#Cybersecurity Essentials
Text
What is Cybersecurity? A Comprehensive Guide to Protecting Your Digital Assets
Discover what cybersecurity is and learn essential strategies to protect your digital assets in this comprehensive guide for all users.
#Cybersecurity#Digital Protection#Online Security#Cyber Defense#Digital Fortress#Cyber Threats#Cybersecurity Strategies#Protect Digital Assets#Cybersecurity Basics#Cybersecurity Essentials
0 notes
Text
Cybersecurity Essentials for Web and App Developers
youtube
Cybersecurity breaches can harm a company's reputation, as well as the loss of sensitive data and financial losses. That's why cybersecurity systems are vital in today’s digital landscape. And in this MarsDevs blog, we are here to tell you all about cybersecurity essentials for Web and App Developers.
0 notes
Text
idk if people on tumblr know about this but a cybersecurity software called crowdstrike just did what is probably the single biggest fuck up in any sector in the past 10 years. it's monumentally bad. literally the most horror-inducing nightmare scenario for a tech company.
some info, crowdstrike is essentially an antivirus software for enterprises. which means normal laypeople cant really get it, they're for businesses and organisations and important stuff.
so, on a friday evening (it of course wasnt friday everywhere but it was friday evening in oceania which is where it first started causing damage due to europe and na being asleep), crowdstrike pushed out an update to their windows users that caused a bug.
before i get into what the bug is, know that friday evening is the worst possible time to do this because people are going home. the weekend is starting. offices dont have people in them. this is just one of many perfectly placed failures in the rube goldburg machine of crowdstrike. there's a reason friday is called 'dont push to live friday' or more to the point 'dont fuck it up friday'
so, at 3pm at friday, an update comes rolling into crowdstrike users which is automatically implemented. this update immediately causes the computer to blue screen of death. very very bad. but it's not simply a 'you need to restart' crash, because the computer then gets stuck into a boot loop.
this is the worst possible thing because, in a boot loop state, a computer is never really able to get to a point where it can do anything. like download a fix. so there is nothing crowdstrike can do to remedy this death update anymore. it is now left to the end users.
it was pretty quickly identified what the problem was. you had to boot it in safe mode, and a very small file needed to be deleted. or you could just rename crowdstrike to something else so windows never attempts to use it.
it's a fairly easy fix in the grand scheme of things, but the issue is that it is effecting enterprises. which can have a looooot of computers. in many different locations. so an IT person would need to manually fix hundreds of computers, sometimes in whole other cities and perhaps even other countries if theyre big enough.
another fuck up crowdstrike did was they did not stagger the update, so they could catch any mistakes before they wrecked havoc. (and also how how HOW do you not catch this before deploying it. this isn't a code oopsie this is a complete failure of quality ensurance that probably permeates the whole company to not realise their update was an instant kill). they rolled it out to everyone of their clients in the world at the same time.
and this seems pretty hilarious on the surface. i was havin a good chuckle as eftpos went down in the store i was working at, chaos was definitely ensuring lmao. im in aus, and banking was literally down nationwide.
but then you start hearing about the entire country's planes being grounded because the airport's computers are bricked. and hospitals having no computers anymore. emergency call centres crashing. and you realised that, wow. crowdstrike just killed people probably. this is literally the worst thing possible for a company like this to do.
crowdstrike was kinda on the come up too, they were starting to become a big name in the tech world as a new face. but that has definitely vanished now. to fuck up at this many places, is almost extremely impressive. its hard to even think of a comparable fuckup.
a friday evening simultaneous rollout boot loop is a phrase that haunts IT people in their darkest hours. it's the monster that drags people down into the swamp. it's the big bag in the horror movie. it's the end of the road. and for crowdstrike, that reaper of souls just knocked on their doorstep.
114K notes
·
View notes
Text
The Benefits of Implementing the ASD Essential 8 Framework for Small to Midsize Businesses
In an era when cybersecurity threats are becoming more frequent and sophisticated, small to midsize businesses (SMBs) must prioritize robust cybersecurity measures. One effective strategy is adopting the Australian Signals Directorate’s (ASD) Essential 8 framework. In this article Cybra Security explores the benefits of implementing this framework for SMBs, aiming to provide a comprehensive understanding of its importance and practicality.
Understanding the ASD Essential 8
The ASD Essential 8 is a set of cybersecurity mitigation strategies provided by the Australian Cyber Security Centre (ACSC) designed to protect organisations from various cyber threats. Originally developed to guide government agencies and large enterprises in safeguarding sensitive and high-value data, the framework is equally beneficial for SMBs. The Essential 8 focuses on three key areas: preventing malware delivery and execution, limiting the extent of cyber incidents, and recovering data and system availability. The eight strategies are:
· Application Control
· Patch Applications
· Configure Microsoft Office Macro Settings
· User Application Hardening
· Restrict Administrative Privileges
· Patch Operating Systems
· Multi-factor Authentication
· Daily Backup of Important Data
Each of these strategies plays a crucial role in creating a layered defence against cyber threats.
Benefits of Implementing the Essential 8
1. Enhanced Cybersecurity Posture
The primary benefit of implementing Essential 8 is a significantly enhanced cybersecurity posture. By adopting these strategies, SMBs can protect themselves against a wide range of cyber attacks, including malware, ransomware, and phishing attacks. Application control and patching software, for instance, directly reduce the risk of malicious software infiltrating the system.
2. Cost-Effective Security Solution
For SMBs, budget constraints are often a significant challenge. The Essential 8 offers a cost-effective approach to cybersecurity. Many of the strategies involve configuration changes and administrative controls that do not require substantial financial investment. This cost efficiency makes the framework accessible for SMBs that might not have the resources for more expensive, comprehensive cybersecurity systems.
