cybersecurity

This is an automated archive.

The original was posted on /r/cybersecurity by /u/Stock_Manufacturer77 on 2023-07-18 00:57:18+00:00.

I'm a cyber security researcher hobbyist and I have stumbled upon a significant security issue. I've found not just only one unsecured service on the host of this particular big company but freakin' two out of two on one of their hosts. Seeing their fully functioning system/workflow that hosts thousands of highly sensitive, super confidential and non-disclosures. I maybe have seen only 5% of these documents and I'm already truly shocked. Most are worldwide extremely well-known, influential companies and organizations, both commercial and governmental from all over the world. To say the least, this is a very serious concern.

The second service I found that particular host, was an application that allowed me just to create an account with full admin privileges, allowing anyone to access and manipulate and delete a considerable volume of significant documents. If their security is this poor I would even believe if this is their only backup. The unbelievable irony is that the company that is behind this unsecured information, touts itself as a secure platform for certain documents and states: Even your most sensitive documents are in very secure hands with us.

Normally I would contact the particular company straight away, but it grinds my gears that they don't give a damn about those companies trust and confidentially (based on the cheap security tools and their ridiculous statement) and their invoices aren't lying either. These companies pay shocking amounts of money for this. My intention right now is to profit as much as possible from this situation, by finding the right way to approach this huge matter. Given the gravity of the situation, I'm looking for advice on the best course of action.

I would greatly appreciate any guidance from experienced cybersecurity professionals or individuals familiar with handling such situations. I'm open to collaborating with a reliable party to manage this situation as effectively as possible to get the most out of it.

Thanks in advance for your time.

This is an automated archive.

The original was posted on /r/cybersecurity by /u/kekst1 on 2023-07-17 23:23:48+00:00.

2 weeks into my security engineering internship at a F500 company and its the steepest learning curve I have ever experienced. It's definitely humbling.

Every day one FTEs takes me to their side and basically force feeds me all day the infos about our systems, processes and people. What strikes me the most is how diverse and decentralised the IT landscape is and how much it complications our work. Clients, on-prem VMware, on-prem hyper-V, AWS IaaS, Azure IaaS, AWS PaaS and k8s. One uses Ansible, one puppet to roll out my agent configurations, one ARM templates the other Terraform. Everything has a different department that is responsible etc. In 2 weeks I worked with so many different systems from a security standpoint (vuln management, EDR, network security, on-prem and cloud). And to really use these effectively you need to know bash, PS, Ansible, OCI/harbor, ci/cd with yaml, networking etc. I'm honestly really glad I choose Cybersecurity because I'm a career changer (currently finishing an unrelated degree) it's so much fun working in the intersection of so many different infrastructures, processes and organizational structures!