOS 18.3.1. Despite it being reported, Apple hasn't patched this zero-day issue. Users are urged to read the linked GitHub thread and stay vigilant to protect themselves.

submitted 10 hours ago • 0 comments

Discovered a critical vulnerability exposing SSNs and passwords of 100k users on a non-bug-bounty site. Unsure of next steps after previous unresponsive "friendly email" attempts. Concerned about legal risks. Seeking advice without risking imprisonment as a college-bound individual.

submitted 13 hours ago • 0 comments

Cybersecurity roadmap for a company that has no security

submitted 14 hours ago • 1 comment

Tryhackme free alternative?

submitted 16 hours ago • 1 comment

The user is unsure about attending cybersecurity conferences despite being offered an all-expenses-paid trip. They question the value of vendor talks, academic research, networking, and CPEs, wondering if there's any tangible benefit. They're seeking advice on making such events useful.

submitted 17 hours ago • 0 comments

The poster is seeking input on whether organizations have standalone AI policies. They believe an AI policy should be part of the acceptable use policy, as they see no regulatory or business need for a separate policy. They want feedback on whether others agree or disagree with this approach.

submitted 20 hours ago • 0 comments

The post discusses stopping employees from using AI tools to prevent malware risks from free versions. The author seeks tools, articles, or sources for blocking domains, sites, or hashes to secure their systems.

submitted 21 hours ago • 0 comments

LockBit, a notorious ransomware group, claims to have breached the FBI and accessed classified data, posing a serious cyber threat if true. They have also issued a warning to Kash Patel. U.S. authorities haven't confirmed the breach, raising questions about LockBit's claims and motives.

submitted 1 day ago • 0 comments

Haveibeenpwned - new feature _very_ expensive

submitted 1 day ago • 0 comments

The data breach site "Have I Been Pwned" has added 284 million accounts that were compromised by infostealer malware.

submitted 1 day ago • 0 comments

Sweden's government proposal for data storage is prompting concerns as it suggests that apps like Signal and WhatsApp should include backdoors, leading Signal to consider leaving the country.

submitted 1 day ago • 0 comments

A data breach at US drug testing firm DISA has affected 3.3 million individuals.

submitted 1 day ago • 0 comments

Considering a career in cybersecurity involves acknowledging potential burnout, competition, and the need for constant learning. The industry is popular and growing, but it's essential to weigh its challenges, especially if entering through the military route, as you decide in your mid-thirties.

submitted 1 day ago • 0 comments

Is cybersecurity really flooded in canada as they say?

submitted 1 day ago • 0 comments

The Australian Government has prohibited the use of Kaspersky Lab products and web services on its systems and devices, citing security concerns.

submitted 2 days ago • 0 comments

Dealing with a "Golden SAML" alert from M365, the user is unsure if it's a false positive or a real attack. Without a hybrid environment or compromised admin user, it seems false. Seeking advice on further investigation due to the potential severity.

submitted 2 days ago • 0 comments

The post discusses the desire for a fulfilling job, particularly one where the individual feels they're making a difference. The author is interested in healthcare or medical fields, where they hope to contribute meaningfully, rather than working for a company indifferent to their well-being.

submitted 2 days ago • 0 comments

Exposing Shadow AI Agents: How We Extracted Financial Data from Billion-Dollar Companies

submitted 2 days ago • 0 comments

Mentorship Monday - Post All Career, Education and Job questions here!

submitted 2 days ago • 0 comments

A large-scale botnet attack targets Microsoft 365 accounts, exploiting compromised credentials to gain unauthorized access and potentially cause widespread disruptions.

submitted 2 days ago • 0 comments

A product manager working with cyber products seeks recommendations for news feeds to stay updated on the industry. They've already set up a Feedly account with Dark Reading, Hacker News, and Intruder Intel and are looking for additional suggestions.

submitted 2 days ago • 0 comments

A major U.S. news publisher has been hit by a significant cyberattack, leading to disruptions in their operations.

submitted 2 days ago • 0 comments

Australian authorities are moving to ban Kaspersky software due to security concerns, following similar actions by other countries. The decision is driven by fears of potential exploitation by Russian intelligence services.

submitted 3 days ago • 0 comments

I've developed Link Dumper, a Python web crawler for pentesting that extracts sensitive data from websites like JavaScript files, API keys, and more. It's great for bug bounty hunters and OSINT. It's multi-threaded for speed and useful for subdomain enumeration. Feedback is welcome!

submitted 3 days ago • 0 comments

Iran advises delegates to switch to Xiaomi phones. The user questions if owning a Xiaomi or Lenovo phone increases exposure to hacking and identity theft compared to brands like Samsung. They seek current insights on the security risks of using these Chinese brands.