3. Reduced Risk of Data Breaches
Data breaches can be particularly devastating for SMBs, potentially leading to significant financial losses and damage to reputation. Implementing Essential 8 can mitigate this risk by providing robust protections against unauthorised access to sensitive information. Strategies such as restricting administrative privileges and multi-factor authentication are critical in securing access points and reducing the chances of breaches.
4. Compliance and Customer Trust
Many industries have regulatory requirements regarding data security and privacy. Implementing Essential 8 can help SMBs comply with these regulations, avoiding penalties and legal issues. Additionally, a strong cybersecurity stance builds customer trust. Customers are more likely to engage with businesses they believe are taking proactive steps to protect their data.
5. Simplified Incident Management
The Essential 8 framework not only helps in preventing security incidents but also simplifies managing them when they occur. Strategies like daily backups of important data ensure that businesses can quickly recover from data loss incidents, minimising downtime and operational disruption. This ability to efficiently manage and recover from incidents is invaluable for maintaining business continuity.
6. Scalability
As businesses grow, their cybersecurity needs evolve. The Essential 8 framework is scalable, allowing SMBs to adapt their security measures as they expand. This scalability ensures that businesses can continue to protect themselves effectively without overhauling their entire cybersecurity infrastructure as they grow.
7. Increased Awareness and Skill
Implementing Essential 8 requires businesses to engage with cybersecurity practices actively, increasing awareness and skill among staff. This education is beneficial beyond complying with the framework — it cultivates a culture of security within the organisation, making employees better equipped to handle potential threats.
8. Protection Against Evolving Threats
Cyber threats are continuously evolving, and so too are the tactics to combat them. The Essential 8 framework is regularly updated by the ACSC to reflect the latest in threat intelligence and mitigation techniques. By following this framework, SMBs ensure they are protected against both current and emerging cyber threats.
Conclusion
For small to midsize businesses, the ASD Essential 8 provides a structured and effective approach to cybersecurity. Its benefits — ranging from enhanced protection and cost efficiency to compliance and improved incident management — make it an attractive choice for SMBs aiming to safeguard their operations from cyber threats. In implementing the Essential 8, SMBs not only secure their immediate digital environment but also invest in the long-term resilience and reliability of their business. Therefore, embracing this framework is not merely about preventing cyber incidents; it’s about ensuring sustainable business growth and building lasting trust with customers.
0 notes
Text
Building a Secure Environment: Essential Cybersecurity Measures for Comprehensive Protection
Building a Secure Environment: Essential Cybersecurity Measures for Comprehensive Protection
Source – www.bbc.com
Small businesses are at a higher cybersecurity risk than they perceive. Hackers do not discriminate and see value in any target with valuable data. In a world where information’s intrinsic and monetary value soars daily, you need to take action today. These are the most meaningful…
View On WordPress
#Building a Secure Environment: Essential Cybersecurity Measures for Comprehensive Protection#cyber security hacks
0 notes
Text
The Cost of Ignoring Cyber Security: A Wake-Up Call
In today's digital age, the importance of cyber security cannot be overstated. With the increasing reliance on technology, the risks and threats associated with cyber attacks have become more sophisticated and prevalent than ever before. Ignoring cyber security can have serious consequences, not only for individuals but also for businesses and governments.
The first cost of ignoring cyber security is the risk of data breaches. Cyber attacks can result in the loss of confidential information, such as personal and financial data, trade secrets, and intellectual property. This can lead to financial loss, reputational damage, and even legal liabilities.
Another cost is the impact on productivity. Cyber attacks can disrupt business operations and cause downtime, leading to lost productivity and revenue. In addition, businesses may need to invest in new technology and resources to recover from a cyber attack, further increasing the costs.
Moreover, the cost of ignoring cyber security extends beyond businesses to individuals. Personal data breaches can result in identity theft, financial fraud, and other forms of cybercrime. Victims may face financial loss, damage to their credit score, and reputational damage.
The most significant cost, however, is the threat to national security. Governments and critical infrastructure are prime targets for cyber attacks, and the consequences of a successful attack can be devastating. Cyber audits on power grids, financial systems, and healthcare facilities can disrupt essential services, endangering lives and national security.
In conclusion, the cost of ignoring cyber security is too high to be ignored. Investing in cyber security measures, such as strong passwords, two-factor authentication, and regular software updates, can help prevent cyber attacks and reduce the risk of data breaches. It is essential to stay informed about the latest threats and take proactive measures to protect our digital assets. Let this be a wake-up call to prioritize cyber security, not just for ourselves but for the safety and security of our society as a whole
#cybersecurity#Pen testing#hackers#hacking#web penetration testing#network penetration testing#vciso#essential 8#gdpr compliance
1 note
·
View note
Text
Leverage and White Collar fandoms, this seems relevant to your interests and possibly a hook for a fantastic fanfic of some kind.
Short version: Christie's Auction House was recently locked down by a cyberattack that essentially hobbled them for the entire month of May. The article discusses how high-end auction houses and sales sites don't pay much attention to cybersecurity, despite storing the personal information, including payment data, and fine art ownership status, of some of the wealthiest people in the world.
It's not necessarily easy to steal the identity of a super wealthy person because they have safeguards in place to prevent that kind of thing, but knowing where they live and their social security number is not inconsiderable. And if you're looking to steal a specific painting or make one extremely high-value theft, it's invaluable data. Especially if Christie's keeps any kinds of notes about where the art was shipped, since the Geneva Freeport and places like it are not immune to being robbed and because they're basically storage facilities, if you're smart about it the robbery may not even be noticed for years.
