What are some warning signs that an undetected attacker would be attempting to escalate privileges on a machine?

Thanks for the ama!

I obviously recommend offsec for training. We have a lot of hands on stuff and a lot of good defensive training going on right now. Tryhackme is a good resource as well. I have used that.

For some good fundamental training https://overthewire.org/wargames/bandit/ and under the wire are great. They help build command line skills which is very important. They are free as well.

We probably all have something we regret like that for our time in the Army haha but its never to late to get in the game. I was 25 working at a motorcycle mechanic when I joined the Army and started in cyber security.

I always wonder how many of these Stargate-style world altering scenarios have been averted by specialists like you but no one will ever know about because of the classifications of them.

Thank you for your service to the world.

Do/did you do any work in misinformation campaigns? It seems countries like Russia do this very well. Curious how often Americans are purposely duped for efforts related to warfare.

What's a recommendation for online resources for someone who wants to get into Cyber Security? Things like Tryhackme, Cybrary, etc?

I was in the Army as well and have spent a few years working physical security. Looking back I regret the time I told my recruiter I wasn't interested in IT work haha

I have heard a lot of people talking about how that is the future and even someone said that security analysts will be a thing of the past. I disagree with that. I do not think AI will take the place of a person. Well at least for a long time. There are a lot of tools that classify network traffic and logs and create a base of what is going on and hackers till get passed that stuff. It will help for sure but every time security tools get better then hackers get better. It just never ends.

I can not get into details because of the classification. I will say the scariest attack is one that happened at a very very important facility and it was not hard for the attacker to get into that network. It was a network that should have been harder to attack but the it was sooo easy for them.

What is your opinion on artificial intelligence in cyber security? Especially in regards to behavior-based detection systems, for example in fending off zero-day attacks.

what's the scariest cyber attack you've dealt with?

Do not worry about being dead weight. I will always choose an analyst who is trying to get better and has a good work ethic over someone who knows a lot and does not try to get better.

[deleted]

[removed]

That is a tough question. I would say improve your knowledge about the threats out there. People are the biggest security risk. You can have all the security features you want but a person can make those useless. Be aware of how hackers are operating these days. Like text message are big now saying it is your bank and you need to click a link. Just be aware of those type of things.

1. I started in cyber security in the Army. I was on a cyber protection team and we deployed to different areas where a cyber attack had occurred. I was actually a motorcycle mechanic and wanted to make a switch.
2. The work is fun and challenging. There is always something to learn and it never ends. For a SOC analyst for example they spend a lot of time looking at a SIEM and looking at alerts hoping to find "the bad things". We would spend a lot of time working on tools to make our work easier and make it easier to find cyber attacks. Also we did a lot of practicing and exercises because if you do not have an cyber attack its hard to get better at finding one.

For more AMAs on this topic, subscribe to r/IAmA_Tech, and check out our other topic-specific AMA subreddits here.

I’ve been working through TryHackMe and several Udemy courses. I have a thing where I don’t want to be dead weight on a team.

Thank you for your insight and I will absolutely look up your program Gabe!!!

A background in IT is a great start already and a easy transfer that a lot of people do. My biggest advice is to start getting hands on experience. There are a lot of books out there but just reading can only get you so far. Offsec has our SOC200 training out with the exam that will be coming out as well. We also have challenge labs with a play button that launches an entire attack against a network and the student has to find it in the host logs. Tryhackme is also a good resource for hands on stuff as well. CTFs are a fun way to get some experience and hands on skills like PicoCTF. Getting some security certifications will help make that switch too.

What, in your opinion, is the single best thing a person can do to protect themselves online? Thank you!

Where’s the best place to start as someone who has an IT background, but wants to move into SecOps?

What classes (online) or literature do you suggest?

Just a couple of questions

1. How did you get into the field?
2. What's the work like in the cyber security field (what is the core elements of the job)?

Of course! Happy to keep answering questions even if technically the AMA is over. Especially when it's about taxidermy tortoises! :-)

It’s been more than a day since you posted I appreciate the answer even with my late question so thank you and I think turtle skulls are cool

What great questions! Thanks for asking. So, I have accepted that my pets are going to die, and I think from researching and writing Good Grief I am a little more aware of that possibility every day but I think it has helped me try to live in / appreciate the moment more. So even if my dog Seymour (who loves to chase trucks, ugh) runs into the road and gets killed, I like to think that now I will be able to appreciate the few years we've had together at least and just be happy we had those, even if he dies young/tragically. Though it definitely will hurt the same! Some people I interviewed said they felt each subsequent pet death hurt even MORE as they got older because each one reminded them of all the previous ones that came before it as opposed to getting more immune to the grief. But I think despite the pain it's still worth having pets because the joy the bring (me at least) makes up for how sad it is when they die.

As for my research changing how I mourn pets, I've definitely thought about wanting to do some of the things I learned about now. I love the idea of preserving/taxidermying my tortoise Terrence's shell, and Seymour has a very distinctive skull, I could see wanting to articulate his skeleton or maybe preserve just the tip of his tail or ear, though I'm not sure yet. I definitely think I want to get memorial tattoos though for all of them. And I already make little shrines on shelves in my home and put together photo albums, so I will keep that up as well.

I approve!!!!

How is Ebola not everywhere? I thought it spread like super quickly and is there a cure in sight?