|
BaseballPCHiker posted:Yeah go get that InfoSec money now. You sound ready. I'm already very decently paid, and my job title has "cybersecurity" in it, so I'm not in a rush 
|
#
?
Aug 29, 2021 09:08
|
|
|
|
| # ? May 26, 2024 09:45 |
|
|
navyjack posted:polish the ol’ soft skills. Soft skills are severely underrated in tech fields. Both of my major career breaks came about because I'd made connections on smoke breaks. They resulted in my first full-time IT position, and - God willing and the creeks don't rise - my last. Find the people at work that are doing the jobs you want. Make friends, get job. Beyond just getting the job, soft skills are a huge part of my job. I've got to keep the business happy, I have to help keep the team ticking along, and generally keep up appearances socially around all the departments. I'm at a level where I'm working on GPOs for either thousands of machines, or for FDA-audited machines, and people skills got me the job. I don't see a ceiling above me, so I'm going to say that just simply being able to deal with people will take you from entry level to the C suite, or wherever in between you want to end up.
|
|
#
?
Aug 29, 2021 09:16
|
|
|
navyjack posted:As far as what I’m wanting to do career-wise, I’m not sure. Everything is really fascinating and kinda new. I figured with my background, SOC analyst would be where I would start. I’ve got technical writing/reporting experience so I kinda thought auditing and compliance might be in my future. Don't feel that you need to know where you want your career to go at this point--if anything, I'd say that this early on you shouldn't have already decided. Get your feet wet, poke your nose into a bunch of different things, and see what grabs you. For coding, start with Python. Trust me. mllaneza posted:Soft skills are severely underrated in tech fields. This is very true. You can be an insufferable rear end in IT if you've got skills good enough to back it up, but conversely, you'll get places if you're good at talking and writing even if your technical skills aren't top-tier. It is extremely valuable to be able to be the guy who can talk to the (client|boss|vendor|whatever) and be able to use those soft skills to help get your team what you need in a way that the SME who can't open his mouth without making the rest of the room wish he'd just shut the gently caress up never will.
|
|
#
?
Aug 29, 2021 15:32
|
|
|
navyjack posted:Thanks for all the responses and candor, it’s appreciated. I think a lot of the initial responses here painted an overly grim picture. The truth of the matter is that infosec is a very quickly growing field with not enough people in it and that's not likely to change anytime soon. I think most of the people in this thread look down on, and have been burnt by people who entered the industry and don't have any previous technical experience. People who just run an automated tool and spit out a spreadsheet, then when pushed back on, dig down because they either don't know any better or because that's their job. I am sure your experience in the military will be helpful here, as will your customer service skills. If you've got technical writing/reporting experience, you're absolutely right auditing and compliance would be an easy in. Lots of light project management work to be done as well, checking on fix statuses, coordinating with different departments, etc. If you're at the "everything is really fascinating and new," that's great. Keep pulling at those threads. Try to find tech projects to work on to learn. Keep looking at all the interesting ways infosec applies to the world. I actually don't think you'll have all that much trouble finding a job. Plenty of positions that do the grunt work the """real engineers""" don't want to do. From there, you've got your foot in the door and you're good to go. Good luck with your Security+. Keep your learning going, get your resume/LinkedIn going, and apply apply apply. Even if you don't think you qualify. It's a numbers game, don't let it get you down.
|
|
#
?
Aug 29, 2021 19:15
|
|
|
If you're a vet and you're looking to get another cert under your belt: https://ivmf.syracuse.edu/programs/career-training/learning-pathways/ Syracuse University runs a program, they'll pay for one cert. Not a fan of skillsoft personally, but you can breeze past that content and pick up some relevant study books. You can also pick up an Azure fundamentals cert for free if you attend a Microsoft training day: https://www.microsoft.com/en-us/trainingdays Don't downplay your time as an intel analyst, there's a whole corner of Infosec devoted entirely to threat intel and etc.
|
|
#
?
Aug 29, 2021 19:20
|
|
|
There's going to be plenty of demand for Infosec in the next few years, at least until attacks become less visible to the public. AppSec is probably going to be the fastest growing right now, especially with a focus on cloud services. Get a good understanding of Cloud, which needs a little bit of a generalist understanding of infrastructure in general.
|
|
#
?