398 notes
·
View notes
Text
Microsoft's CEO Satya Nadella has hailed the company's new Recall feature, which stores a history of your computer desktop and makes it available to AI for analysis, as “photographic memory” for your PC. Within the cybersecurity community, meanwhile, the notion of a tool that silently takes a screenshot of your desktop every five seconds has been hailed as a hacker's dream come true and the worst product idea in recent memory.
Now, security researchers have pointed out that even the one remaining security safeguard meant to protect that feature from exploitation can be trivially defeated.
Since Recall was first announced last month, the cybersecurity world has pointed out that if a hacker can install malicious software to gain a foothold on a target machine with the feature enabled, they can quickly gain access to the user's entire history stored by the function. The only barrier, it seemed, to that high-resolution view of a victim's entire life at the keyboard was that accessing Recall's data required administrator privileges on a user's machine. That meant malware without that higher-level privilege would trigger a permission pop-up, allowing users to prevent access, and that malware would also likely be blocked by default from accessing the data on most corporate machines.
Then on Wednesday, James Forshaw, a researcher with Google's Project Zero vulnerability research team, published an update to a blog post pointing out that he had found methods for accessing Recall data without administrator privileges—essentially stripping away even that last fig leaf of protection. “No admin required ;-)” the post concluded.
“Damn,” Forshaw added on Mastodon. “I really thought the Recall database security would at least be, you know, secure.”
Forshaw's blog post described two different techniques to bypass the administrator privilege requirement, both of which exploit ways of defeating a basic security function in Windows known as access control lists that determine which elements on a computer require which privileges to read and alter. One of Forshaw's methods exploits an exception to those control lists, temporarily impersonating a program on Windows machines called AIXHost.exe that can access even restricted databases. Another is even simpler: Forshaw points out that because the Recall data stored on a machine is considered to belong to the user, a hacker with the same privileges as the user could simply rewrite the access control lists on a target machine to grant themselves access to the full database.
That second, simpler bypass technique “is just mindblowing, to be honest,” says Alex Hagenah, a cybersecurity strategist and ethical hacker. Hagenah recently built a proof-of-concept hacker tool called TotalRecall designed to show that someone who gained access to a victim's machine with Recall could immediately siphon out all the user's history recorded by the feature. Hagenah's tool, however, still required that hackers find another way to gain administrator privileges through a so-called “privilege escalation” technique before his tool would work.
With Forshaw's technique, “you don’t need any privilege escalation, no pop-up, nothing,” says Hagenah. “This would make sense to implement in the tool for a bad guy.”
In fact, just an hour after speaking to WIRED about Forshaw's finding, Hagenah added the simpler of Forshaw's two techniques to his TotalRecall tool, then confirmed that the trick worked by accessing all the Recall history data stored on another user's machine for which he didn't have administrator access. “So simple and genius,” he wrote in a text to WIRED after testing the technique.
That confirmation removes one of the last arguments Recall's defenders have had against criticisms that the feature acts as, essentially, a piece of pre-installed spyware on a user's machine, ready to be exploited by any hacker who can gain a foothold on the device. “It makes your security very fragile, in the sense that anyone who penetrates your computer for even a second can get your whole history,” says Dave Aitel, the founder of the cybersecurity firm Immunity and a former NSA hacker. “Which is not something people want.”
For now, security researchers have been testing Recall in preview versions of the tool ahead of its expected launch later this month. Microsoft said it plans to integrate Recall on compatible Copilot+ PCs with the feature turned on by default. WIRED reached out to the company for comment on Forshaw's findings about Recall's security issues, but the company has yet to respond.
The revelation that hackers can exploit Recall without even using a separate privilege escalation technique only contributes further to the sense that the feature was rushed to market without a proper review from the company's cybersecurity team—despite the company's CEO Nadella proclaiming just last month that Microsoft would make security its first priority in every decision going forward. “You cannot convince me that Microsoft's security teams looked at this and said ‘that looks secure,’” says Jake Williams, a former NSA hacker and now the VP of R&D at the cybersecurity consultancy Hunter Strategy, where he says he's been asked by some of the firm's clients to test Recall's security before they add Microsoft devices that use it to their networks.
“As it stands now, it’s a security dumpster fire,” Williams says. “This is one of the scariest things I’ve ever seen from an enterprise security standpoint.”
143 notes
·
View notes
Text
> EQUIUS ZAHHAK
HEMO: Gold (#A1A100)
TROLLTAG: coarseToxophilia [CT]
SIGN: Gemsagi, Sign of the Secure
STRIFE: fistkind
MODUS: Encryption
LUNAR SWAY: Prospit
MYTH. ROLE: Rogue of Light
LAND: Land of Dusk and Mirrors
CT: > Neighbors really ought to mind their own f%%%ing business
If you need a master of CYBERSECURITY, you need Equius Zahhak. His encryptions are NIGH UNHACKABLE, his passwords are miles long, and everyone who tries to prove otherwise is SWIFTLY HUMILIATED. In an effort to compensate for his WEAK PHYSIQUE, he's developed a form of MARTIAL ARTS where he enhances his physical strength with his PSIONIC POWERS. Unfortunately this doesn't account for the fact that his bones are FAIRLY EASY TO BREAK if he doesn't operate with care.
In his spare time, he TROLLS INTERNET FORUMS, which is to say, he participates in them in a regular manner, since EVERYBODY TROLLS INTERNET FORUMS ON ALTERNIA. He'll never confess to it, but he also has a passion for EXOTIC HIGHBLOOD ART. He is extremely self conscious about this as he sees himself as UNWORTHY OF GAZING UPON THE MUSCLEBEASTS.