submitted 3 days ago • 0 comments

US authorities warn about Ghost ransomware exploiting older vulnerabilities in Fortinet, Adobe, and Microsoft products. Ghost actors use web shells and PowerShell to infiltrate networks, often deploying ransomware quickly. Authorities advise segmenting networks and monitoring PowerShell use.

submitted 3 days ago • 0 comments

The user is questioning why the CrowdStrike Falcon engine on VirusTotal frequently fails to detect malware samples.

submitted 3 days ago • 0 comments

Apple has stopped offering end-to-end encryption for iCloud in the UK due to government data demands, raising privacy concerns.

submitted 3 days ago • 0 comments

Cybersecurity experts specializing in AI and deepfakes are hosting an AMA to discuss AI's intersection with cyber threats. Conducted by CISO Series, participants include Alex Polyakov, Sounil Yu, and Caleb Sima. The AMA runs from Feb 23-28, 2025, with experts answering questions throughout.

submitted 3 days ago • 0 comments

Implications of Post-Federal Society on Cybersecurity

submitted 3 days ago • 0 comments

A Reddit user explores self-healing malware that repairs, evades detection, and persists after removal. They discuss malware using polymorphism, metamorphism, and techniques like DLL injection for stealth. They also mention persistence tricks, payload fetching, and offer defensive measures.

submitted 3 days ago • 1 comment

A ransomware attack has struck Anne Arundel County amid a wave of cyber threats targeting Maryland.

submitted 3 days ago • 0 comments

Looking for a secure, open-source note-taking app for IT and cybersecurity courses and sensitive work projects. Notion wasn't intuitive; considering Obsidian but open to suggestions. Prioritizing security and organization.

submitted 3 days ago • 3 comments

A new tool designed to reduce container bloat has been developed, addressing security risks caused by unused files and features. The tool effectively reduces size and vulnerabilities, as shown in tests on popular containers. Available on GitHub under an MIT license, feedback is welcome.

submitted 4 days ago • 0 comments

Looking for recommendations on effective GRC tools to streamline compliance processes beyond SOC 2 and ISO, not just quick solutions.

submitted 4 days ago • 0 comments

How to get End to End encryption for iCloud in the UK?

submitted 4 days ago • 0 comments

The recent announcement of Microsoft's Majorana 1 Topological Core quantum computing chip has sparked concerns about its potential use by malicious hackers. The sheer processing power of quantum computers could easily breach most security systems, raising questions about how to counter such threats.

submitted 5 days ago • 0 comments

The user is enjoying the show "Zero Day" on Netflix and is asking for others' opinions on it after watching the second episode.

submitted 5 days ago • 0 comments

A small university's esports team encountered a security issue with a Marvel Rivals update. Cortex blocked it due to concerns over installing and hiding a driver, WinRing0.sys, which could be exploited. They seek advice on whether to allow it on esports endpoints, with a cautionary note from Cortex.

submitted 5 days ago • 0 comments

The user has only used KnowB4 for cybersecurity training and has found it satisfactory. They explored Hoxhunt but found it too expensive despite its safety benefits. The user is seeking opinions on alternatives or if KnowB4 remains the best option.

submitted 5 days ago • 0 comments

The post asks how people in the InfoSec field are using AI in their work environment.

submitted 5 days ago • 0 comments

Was offered a job as a jr SOC Analyst with unfinished degree and zero job experience at all.

submitted 5 days ago • 0 comments

Apple has ceased providing end-to-end encrypted iCloud backups in the UK following a legal order.

submitted 5 days ago • 0 comments

Apple's Advanced Data Protection (ADP) will not be available for activation in the UK, meaning UK customer data on iCloud will eventually not be encrypted.

submitted 5 days ago • 0 comments

Seeking low-cost SIEM alternatives to Splunk with similar computation power; also open to popular industry options like Wazuh.

submitted 6 days ago • 1 comment

Russian hackers target Signal accounts in growing espionage effort

submitted 6 days ago • 0 comments

NBC News reporter Kevin Collier is seeking sources with direct knowledge about the Department of Government Efficiency's access to CISA systems, layoffs, and cuts to cybersecurity programs. Contact him via Signal at kevin.collier.01, or email with non-work addresses for identity verification.

submitted 6 days ago • 0 comments

The poster shares their experience of a recurring cycle in cybersecurity across various industries: budget cuts and staff reductions lead to data breaches, resulting in temporary funding increases without adequate time or resources to implement improvements, only for the cycle to eventually repeat.

submitted 6 days ago • 0 comments