Aug 29, 2021 19:42
|
|
|
Internet Explorer posted:I actually don't think you'll have all that much trouble finding a job. Plenty of positions that do the grunt work the """real engineers""" don't want to do. From there, you've got your foot in the door and you're good to go. Good luck with your Security+. Keep your learning going, get your resume/LinkedIn going, and apply apply apply. Even if you don't think you qualify. It's a numbers game, don't let it get you down. Well part of the question is what he considers as a viable job. I'll agree with you that it shouldn't be hard to find a job doing something, but finding one that pays well and is doing something interesting will be a little more challenging. The Syracuse U link reminded me: if you are at all interested in project management, consider using IVMF to get one of the Business Management certs--Technical Project Managers make solid money and are always in demand (and also leverage even more of those "soft skill" like not being a complete muppet when you're writing an email to someone). Alternately, consider using them for a higher-level tech cert (like SSCP--even if you don't qualify for the "full cert" based on lack of experience, you can still take the test and then upgrade your cert whenever you have the claimable time (which as an intel analyst you very likely already do, btw)). Don't use them for an intro-level cert like Net+ that you could easily pay for yourself with pocket change. Use them for some $$$ thing you wouldn't otherwise be able to afford. Similarly, depending on when you got out, you might be in the window for the SANS VetSuccess program which gets you like $20k worth of very very good tech training that absolutely will get you a decent paying tech job in pretty short order. The biggest catch with both programs is they're seat-limited, so you may be waiting around for a while for an open slot to roll around. Still, if you qualify, there's literally no reason not to utilize both programs as a way to vault yourself into InfoSec.
|
|
#
?
Aug 29, 2021 21:29
|
|
|
DrDork posted:
Goddamn I’m a few years past the cut off point for that VerSuccess program but I have a couple of friends who are get that link in their email today, so thanks for that! As far as getting an interesting, well-paying job, I’m not expecting to jump the line and get a great gig because I got a cert and paid for a bootcamp. I’m wanting to get my foot in the door and then rely on my hustle, drive, and ability to work with people to take me further. Speaking of hustle, does anybody have their own reccs for learning Python? I’ve been using books and some YouTube tutorials but it’s still slow going.
|
|
#
?
Aug 29, 2021 21:49
|
|
|
DrDork posted:Well part of the question is what he considers as a viable job. I'll agree with you that it shouldn't be hard to find a job doing something, but finding one that pays well and is doing something interesting will be a little more challenging. They mentioned that they were previously a bartender. I am sure there are a lot of people trying to break into the industry who have to start somewhere. You can worry about pay and interesting/challenging after you get your foot in the door.
|
|
#
?
Aug 29, 2021 22:19
|
|
|
I really struggle trying to learn Python too. I know it will be super helpful, but I keep bouncing off it after a few lessons. I’ve tried a couple of udemy courses and automate the boring stuff, but just can’t seem to power through it.
|
|
#
?
Aug 29, 2021 22:20
|
|
|
rafikki posted:I really struggle trying to learn Python too. I know it will be super helpful, but I keep bouncing off it after a few lessons. I’ve tried a couple of udemy courses and automate the boring stuff, but just can’t seem to power through it. 
|
|
#
?
Aug 29, 2021 22:27
|
|
|
rafikki posted:I really struggle trying to learn Python too. I know it will be super helpful, but I keep bouncing off it after a few lessons. I’ve tried a couple of udemy courses and automate the boring stuff, but just can’t seem to power through it. Dang, I was going to recommend Automate the Boring Stuff. I found that writing something and actually getting it to work kinda reinvigorated me with the Python brush-ups. That said, my generalist IT Bachelors was heavy handed with the language so I had to learn to like it.
|
|
#
?
Aug 29, 2021 23:01
|
|
|
Lets Get Patchy posted:Dang, I was going to recommend Automate the Boring Stuff. I found that writing something and actually getting it to work kinda reinvigorated me with the Python brush-ups. That said, my generalist IT Bachelors was heavy handed with the language so I had to learn to like it. I really should pick it back up. It’s not a matter of difficulty, just me being a lazy fucker
|
|
#
?