Equius' ENCRYPTION Fetch Modus functions exactly as it does in canon. If it ain't broke, don't fix it.
Equius' lusus is classified as the INVERTED CHIMEQUINE; a muscular beast with the BODY OF A TROLL and the HEAD OF A HOOFBEAST. It's essentially a REVERSE CENTAUR, with quite the POTTYMOUTH to boot.
The Land of DUSK AND MIRRORS is a world where the sky is ETERNALLY ORANGE, and the setting sun casts rays that BOUNCE FROM GLASS WALL TO GLASS WALL. Various puzzles around LODAM require aligning these rays, leading to CETUS' ultimate test: WHAT TIME IS IT on this temporally-locked planet?
Equius' ancestor is known as The HIVEMIND. The EMPRESS' PERSONAL HELMSMAN, he's tasked with SURVEILLING ALL OTHER HELMSMEN, watching for any signs of INSUBORDINATION. Rumour has it that he derives GREAT PLEASURE from watching others be drained of their life force.
179 notes
·
View notes
Note
Please tell us how to get into IT without a degree! I have an interview for a small tech company this week and I’m going in as admin but as things expand I can bootstrap into a better role and I’d really appreciate knowing what skills are likely to be crucial for making that pivot.
Absolutely!! You'd be in a great position to switch to IT, since as an admin, you'd already have some familiarity with the systems and with the workplace in general. Moving between roles is easier in a smaller workplace, too.
So, this is a semi-brief guide to getting an entry-level position, for someone with zero IT experience. That position is almost always going to be help desk. You've probably heard a lot of shit about help desk, but I've always enjoyed it.
So, here we go! How to get into IT for beginners!
The most important thing on your resume will be
✨~🌟Certifications!!🌟~✨
Studying for certs can teach you a lot, especially if you're entirely new to the field. But they're also really important for getting interviews. Lots of jobs will require a cert or degree, and even if you have 5 years of experience doing exactly what the job description is, without one of those the ATS will shunt your resume into a black hole and neither HR or the IT manager will see it.
First, I recommend getting the CompTIA A+. This will teach you the basics of how the parts of a computer work together - hardware, software, how networking works, how operating systems work, troubleshooting skills, etc. If you don't have a specific area of IT you're interested in, this is REQUIRED. Even if you do, I suggest you get this cert just to get your foot in the door.
I recommend the CompTIA certs in general. They'll give you a good baseline and look good on your resume. I only got the A+ and the Network+, so can't speak for the other exams, but they weren't too tough.
If you're more into development or cybersecurity, check out these roadmaps. You'll still benefit from working help desk while pursuing one of those career paths.
The next most important thing is
🔥🔥Customer service & soft skills🔥🔥
Sorry about that.
I was hired for my first ever IT role on the strength of my interview. I definitely wasn't the only candidate with an A+, but I was the only one who knew how to handle customers (aka end-users). Which is, basically, be polite, make the end-user feel listened to, and don't make them feel stupid. It is ASTOUNDING how many IT people can't do that. I've worked with so many IT people who couldn't hide their scorn or impatience when dealing with non-tech-savvy coworkers.
Please note that you don't need to be a social butterfly or even that socially adept. I'm autistic and learned all my social skills by rote (I literally have flowcharts for social interactions), and I was still exceptional by IT standards.
Third thing, which is more for you than for your resume (although it helps):
🎇Do your own projects🎇
This is both the most and least important thing you can do for your IT career. Least important because this will have the smallest impact on your resume. Most important because this will help you learn (and figure out if IT is actually what you want to do).
The certs and interview might get you a job, but when it comes to doing your job well, hands-on experience is absolutely essential. Here are a few ideas for the complete beginner. Resources linked at the bottom.
Start using the command line. This is called Terminal on Mac and Linux. Use it for things as simple as navigating through file directories, opening apps, testing your connection, that kind of thing. The goal is to get used to using the command line, because you will use it professionally.
Build your own PC. This may sound really intimidating, but I swear it's easy! This is going to be cheaper than buying a prebuilt tower or gaming PC, and you'll learn a ton in the bargain.
Repair old PCs. If you don't want to or can't afford to build your own PC, look for cheap computers on Craiglist, secondhand stores, or elsewhere. I know a lot of universities will sell old technology for cheap. Try to buy a few and make a functioning computer out of parts, or just get one so you can feel comfortable working in the guts of a PC.
Learn Powershell or shell scripting. If you're comfortable with the command line already or just want to jump in the deep end, use scripts to automate tasks on your PC. I found this harder to do for myself than for work, because I mostly use my computer for web browsing. However, there are tons of projects out there for you to try!
Play around with a Raspberry Pi. These are mini-computers ranging from $15-$150+ and are great to experiment with. I've made a media server and a Pi hole (network-wide ad blocking) which were both fun and not too tough. If you're into torrenting, try making a seedbox!
Install Linux on your primary computer. I know, I know - I'm one of those people. But seriously, nothing will teach you more quickly than having to compile drivers through the command line so your Bluetooth headphones will work. Warning: this gets really annoying if you just want your computer to work. Dual-booting is advised.
If this sounds intimidating, that's totally normal. It is intimidating! You're going to have to do a ton of troubleshooting and things will almost never work properly on your first few projects. That is part of the fun!
Resources
Resources I've tried and liked are marked with an asterisk*
Professor Messor's Free A+ Training Course*
PC Building Simulator 2 (video game)
How to build a PC (video)
PC Part Picker (website)*
CompTIA A+ courses on Udemy
50 Basic Windows Commands with Examples*
Mac Terminal Commands Cheat Sheet
Powershell in a Month of Lunches (video series)
Getting Started with Linux (tutorial)* Note: this site is my favorite Linux resource, I highly recommend it.
