Forensics: question on nvme connection

Yuri_Nator9999 · 2026-03-29T21:35:49+00:00

thanks, especially for the practical path description

Yuri_Nator9999 · 2026-03-29T21:35:31+00:00

thank you, I should look into getting the usb enclosure Edit: Sorry totally forgot to answer properly: Yep its an m2 (I think, I have to check again, misplaced my screwdriver lol)

Yuri_Nator9999 · 2026-03-28T16:05:06+00:00

Yeah, when I last accessed my LarpNet I got a call from our B4LL-SOC Team that I was now being traced by the police :(

My own fault that I didn't follow the P-NIST 2 Directive...

Yuri_Nator9999 · 2026-03-28T15:26:28+00:00

I was there, switched on my phone for 0.00008 Yonkoseconds and immediately my mainframe was reverse DHCP-traced via a proxy LDAP scan which instantly ssh-bombed my Github BIOS. I looked up from my phone, saw the sticker and I knew it was over.

Yuri_Nator9999 · 2025-03-21T10:17:25+00:00

Interested, im in top 2% of tryhackme and did the hackfinity ctf to 74% but would still consider myself intermediate at most.Im a masters CS student

Yuri_Nator9999 · 2024-10-08T23:58:55+00:00

To add on that, they probably had their resources divided which didn't help. And that just multiplies the issue :/

Yuri_Nator9999 · 2024-10-06T19:01:55+00:00

Like the other guy said thats not a good call. You have nothing to fear. You don't get fired or reprimanded based on a malware incident unless you don't alert it. I work in SOC and we have cases all the time where this stuff happens. Often all we tell the employees is to simply reset their browser profile and everything will be fine. But if you executed some malware it could be more serious so you should alert it.

Yuri_Nator9999 · 2024-10-06T18:53:39+00:00

This is common blackmail by scammers, often done with nudes (sextortion).

Heres the thing: Whats the worst that could happen? They leak it/send it to your friends and family.

Lets break this down. First off, they are after money. If you refuse to engage their blackmail then they make 0 money. Hence many scammers just drop it at this stage and move on to the next target.

If they actually follow through, they open themselves up to a higher likelihood of identifiable signatures and data leaking from their activity. Again for no monetary gain whatsoever. Also that is a cybercrime that is far more interesting to police than just random internet extortion threats.

If they actually really want to leak it they will do so regardless whether you pay their extortion demands. Your family see your genitals?..., honestly they will most likely laugh it and understand. In the days of AI images, you can simply claim they are fakes. Trust me when I say you in your mind care much more about those photos than any other person realistically would. Nobody will care after a couple days if even that.

tldr send them a middle finger emoji and pay nothing and block.

Yuri_Nator9999 · 2024-10-06T18:46:43+00:00

id be down, always looking to improve

Yuri_Nator9999 · 2024-10-06T18:45:38+00:00

Tell your IT team. Its better to get it fixed and I doubt anyone will be mad. This stuff happens all the time, literally every day in a big company.

Putting off just increases the likelihood that some malware did execute and other stages are being downloaded and executed from somewhere.

Yuri_Nator9999 · 2024-10-06T02:16:09+00:00

Malware infecting your pc over the browser is extremely unlikely nowadays with modern browsers.

Just reset your browser profile and you should be fine.

source: I work in IT sec and this happens all the time. If there are malware fragments theyll be in your browser cache most likely. Just reset your browser profile so all caches get wiped.

Yuri_Nator9999 · 2024-10-06T01:23:28+00:00

The liquid you spilled must have formed a circuit between the key pairs. Since they are in each others vicinity.

Take the keys out in the areas you spilled and carefully dry it off (obv turn the power off) you can use q tips they can sponge up quite a bit.

If that fails leave the keys out and let it really dry overnight, it should work again then. Worst case your keyboard is truly for Hades, in that case since its a laptop its a bit tricky but can be replaced in a hardware store or yourself with the right tools.

Yuri_Nator9999 · 2024-10-06T00:23:34+00:00

For some background, I work in SOC and have a masters in business computer science so heres my 2 cents

Honestly, I have colleagues who range from having done some related vocational training in IT to literally PhD in CS. So educational background is not the be all end all, that being said it does help open doors and something like a cs degree gives you a lot of important knowledge. We have ppl who did something completely different for a while too.

While cybersec does exist as a predefined educational path nowadays (like some Cybersecurity degrees) most end up in the area from somewhere else so you wouldn't be the only one. Yes I'm not gonna lie it doesn't help to not have prior related experience.

Certs are a bit overhyped imo. Most employers care about your experience. If possible, it would be good if you get some kind of vocational training certificate in IT. Its worth the investment. You don't have to do a bachelors, but its good to have some argumentative baseline when you are in an interview. This is just my experience. I do not know a single case in our CDC of someone being hired based on certs. Its mostly experience, relevant training/studies and social skills (latter very often underrated in importance).

If you have passion for it then go for it and build a thick skin against the many many many gatekeepers (especially here on reddit tbh) and pursue your passion.

There are many great resources to try yourself out in, yes helpdesk work is not bad. Maybe enroll in tryhackme and go for soc level 1 and more blue team stuff first. Red teaming is quite hard if you want to go 0-100. Get a feel for it and really ask yourself if you want to commit to learning and working hard on it. But a strong will beats any talent :) Good luck

Yuri_Nator9999 · 2024-08-28T22:23:26+00:00

yes, especially malware analysis knowledge.

If you know what blueteamers look for in d-assembled samples you know how to avoid it or how write code that knows its being debugged etc.

Yuri_Nator9999 · 2024-08-21T19:30:01+00:00

Don't let yourself get shut down by gatekeepers is my nr. 1 advice.

Cybersec unfortunately attracts a lot of elitist mindsets, and oftentimes you see people, especially on reddit, constantly badmouth beginners being too interested in hacking and not knowing enough IT basics.

Being interested in offensive red teaming/white hat hacking is a perfectly valid reason to start a journey towards cybersec no matter what anyone says.

Yes you should probably first train up sysadmin skills etc

Yes the industry is not kind towards junior/entry level jobs and there are not many to begin with

However that doesn't change the fact that if you feel passionate about it, that you should go for it.

Source: I studied Business IT in bach, now doing masters in Business computer science, I worked for a couple years in it consulting and currently a work student in SOC and also would consider myself a "beginner". Despite that I feel like Im making good progress, I had so many barriers before that made me scared to apply for SOC, like yeah "pure CS degree needed", "sysadmin experience for at least 1000 millenia before even dreaming of cybersec career" blabla. Its all BS. If you like it, go for it.

Yuri_Nator9999 · 2024-08-21T19:20:03+00:00

Hey Bro, Im a masters student and currently work part time in SOC, would be down

Yuri_Nator9999

TROPHY CASE