Aug 29, 2021 23:06
|
|
|
I find I can only really get to work on stuff if I’m solving a real problem, not just doing an exercise.
|
|
#
?
Aug 29, 2021 23:43
|
|
|
rafikki posted:I really struggle trying to learn Python too. I know it will be super helpful, but I keep bouncing off it after a few lessons. I’ve tried a couple of udemy courses and automate the boring stuff, but just can’t seem to power through it. You need a project. Something you want to do, not something a textbook suggests. Think of some tedious bullshit you have to do over and over on the computer, cut the tasks into pieces based on things that can be done manually and which ones need hands on, and then just work out how those chunks would be done. For me, it was my neurotic and precise method of tagging my music that I trimmed down over time by writing little helped scripts, or scraping specific stuff out of a public json file from the web. I didn't write all of either at once, just would do a small step of it until I got sick of doing the next step in the process manually
|
|
#
?
Aug 30, 2021 00:17
|
|
|
text editor posted:You need a project. Something you want to do, not something a textbook suggests. Think of some tedious bullshit you have to do over and over on the computer, cut the tasks into pieces based on things that can be done manually and which ones need hands on, and then just work out how those chunks would be done. all the tedious bullshit I have to do manually is poo poo that needs human eyes(like deciding which random rear end book metadata fits the random text file I found while hunting for obscure sci fi). everything else I pretty much automate in bash. I try doing it in python, but get frustrated and revert to bash because I can make it happen there
|
|
#
?
Aug 30, 2021 00:37
|
|
|
Internet Explorer posted:They mentioned that they were previously a bartender. I am sure there are a lot of people trying to break into the industry who have to start somewhere. You can worry about pay and interesting/challenging after you get your foot in the door. If dude can break into cybersec without having touched a computer for cash and with no more formal education than a boot camp more power to him says I. Plenty of idiots with "qualifications" have these jobs already may as well let goons get paid
|
|
#
?
Aug 30, 2021 00:38
|
|
|
for people that really want to get into infosec stuff and maybe don't have a ton of background in it and no skills from which a lateral move is really possible, look into google's ITR program. basically you do tech support for a couple years, and then you do a rotation with an engineering team. i dont know what teams get ITR people rotating besides mine, but we definitely get them, and it's not uncommon that they convert. on my team of ~30 people, i can think of 3 that came from the ITR program. one of them converted years ago, one did the rotation before i joined and then converted right after i started, and one did their rotation while i was on the team and then came back a bit later. not everybody converts, of course, but at least with my team it isn't uncommon of course, working the helpdesk for two years is a hell of an opportunity cost just for a couple months on an eng team and a shot at conversion. but maybe this is helpful for somebody, idk.
|
|
#
?
Aug 30, 2021 03:12
|
|
|
rafikki posted:I really struggle trying to learn Python too. I know it will be super helpful, but I keep bouncing off it after a few lessons. I’ve tried a couple of udemy courses and automate the boring stuff, but just can’t seem to power through it. I found this site fairly helpful. I'm self-taught for the most part, prior the last formal training was an algorithms class in C and x86 assembly on a 1st gen pentium about 20 years ago. This place helped me wrap my head around objects and doing things the "python way" as opposed to brute forcing my way through whatever I was trying to do with my hacky little scripts. It is a paid service, but $25/mo seemed pretty reasonable to me for what they offer. https://teamtreehouse.com
|
|
#
?
Aug 30, 2021 06:33
|
|
|
RFC2324 posted:I try doing it in python, but get frustrated and revert to bash because I can make it happen there Pablo Bluth fucked around with this message at 09:46 on Aug 30, 2021 |
|
#
?
Aug 30, 2021 08:45
|
|
|
Pablo Bluth posted:Conversely I don't how how anyone loves bash scripting. I don't think I'll ever remember when I should single or double square bracket the if test or if I should put the variable in quotes... Practice, tho I can't say I love it. I can make it do the things tho, so when I hit a roadblock in a python script I end up rage scripting it in bash and now I don't have a project
|
|
#
?