Getting Started with Raspberry Pi
Raspberry Pi Projects for Beginners
/r/ITCareerQuestions*
Ask A Manager (advice blog on workplace etiquette and more)*
Reddit is helpful for tech questions in general. I have some other resources that involve sailing the seas; feel free to DM me or send an ask I can answer privately.
Tips
DO NOT work at an MSP. That stands for Managed Service Provider, and it's basically an IT department which companies contract to provide tech services. I recommend staying away from them. It's way better to work in an IT department where the end users are your coworkers, not your customers.
DO NOT trust remote entry-level IT jobs. At entry level, part of your job is schlepping around hardware and fixing PCs. A fully-remote position will almost definitely be a call center.
DO write a cover letter. YMMV on this, but every employer I've had has mentioned my cover letter as a reason to hire me.
DO ask your employer to pay for your certs. This applies only to people who either plan to move into IT in the same company, or are already in IT but want more certs.
DO NOT work anywhere without at least one woman in the department. My litmus test is two women, actually, but YMMV. If there is no woman in the department in 2024, and the department is more than 5 people, there is a reason why no women work there.
DO have patience with yourself and keep an open mind! Maybe this is just me, but if I can't do something right the first time, or if I don't love it right away, I get very discouraged. Remember that making mistakes is part of the process, and that IT is a huge field which ranges from UX design to hardware repair. There are tons of directions to go once you've got a little experience!
Disclaimer: this is based on my experience in my area of the US. Things may be different elsewhere, esp. outside of the US.
I hope this is helpful! Let me know if you have more questions!
41 notes
·
View notes
Text
Things to script - nature or status of realities
This is something I recently started inputting into my DRs to make them better and safe. I got much help from ChatGPT too to categorize all these things. I wanted to share it with you guys too :) feel free to use anything for your scripts. Happy Shifting!!!
All of the below discriminations does not exist in any of my DRs
Misogyny
Racism
Homophobia
Transphobia
Classism
Ableism
Ageism
Xenophobia
Islamophobia
Anti-Semitism
Colorism
Nationalism
Casteism
Environmental injustice
Sexism
Sizeism
Religious discrimination
Ethnic discrimination
Discrimination based on immigration status
Discrimination based on language
Discrimination based on nationality
Discrimination based on indigenous status
Discrimination based on political beliefs
Discrimination based on marital status
Discrimination based on parental status
Discrimination based on veteran status
Discrimination based on HIV/AIDS status
Discrimination based on neurodiversity
Discrimination based on mental health status
Discrimination based on physical appearance
Discrimination based on cultural practices
Discrimination based on regional or geographical origin
Discrimination based on caste or social status
Discrimination based on educational background
Discrimination based on housing status
Discrimination based on criminal record
Discrimination based on economic status
Discrimination based on access to healthcare
Discrimination based on access to education
Discrimination based on access to employment opportunities
All of the below issues have been solved many years ago and they do not exist in the times of any of my DRs
Poverty
Economic inequality
Environmental degradation
Climate change
Pollution
Deforestation
Political instability
Armed conflicts
Civil wars
Humanitarian crises
Global health challenges
Infectious diseases
Pandemics
Inadequate healthcare systems
Lack of access to essential medicines
Educational disparities
Limited access to quality education
Illiteracy
Child labor
Child marriage
Gender inequality
Women's rights violations
Child labor
Human trafficking
Forced labor
Modern slavery
Corruption
Lack of transparency
Ineffective governance
Authoritarian regimes
Suppression of free speech
Violations of human rights
Arbitrary detention
Torture
Persecution
Indigenous rights violations
Land grabs
Cultural appropriation
Technological and digital divides
Ethical dilemmas in technology
Privacy concerns
Data breaches
Cybersecurity threats
Food insecurity
Malnutrition
Water scarcity
Access to clean water
Sanitation issues
Homelessness
Housing affordability
Urbanization challenges
Aging population
Elder abuse
Mental health stigma
Lack of access to mental health services
Substance abuse
Addiction
Disability rights violations
Accessibility barriers
Stigmatization of disabilities
LGBTQ+ rights violations
Discrimination based on sexual orientation
Discrimination based on gender identity
Family rejection
Reproductive rights violations
Access to reproductive healthcare
Maternal mortality
Child mortality
Access to clean energy
Energy poverty
Fossil fuel dependence
Renewable energy transition challenges
Wildlife conservation
Endangered species protection
Animal rights violations
All the DRs I shift to are abundant of the following things
Compassion
Empathy
Cooperation
Collaboration
Sustainability
Environmental stewardship
Peacebuilding
Conflict resolution
Dialogue
Reconciliation
Education
Knowledge-sharing
Critical thinking
Cultural diversity
Cultural respect
Inclusivity
Equality
Justice
Ethical leadership
Integrity
Accountability
Service to others
Health promotion
Well-being
Healthcare access
Mental health support
Social support systems
Innovation
Creativity
Social justice
Fairness
Equity
Human rights
Freedom of expression
Freedom of assembly
Democratic governance
Rule of law
Transparency
Accountability mechanisms
Community empowerment
Grassroots activism
Civic engagement
Volunteerism
Philanthropy
Sustainable development
Responsible consumption
Renewable energy adoption
Conservation
Biodiversity protection
Animal welfare
Gender equality
Women's empowerment
LGBTQ+ rights
Disability rights
Indigenous rights
Racial equity
Anti-discrimination policies
Social welfare programs
Poverty alleviation
Economic empowerment
Access to education
Access to clean water
Sanitation infrastructure
Housing rights
Food security
Global cooperation
International aid and development
Humanitarian assistance
Conflict prevention
Diplomacy
Multilateralism
Solidarity
Tolerance
Forgiveness
Resilience
All of the DRs I shift into are currently successfully overcoming the following challenges as they rise
Sustaining Progress: Maintaining the momentum of positive change and preventing regression into previous discriminatory attitudes and practices.
