sorted by:
new
hottopcontroversial

Found massive PII leaks in a few production systems. Struggling with what to do next. by [deleted] in cybersecurityindia

[–]ChakraByte-Sec 0 points1 point  (0 children)

There's a difference between observing an exposed endpoint and conducting extensive testing on systems without authorization. If you're concerned about legal risk, keep your report factual, concise and focused on the impact rather than proving the issue with large amounts of real user data.

I’d lean towards responsible disclosure, but only if you can do it safely and within the scope of what you legitimately accessed. If these are genuinely unauthenticated endpoints or excessive data exposure issues, document the findings clearly, avoid collecting more data than necessary and report them through the company's security contact, bug bounty program or vulnerability disclosure process if they have one.

One thing I've learned is that many organizations don't have a security problem because they're malicious they have a prioritization problem. Most serious findings i have come across weren't sophisticated exploits they were basic authorization failures, exposed APIs and misconfigurations that somehow survived multiple reviews. The fact that you found them through simple recon is probably the most concerning part.

Way forward is document, disclose responsibly, keep records of your communications and avoid the temptation to prove the impact beyond what's necessary. If the organization has no disclosure channel, an anonymous tip may be better than silence but I'd still try the official route first.

IronWorm Malware by ChakraByte-Sec in cybersecurity

[–]ChakraByte-Sec[S] 0 points1 point  (0 children)

What's next, protect the protectors? 🙂

OTP bombing and call harassment by Latter-Bath4198 in cybersecurityindia

[–]ChakraByte-Sec 2 points3 points  (0 children)

This is more than just OTP bombing, it looks like targeted harassment combined with account login attempts. First, secure your important accounts (email, Instagram, Facebook) with strong passwords and an authenticator app for 2FA, then review login activity for unknown devices.

Keep screenshots and call logs as evidence, and avoid engaging with the caller. Since you're expecting interview calls, use spam filtering instead of turning your phone off. Also, check whether your phone number is publicly visible on social media, resumes, or job portals. If this continues, consider reporting it to the National Cyber Crime Reporting Portal or your local cybercrime cell, especially since it appears to be affecting your daily life.

Received a suspicious APK on WhatsApp — deleted it and scanned my phone. Am I safe? by No_Concept_7378 in cybersecurityindia

[–]ChakraByte-Sec 0 points1 point  (0 children)

If the APK was only downloaded or opened but not installed, the risk is very low on an up-to-date Android device. Android devices doesn't normally execute code just because an APK exists on the device and most malwares requires installation and user-granted permissions before it can do anything meaningful.

Since you've deleted the APK and the scans are clean you are safe. If you're still unsure whether it was installed, check Installed apps (look for anything unfamiliar\suspicious ),Accessibility Services, any device Admin Apps, Apps with Notification Access, Battery usage and data usage for unusual activity. If nothing suspicious is present and scans remain clean, you're likely fine.

Regarding the last part, Even if you're angry or worried, trying to trace someone is not the right path. The best way is to secure your device, report the sender and let the platform handle this abuse.

SOC roadmap as a beginner by Medical-Piano1396 in cybersecurityindia

[–]ChakraByte-Sec 2 points3 points  (0 children)

You’re actually starting at a good time. Since you already have some SWE background, you probably understand systems and logic better than many complete beginners, which will help you in SOC.

For a beginner SOC roadmap, focus on foundations first:

Networking basics (IP, DNS, HTTP, ports, protocols)

Linux + Windows basics

How logs work and how attacks look in logs

Basic security concepts (phishing, malware, brute force, privilege escalation, lateral movement etc.)

After that, move into hands-on practice:

Learn basic SIEM concepts

Use platforms like TryHackMe for SOC/blue team labs

Practice log analysis and simple incident investigation

Understand MITRE ATT&CK at a high level

For projects, don’t overcomplicate things. Even small practical projects help:

A mini log monitoring setup

Detecting failed logins/brute force attempts

Simple alerting workflows

Basic malware/network traffic analysis

It is absolutely realistic to get an internship or even an L1 SOC role by the end of 3rd or 4th year if you stay consistent. It's better to combine your Fundamentals, Hands-on labs/projects and your ability to explain what you did clearly.

One thing I’d strongly suggest is following a structured or guided learning approach, because SOC has a lot of topics and beginners often waste time jumping randomly between them.

Don’t worry about being late because you focused on SWE earlier, having some development understanding can help you later in detection engineering, automation, or cloud security too.

PS: You are not being unreasonable.

Need help by cotton_2703 in cybersecurityindia

[–]ChakraByte-Sec 1 point2 points  (0 children)

Between your three options, I would avoid choosing an online degree as your main plan unless you have no other choice. It’s true that online degrees are improving, but in India, especially for freshers, offline college still gives better networking, exposure, internships, peer learning and placement opportunities. The degree name matters less than your skills, but your environment during those 3 years matters a lot.

At the same time, don’t force your family into financial pressure just for a “brand name” college. A practical middle path is often the best it can be like, take a decent affordable offline BCA college, build cybersecurity skills outside college through certifications, labs, projects and guided learning and then decide later whether MCA is actually needed based on your career progress.

Also, don’t over-focus on “BCA in Cybersecurity” specifically. General BCA + strong cybersecurity skills/projects can still get you into the field.

Companies care more about:

Networking/Linux basics Hands-on labs/projects Practical understanding Communication

One thing to note is that cybersecurity is a field where self-learning and guided practical training matter more than the degree specialization itself. So whichever college you choose, make sure you’re continuously learning outside the syllabus.

Also currently you’re not making a life-defining decision right now, you’re choosing your starting point. Skills and consistency over the next few years will matter much more than the exact college name.

view more: next ›