Aug 30, 2021 16:47
|
|
|
You should use the right language for the job. There's no reason to install python on a server when you want to script a simple backup to remote job. On the flip side, if you need to code a widget so that F in HR can press a button that will automagically upload a floorplan from their computer to your websever instead of asking you repeatedly to do it, because FTP is hard. You'd probably want to figure that out in Python or JS.
|
|
#
?
Aug 30, 2021 17:01
|
|
|
At this point isn't python fairly ubiquitous on anything but the most streamlined server? There's always Perl... Ok, it's dying so bad even it's proponents are quitting (toxic community issues) but it's esoteric do-everything-in-a-million-ways design will always be have a place in my heart.
|
|
#
?
Aug 30, 2021 17:36
|
|
|
I'd like Python better if it used curly braces instead of the indenting thing. And I'd also like it if variables were explicitly declared as the intended type. Maybe it's just that I'm old as dirt and still kind of think in C. Still, I can't deny that python is fantastically useful and basically omnipresent, so it's definitely to your advantage to learn it. But the language I use most these days, believe it or not, is awk. Nice clear C-like syntax with very useful optimizations for text wrangling. It's fantastic for one-offs from the command line, but I've also been known to use it for longer scripts, somewhat to the consternation of the rest of my python-loving sysadmin team. Awk is your friend, love the awk.
|
|
#
?
Aug 30, 2021 18:58
|
|
|
Pablo Bluth posted:At this point isn't python fairly ubiquitous on anything but the most streamlined server? Not as much so on Windows systems, I think.
|
|
#
?
Aug 30, 2021 19:03
|
|
|
Subjunctive posted:Not as much so on Windows systems, I think. but it can easily be, and doesn't take much porting of code. I remember someone around here(Methanar I think?) talking about using the same scripts across both platforms for something Powered Descent posted:I'd like Python better if it used curly braces instead of the indenting thing. And I'd also like it if variables were explicitly declared as the intended type. Maybe it's just that I'm old as dirt and still kind of think in C. Still, I can't deny that python is fantastically useful and basically omnipresent, so it's definitely to your advantage to learn it. Awk is probably the cli linux admins best friend. awk + grep = gimme da info
|
|
#
?
Aug 30, 2021 20:06
|
|
|
Powered Descent posted:I'd like Python better if it used curly braces instead of the indenting thing. And I'd also like it if variables were explicitly declared as the intended type. Maybe it's just that I'm old as dirt and still kind of think in C. Still, I can't deny that python is fantastically useful and basically omnipresent, so it's definitely to your advantage to learn it. You can do code:RFC2324 posted:but it can easily be, and doesn't take much porting of code. I remember someone around here(Methanar I think?) talking about using the same scripts across both platforms for something I write plenty of pywin32-using scripts (for win32-specific calls, not moving files or editing configs - that's just the same and pretty much universally cross platform). It's not terrible, but at the same time it's mildly gross when I have to import ctypes and make HWND_WHATEVER and call functions with half a dozen of None parameters. But that's not a python issue, it's a win32 issue. It also doesn't help that if I legitimately try to do something to another window (with user32.dll and SendMessage/SendMessageA) in C++, C, or C# it's detected as extreme trojan malware. Even if it is literally five lines so it can automatically click on something one time or read a list of items. The second I copy that exe elsewhere windows defender blows up. Impotence fucked around with this message at 20:16 on Aug 30, 2021 |
|
#
?
Aug 30, 2021 20:11
|
|
|
Biowarfare posted:You can do Huh, I hadn't seen that before. Apparently it came in with python 3.5. Neat. (My old company kept using python 2 right up to its EOL, and even a little beyond, so I'm something of a latecomer to 3. Occasionally I'll still catch myself typing "print x" instead of print(x).)
|
|
#
?
Aug 30, 2021 21:20
|
|
|
Biowarfare posted:
Are you implying here that doing this from python does not trigger malware detection? Use this one weird trick! AV vendors hate it!
|
|
#
?
Aug 30, 2021 21:21
|
|
|
Powered Descent posted:Huh, I hadn't seen that before. Apparently it came in with python 3.5. Neat. It doesn't actually do anything on its own, python ignores type annotations, they are for tools like mypy (which I do recommend)
|
|
#
?