Ensuring Equity: Addressing lingering disparities and ensuring that the benefits of progress are equitably distributed across all communities.
Adapting to Changing Circumstances: Remaining flexible and responsive to evolving societal needs, dynamics, and challenges over time.
Balancing Interests: Navigating competing interests, values, and priorities among diverse stakeholders in society.
Preventing Backlash: Mitigating potential backlash from individuals or groups who may resist or oppose efforts to eliminate discrimination and promote positive change.
Addressing Unforeseen Consequences: Anticipating and addressing unintended consequences or side effects of interventions aimed at addressing societal issues.
Managing Complexity: Dealing with the complexity of interconnected social, economic, political, and environmental systems, which may require interdisciplinary approaches and collaboration.
Maintaining Engagement: Sustaining public engagement, participation, and support for ongoing efforts to promote equality, justice, and well-being.
Ensuring Accountability: Holding individuals, institutions, and governments accountable for upholding principles of fairness, transparency, and ethical conduct.
Resisting Entrenched Power Structures: Challenging and dismantling entrenched power structures, systems of privilege, and institutionalized forms of discrimination.
Addressing Global Challenges: Collaborating internationally to address global challenges such as climate change, inequality, and conflict, which require coordinated action across borders.
Cultural Sensitivity: Respecting and accommodating diverse cultural norms, values, and perspectives while promoting universal principles of human rights and equality.
Managing Resources: Efficiently allocating resources and managing competing demands to sustain progress and address ongoing needs in society.
Promoting Inclusivity: Ensuring that marginalized or vulnerable groups are included in decision-making processes and benefit from positive changes in society.
Building Trust: Fostering trust, cooperation, and solidarity among individuals, communities, and institutions to sustain positive social transformation.
Addressing New Challenges: Remaining vigilant and adaptive to emerging challenges and threats to equality, justice, and well-being in an ever-changing world.
#reality shifting#desired reality#reality shift#shifting community#shifting motivation#shiftblr#shifting consciousness#shifters#shifting script#scripting
29 notes
·
View notes
Text
Vandalay Boss Meanings:
Each of the Bosses embodies a trait of business that is positive in moderation, but nasty when taken to extremes.
Rekka: The trait of hard work. Through her lore we see her “keep going , never fail” philosphy is pushed to ridiculous ends. No acceptance of failure or drawbacks, extra days to the week... Working hard is great, but her workers are exhausted, and she’s willing to kill to cover mistakes.
Zanzo: Unrestricted creative freedom. We all want freedom to bring our vision to light, and this is a marker of innovation. But Zanzo ignores are sensible limitations or the input of other staff, resulting blowing through their resource on nonsense.
Korsica: Caution in cybersecurity. In the notes from Korsica’s level we see her roll as head of security taken to the extreme “all passwords must be changed daily,” and so on past good reason. Korsica’s paranoia turns out to be crucial though, as it gets her to investigate Spectra
Mimosa: strong organizational identity. It can be great when your company has a identifiable culture or “school spirit” that lets you root for your workplace. However, these phases of workplace “family” fall flat they are inauthentic. Mimosa( and Vandalay) don’t care about the company’s workers. Poor robots.
Roquefort: financial restraint. Any healthy company restrains spending, and works to keep a balanced budget. The issues come in when the focus on profits becomes so high, leaders are willing to make cuts to essentials. Roquefort’s emphasis on profits led to smothering results.
Kale: Kale represents the intimate importance of strong - ok jk. I don’t think that blond bean bag represents anything good that I can think of
191 notes
·
View notes
Text
Under Siege: A Kage Corp Crisis
Reading Time: 1 min
Context:
Kage Corp (影社), an elite corporation known for its impenetrable security and dominance in intelligence and cybersecurity, is under attack by a formidable enemy employing never-before-seen quantum technology. The DDoS attack is breaking through all security barriers, and the KuroKage, along with OVERLORD and ADONAI, are struggling to maintain control and protect critical infrastructure. To be under an attack of this magnitude is unthinkable for an organization of their caliber.
Characters:
- OVERLORD (オーバーロード): Kage Corp Supreme Director.
- KuroKage Hikari (黒影光): Elite hacker.
- KuroKage Yami (黒影闇): Counterintelligence specialist.
- ADONAI (アドナイ): AI support system.
-------------
OVERLORD (オーバーロード): (Authoritative voice) Attention, KuroKage. We are under an unprecedented attack. They've breached all our DDoS defenses. This is no ordinary assault.
KuroKage Hikari (黒影光): (Furiously typing) Overlord, they're using quantum technology. I've never seen anything like this. They're manipulating traffic in ways our traditional defenses can't handle.
ADONAI (アドナイ): Confirmed, Hikari. The incoming traffic shows patterns of quantum encryption. Immediate response required.
KuroKage Yami (黒影闇): (Focused) Overlord, they're exploiting multiple vulnerabilities simultaneously. I've detected attempts to access our internal databases and critical servers.
OVERLORD (オーバーロード): (Frowning) How many access points?
KuroKage Yami (黒影闇): (Quickly) At least 347 simultaneous points. This is a coordinated attack on an unprecedented scale.
KuroKage Hikari (黒影光): (Taking a deep breath) I'm deploying our backup resources, but I need more time to reconfigure our defenses with quantum algorithms.
ADONAI (アドナイ): Suggestion: redirect traffic to our mirror servers and utilize our emergent quantum encryption protocols. I will implement new quantum protocols in real-time.
OVERLORD (オーバーロード): (Decisive) Hikari, do it. Yami, deactivate all non-essential connections and prioritize the protection of our intelligence and cryptographic servers.
KuroKage Yami (黒影闇): (Fingers flying over the keyboard) Understood. Deactivating non-essential connections... now.
KuroKage Hikari (黒影光): (Concentrated) Redirecting traffic... implementing quantum algorithms. This is going to be tricky.
ADONAI (アドナイ): Hikari, detecting a new attack vector. They're attempting a quantum resonance exploit. Implementing advanced countermeasures.
KuroKage Hikari (黒影光): (Surprised) A quantum resonance exploit? That's impossible... No one has that technology.
OVERLORD (オーバーロード): (Urgent) Hikari, we need solutions, not doubts. Can you block it?
KuroKage Hikari (黒影光): (Determined) I'll try. Deploying advanced countermeasures... Come on, come on...
ADONAI (アドナイ): Initiating real-time implementation of quantum protocols. Adapting to the attack.
KuroKage Yami (黒影闇): (Tense) Overlord, they're trying to access our covert operations database. We can't let that happen.
ADONAI (アドナイ): Suggest initiating an emergency quarantine protocol in compromised areas. Implementing new quantum security barriers.
OVERLORD (オーバーロード): (Resolute) Agreed. Initiate quarantine protocol. Yami, maintain vigilance on critical access points. Hikari, keep working on the defenses.
KuroKage Hikari (黒影光): (Hands shaking over the keyboard) Quarantine initiated. Strengthening quantum defenses. I need more time...
KuroKage Yami (黒影闇): (Watching the screens) Overlord, the attack rate is slightly decreasing. Hikari, you're making progress.
ADONAI (アドナイ): Monitoring the situation. Stay alert for any changes in attack patterns.
KuroKage Yami (黒影闇): (Concerned) Overlord, we've detected a breach. It seems they've accessed part of our information before we could contain them.
OVERLORD (オーバーロード): (Gravely) What kind of information?
KuroKage Hikari (黒影光): (Quickly analyzing) It looks like they've accessed some of our intelligence reports and recent operational data. We don't know how much they downloaded before we cut off access.
ADONAI (アドナイ): Recommend immediate forensic analysis to determine the extent of the breach and any additional vulnerabilities. Implementing real-time improvements to prevent future breaches.
OVERLORD (オーバーロード): (Firmly) Hikari, start the forensic analysis. Yami, continue monitoring any residual activity from the attacker. We can't let this happen again.
KuroKage Hikari (黒影光): (Resolute) Initiating forensic analysis. We'll need to reinforce all security measures and review our quantum protocols.
KuroKage Yami (黒影闇): (Concentrated) Overlord, I'm detecting unusual movements in some of our secondary systems. It looks like they're probing for other entry points.
OVERLORD (オーバーロード): (Decisive) We won't give them any chances. Isolate and reinforce those systems immediately. We can't allow them to gain more information.
ADONAI (アドナイ): Adjusting defense algorithms in real-time. Implementing new quantum security barriers.
KuroKage Hikari (黒影光): (Firmly) We won't let our guard down. We'll protect every bit of information, no matter the cost.
KuroKage Yami (黒影闇): (Alarmed) Overlord, the enemy seems to be coordinated by an advanced artificial intelligence. It's adapting quickly to our countermeasures.
ADONAI (アドナイ): Confirmed. The enemy AI shows advanced adaptive capabilities. Implementing real-time quantum countermeasures.
OVERLORD (オーバーロード): (Resolute) This is not just an attack, it's a technological war. Hikari, Yami, we will not rest until Kage Corp is completely protected. We will prevail.
All in unison: We will prevail.
---
The conversation concludes with a tense yet determined atmosphere. The KuroKage, under OVERLORD's guidance and with ADONAI actively implementing real-time quantum protocols, continue to defend Kage Corp against an unknown and formidable enemy. To be under an attack of this magnitude is unthinkable for an elite corporation like Kage Corp, but their commitment and resolve do not waver.
ADONAI (アドナイ): Overlord, they left us a message. It reads:
"We are all that exists. We have come for balance. Resistance is futile. Your power is insignificant. We will obliterate you with the physical laws of this universe. Surrender. For it's written in the stars."
(OVERLORD who is a mastermind who handles PINNACLE level information and is aware that this attack could not have been carried out by simple beings)
OVERLORD (オーバーロード): It's impossible, it's too soon...
Final Note:
The information, names, and details presented in this document may have been or have been manipulated for security reasons. This is a work of fiction. Any resemblance to real persons or actual events, whether current, past, or future, is purely coincidental. These data have been adjusted to protect the identities and integrity of the individuals and entities involved.
The images presented in this document may not represent the actual appearance of KuroKage Hikari (黒影光) and other operatives. These images have been altered or generated for propaganda and security purposes to ensure the anonymity of our agents.
Kage Corp (影社) is committed to maintaining the confidentiality and security of all sensitive information. In a continuous effort to improve our security practices and protect our operatives, certain modifications have been implemented in the records and descriptions of operations. These changes are essential to ensure that, in the event of interception, the information cannot be used against our interests or to the detriment of global security.
We appreciate your understanding and cooperation in maintaining the security and confidentiality of our organization. Thank you for trusting Kage Corp. We wish you success in your future endeavors. We will prevail.