Aug 30, 2021 21:33
|
|
|
Powered Descent posted:Huh, I hadn't seen that before. Apparently it came in with python 3.5. Neat. (My old company kept using python 2 right up to its EOL, and even a little beyond, so I'm something of a latecomer to 3. Occasionally I'll still catch myself typing "print x" instead of print(x).) I write substantial amounts of python for fun and profit, and I honestly cannot handle writing python 2 for anything more than a 2-3 line transform. It's so painful, manually dealing with utf-8 strings vs raw bytes, byte decode/encode when you're trying to do anything more than ascii, the speed differences, async, all that stuff. I stay up to date on python precisely because each version brings huge amounts of value and improvements to me. Phosphine posted:Are you implying here that doing this from python does not trigger malware detection? It seems like it, as long as I don't pack the .py file into an exe. This is a C# application that more or less entirely consists of, with no attempt at obfuscation or hiding in any way: code: I have no idea what the gently caress the "machine learning" is picking up, because it's a single-class exe that looks for a button in another window and clicks it. There's no remote access or network connectivity and it doesn't make internet calls. It doesn't even type or create any input into any boxes. There's no way for an attacker to modify anything, every string is hardcoded into the binary. Look for a window and click a button that says "Restart" as its label. Phosphine posted:Yeah mypy and annotations are great, and I highly recommend getting used to it of writing any sort of serious python, but it being optional and relying on separate tooling is pretty bad safety-wise. I wish python had better built-in facilities for ensuring your code is correct, but I guess the freedom and flexibility is part of the appeal that got it to its current position. vvv I can't think of many languages where you don't use too much separate tooling. You'd be using pylint for python and/or mypy, you'd want eslint (for javascript) and typescript, you'd want clang-tidy, valgrind, etc for cpp. You have the flexibility to write ridiculous code regardless in just about any language. python is at least strongly typed i guess? The more interesting one is PHP, which enables strict type checking, more so than python. Which is hilarious because it's probably the last one you'd expect this from, but it's there Impotence fucked around with this message at 21:50 on Aug 30, 2021 |
|
#
?
Aug 30, 2021 21:37
|
|
|
Rufus Ping posted:It doesn't actually do anything on its own, python ignores type annotations, they are for tools like mypy (which I do recommend) Yeah mypy and annotations are great, and I highly recommend getting used to it of writing any sort of serious python, but it being optional and relying on separate tooling is pretty bad safety-wise. I wish python had better built-in facilities for ensuring your code is correct, but I guess the freedom and flexibility is part of the appeal that got it to its current position.
|
|
#
?
Aug 30, 2021 21:42
|
|
|
Subjunctive posted:Not as much so on Windows systems, I think.
|
|
#
?
Aug 30, 2021 21:48
|
|
|
CommieGIR posted:https://twitter.com/RayRedacted/status/1427641178380546049?s=20 The part 2 of this just came out today focused on the NSO group. It’s maybe not as revealing to someone who has followed NSO/Pegasus news for the past few years but it’s still really good.
|
|
#
?
Aug 31, 2021 20:43
|
|
|
Pablo Bluth posted:Conversely I don't how how anyone loves bash scripting. I don't think I'll ever remember when I should single or double square bracket the if test or if I should put the variable in quotes... Shellcheck my person. MSCode with the shellcheck extension de-agonizes this process tremendously.
|
|
#
?
Sep 1, 2021 00:35
|
|
|
Had a really interesting email attack hit us recently Last Saturday a flurry of spam emails with the subject "Payment is due" touched our Cisco Ironport that had the "We saw you wanking on your webcam and looking at porn on your computer" scam on it with a "Look I'm sending from your address as proof I have access to your account". These emails were almost perfectly spoofed, each address it sent to mimicked the address it was sending to almost perfectly. Only things wrong with it were sometimes the capitalization of an address was wrong, and that it came from an IP in Bangladesh. Spoofed it well enough that it fooled our ESA and instead of putting it into the spoof quarantine, it was placed into regular-quarantine. Here's the twist though, the list of addresses the scammers used weren't just user accounts but also a bunch of email distribution groups that were still valid. Ironport SMA has a setting where you can have an email hit users periodically (in our case once a week on Monday morning) showing a summary of regular-quarantined mail sent to them that's currently held, with the option for a user to release it if was quarantined by accident. This included mail sent to distribution groups they're a member of. So all it took on Monday was one user in a large distribution group to click "Release" on mail that looks like is for a due payment and it set off the grenade for the entire distribution group. By Tuesday morning we finally had an understanding of exactly what happened, and then I look at the ticketing system and another email grenade had gone off for another large distribution group. Turned that feature tf off, deleted all the mail with that subject line from regular-quarantine to prevent further releases, plus some other config changes.
|
|
#
?
Sep 1, 2021 02:38
|
|
|
This is a public service announcement: 16149 hosts for 133 financial, academic, and government institutions in 5 countries. Practice what you preach, your castles are on fire. Block/blackhole TCP and UDP 9993 and any traffic to AS204641 and AS6752 if you wish to enjoy your long American weekend. Grep logs on DMZ or WAN connected hosts for user-agents containing the strings "blanket" and "oranges". We welcome you to perform SRE and OSINT tasks on payloads and RATs found in impacted hosts; we do not recruit, we seat you at the table. 2a5f8d4d8daf60c2a4ba2cb7ffe1fce948dd2f7c6d5e2b069d77e40e671c6cdc3cb92821a222c021ad6d8ee009ef1639dba6bf497ac252ccb1bbc7f4d5f9a025b1475af2e50e20098caad744f632e8dd1b60c66b190949f2970d8369004b83b95b55ba6041b15308f071e7baf60acbb29a6516240255bc71bb5c3e79c489f4ffbe8ef814955e64b5f52d89407bf87704607d047f958468673f36583fa2cd860a99b5171b03412f2fbed513859ee395baa594eb3945b253c79e26dfe4b6f7f4a7e514b546692fd20d2678817a573f8c7119e3d8c42e76c179c23864d5d55c69d1026aecb455e53d18727d25aa8068a0a8//CuIN58//FELL LOAN HALL CREW We do not do this profit, pleasure, or personal gain. Ransoms and quiet payments are never our goal. We are self funded and do not require financial gains from our processes and projects. We strive to witness and engineer a brighter tomorrow. Forgive us for our harvests. Questions, comments, and concerns about the actus reus and mens rea of ongoing Jianting processes and projects can be directed to: "whimsical telegraph at g mail dot com" All are one, there are no pawns, burn the castle, Jianting Watches. LMR // MERCATOR DENDRITE (USER WAS PUT ON PROBATION FOR THIS POST) (USER WAS PUT ON PROBATION FOR THIS POST)
|
|
#
?
Sep 3, 2021 20:44
|
|
|
I'm late to the party on jobchat, but this thread is, in my opinion, heavily weighted towards technical infosec, bordering on opsec if not outright crossing over. It's hardly surprising, since it's the computer toucher subforum, and it's all good. But anyway, I'm in an small infosec consulting/software solution company. One or two of our 10ish consultants can code their way out of paper bags. I certainly can't. But we're still growing and experiencing happy/satisfied customers. What we're doing is compliance and governance: setting up how to do CIS controls, ISO 27001, GDPR and others, including clear ownerships and responsibilities at the company. And when we have that, we set up automated controls to check up on the sysadmin or whoever was supposed to check the logs. And then also business level risk assessments and emergency preparedness plans and exercises. My point is: the governance/compliance part of infosec is like 95% people skills in reality (because if you have half a brain you can figure out roughly who should be doing backups). The hard part is to sell responsibility to the organisation and make them understand that this poo poo of important. And it's not just a consulting gig, larger companies are employing people to do this poo poo too, and it's a growth industry here in Denmark and probably the rest of Europe. And it's also coming to the rest of the world if it isn't already there. The reason I think Europe is in front is GDPR, which heavily incentives companies to get their ducks in a row.
|
|
#
?
Sep 3, 2021 21:14
|
|
|
whimsicaltelegraph posted:This is a public service announcement: Am I having a seizure?
|
|
#
?
Sep 4, 2021 00:32
|
|
|
|
| # ? May 26, 2024 09:45 |
|
|
Defenestrategy posted:Am I having a seizure? vendor spam, plz ignore
|
|
#
?
Sep 4, 2021 00:37
|
|