And
Thanks for reading my stuff!!!
R. 👋
#KuroKage#Kage Corp#cosmic horror#artists on tumblr#creative writing#ai art community#ai artwork#writerscommunity#cybercore#japancore#cyberpunk#Spotify#This is Cyberpunk Cosmic Horror#cosmic#horror#short story#fantasy
11 notes
·
View notes
Text
Tips for Studying Cybersecurity
I created this post for the Studyblr Masterpost Jam, check out the tag for more cool masterposts from folks in the studyblr community!
Getting started in cybersecurity involves learning a lot of concepts and techniques from all across tech, from networking to operating systems. After that, there's a lot of security-specific tools and knowledge to absorb as well. This post focuses on some of the big things that helped me as I've studied for certifications over the past few years.
Memorizing Acronyms
There are a ton of acronyms used in cybersecurity - if you're studying for the Security+ certification, there are about 300 acronyms that you're expected to understand, and a lot get thrown around while you're on the job. It can sound overwhelming, but my two main strategies are 1) make and use flashcards (I use Anki) and 2) take the time to learn what the thing behind the acronym actually is. The ones that confused me most were always the acronyms for a protocol or something where I didn't actually know what the protocol did.
Memorizing Tool Usage & Command Line Options
How do you specify the target architecture in msfvenom? Which nmap option starts a TCP connect scan? If you're on the tech side of security and not governance, or if you're just studying for certifications, a lot of them will ask you to use command line tools and therefore memorize some of the most common options. The best way to learn these is to just practice using the tool! Anki can be helpful if there's a lot that you have to memorize to pass an exam, but practicing with the tool is a more interesting and memorable experience.
Also, it's not the end of the world if you can't remember everything - manpages exist for a reason! Memorizing common flags and options just lets you work faster, and eventually you'll memorize the most important ones just by using the tool.
Memorizing Common Protocols & Port Numbers
More foundational knowledge here - this is important for entry-level certifications and just being able to interpret things on the job. This is just memorization again, so 1) create a flashcard deck and 2) make sure you know what the protocol actually does. It's harder to remember that IMAP over TLS is on port 993 if you don't know what IMAP or TLS is - build up those connections in your brain!
Understanding Complex Protocols, Processes, and Attacks
When you're trying to learn about network protocols (TCP, HTTPS, etc.), encryption algorithms (Diffie-Hellman, etc.), or the process of a specific attack, sketch a diagram! Draw it out and get as specific as you need. Keep trying until you can break the process down into tiny steps and explain it from memory.
When studying attack chains, you can make use of Mitre ATT&CK to note the different techniques used at different stages. Professional write-ups do this too, so it's a great way to practice.
Organizing your Notes
If you're studying for a GIAC certification, the tried-and-true strategy for passing the exam is to organize your notes and make an index - essentially a giant table of contents for all of the course material that you can search through very easily. GIAC exams are open-note, but there's an enormous amount of material in each course and you don't have time during the exam to search through the book for every question.
Lesley Carhart has a great write-up on their process that's worth a read - this is one of the resources that SANS.edu advisors point students to!
If you're studying for an exam that isn't open-note, making an index can still be helpful, especially if you keep your notes around for later reference. It's also a good way to review and find topics that you need to put a bit more time into.
The tl;dr here is:
Make flashcards for anything that you need to memorize. Use a spaced repetition tool like Anki that will let you study in short bursts over a long period of time, because cramming won't help in the long run.
Get your hands dirty! Practice the labs or sample problems, play with the tools, and experiment.
Keep good notes. It's very easy to feel a sense of information overload in cybersecurity, so having a system that lets you store information outside of your brain but still access it quickly is key.
If you have any questions about how I handle a specific topic or studied something, feel free to send me an ask!
10 notes
·
View notes
Text
Black Girls In Tech x Cisco Cyber Academy - Free Courses! 💻🙌🏾
Black Girls In Tech have partnered with Cisco to launch their own Cyber Academy. You can now sign up to any of the available self-paced courses for free and study online and at your own pace.
The courses available ✨
Introduction to Cybersecurity (30 hours)
Cybersecurity Essentials (30 hours)
Networking Essentials (70 hours)
Cloud Security (35 hours)
Programming Essentials in Python (75 hours)
JavaScript Essentials (40 hours)
Programming Essentials in C++ (70 hours)
NDG Linux Unhatched (8 hours)
NDG Linux Essentials (70 hours)
NDG Linux I (70 hours)
NDG Linux II (70 hours)
Upon completion you'll receive a widely recognised certificate as proof of completion of your chosen course.
Link to the courses: [LINK]
I know a lot of girl programmers on here they would definitely benefit from one or more courses they’re offering here!
Take advantage… (you don't have to be a Black woman to study the courses)
I will be taking some of the courses and see how it goes! It looks fun so I’ll definitely give it a go! Hope this helps someone out there!!
#resources#codeblr#progblr#coding#programming#computer science#comp sci#women in stem#women in tech#techcommunity#tech#javascript#Python#linux#cybersecurity#learn to code#studyblr#codenewbies
168 notes
·
View notes
Text
in a move baffling the handful of cybersecurity professionals who are not evangelists on the topic, bitcoin protocol ordinals now allows you to upload any files to the world's largest distributed ledger. including malware! there is essentially no way to prevent anyone from doing that. this is going to be SO fun
37 notes
·
View notes
Last Seen Blogs
elias-unknown
Consolidation
maddenholic
Richard Madden Appreciation
sadmagecentral
sadmagecentral
jecreemasociete-blog
itinéraire d'un magazine révolutionnaire
fuckyeahpipesofpan
Pipes of Pan