█████████████████████████████████████████████████████████████████████████████████████████████████████████████████████
░░░░░░░░░░░░╗░░░░╗ ░░░░╗░░░░╗ ░░░░╗░░░░░░░░░░░░╗░░░░░░░░░░░░╗░░░░░░░░░░░░╗░░░░░░░░░░░░╗░░░░╗ ░░░░╗░░░░░░░░░░░░╗
░░░░░░░░░░░░║░░░░║ ░░░░║░░░░║ ░░░░║░░░░╔═══════╝░░░░╔═══░░░░║░░░░╔═══░░░░║░░░░╔═══░░░░║░░░░║ ░░░░║░░░░╔═══░░░░║
╚══░░░░╔═══╝░░░░░░░░░░░░║░░░░║ ░░░░║░░░░║ ░░░░╗░░░░║ ╚═══╝░░░░░░░░░░░░║░░░░║ ░░░░║░░░░║░░╗░░░░║░░░░║ ░░░░║
░░░░║ ░░░░╔═══░░░░║░░░░░░░░░░░░║░░░░║ ░░░░║░░░░║ ░░░░╗░░░░░░░░░░══╝░░░░║ ░░░░║░░░░░░░░░░░░║░░░░║ ░░░░║
░░░░║ ░░░░║ ░░░░║░░░░░░░░░░░░║░░░░░░░░░░░░║░░░░░░░░░░░░║░░░░╔═══░░░░╗░░░░░░░░░░░░║░░░░░░░░░░░░║░░░░░░░░░░╔═╝
╚══╝ ╚═══╝ ╚═══╝╚═══════════╝╚═══════════╝╚═══════════╝╚═══╝ ╚═══╝╚═══════════╝╚═══════════╝╚═════════╝
█████████████████████████████████████████████████████ 2018-0605 █████████████████████████████████████████████████████
▐ ▄ ▄▄▄ .▄▄▌ ▐ ▄▌.▄▄ ·
•█▌▐█▀▄.▀·██· █▌▐█▐█ ▀.
▐█▐▐▌▐▀▀▪▄██▪▐█▐▐▌▄▀▀▀█▄
██▐█▌▐█▄▄▌▐█▌██▐█▌▐█▄▪▐█
▀▀ █▪ ▀▀▀ ▀▀▀▀ ▀▪ ▀▀▀▀
█████████████████████████████████████████████████████████████████████████████████████████████████████████████████████
92 Million Account Details for DNA Testing Service MyHeritage
Link
CSS Used To Deanonymize Facebook Users
Link
RCE in the Steam Client - Was there for 10 years
Link
Fail of the Week: Botnet Operators Use Default Credentials on Command and Control Server
Link
Microsoft Acquires GitHub For $7.5 Billion
Link
Good Reads
How a Hacker Proved Cops Used a Secret Government Phone Tracker to Find Him
Link
Watch Highlight: Episode 12 - Getting a Job from hardchat on www.twitch.tv
Watch Sunday Stream - Getting a Job pt 2 from hardchat on www.twitch.tv
█████████████████████████████████████████████████████████████████████████████████████████████████████████████████████
▄▄ • ▄▄▄ .▄▄▄▄▄▄▄▄▄▄▪ ▐ ▄ ▄▄ • ▄▄▄· ▐▄▄▄ ▄▄▄▄·
▐█ ▀ ▪▀▄.▀·•██ •██ ██ •█▌▐█▐█ ▀ ▪ ▐█ ▀█ ·██▪ ▐█ ▀█▪
▄█ ▀█▄▐▀▀▪▄ ▐█.▪ ▐█.▪▐█·▐█▐▐▌▄█ ▀█▄ ▄█▀▀█ ▪▄ ██ ▄█▀▄ ▐█▀▀█▄
▐█▄▪▐█▐█▄▄▌ ▐█▌· ▐█▌·▐█▌██▐█▌▐█▄▪▐█ ▐█ ▪▐▌ ▐▌▐█▌▐█▌.▐▌██▄▪▐█
·▀▀▀▀ ▀▀▀ ▀▀▀ ▀▀▀ ▀▀▀▀▀ █▪·▀▀▀▀ ▀ ▀ ▀▀▀• ▀█▄▀▪·▀▀▀▀
█████████████████████████████████████████████████████████████████████████████████████████████████████████████████████
Special Thanks to @0xfraq, @xphreckx, @cybersecstu, and @cybersecricki for joining us as infosec professionals to offer insight into the hiring process and global job market.
Jobs Notes
What are some of the challenges facing people entering the tech industry? The security industry?
- Volume of people trying to get into the field
- Lack of fundamental skills
- Being able to conceptually explain something
- Softskills - report writing
- People trying to skip steps
- leaves gaps in knowledge
What skills should people focus on building? [For infosec and tech jobs generally]
- Build your own boxes (servers, Free Tier AWS or Google Cloud
- Build Arch Linux
- Softskills like writing, information organizing, communication etc.
- Look at the skills required for jobs you want. Watch videos / read guides / LEARN
What are some Do's and Dont's of applying for jobs? [Resume / Interview]
- Create stuff that shows your thought process (Blogs, write ups, videos etc.)
- Demonstrate both your skills and soft skills
- Write thank you letters
- Make an executive summary for your resume!
[Fraq's suggestions]
- add portfolio - github, talks, slides, etc. blog
- make sure your blog is up (no 404s or 500s plz)
- write a cover letter - dont use bland formal language
- no f-bombs
Any tips and tricks to share?
- Being aware of the body of knowledge is a good way to get a research job (You will be adding to it and don't want to reinvent the wheel...)
- Also make yourself aware of the tools and process involved in the job!
- Go to meetups, network with people!
Importance / Dangers of Social Engineering while job hunting
- Don't lie! But it's okay to exaggerate a little bit
Fraq's Fav Salary Negotiation Tips
Infosec Specific Questions
Watch the stream for the answers to these!
What are the different types of pentesting jobs?
What are the most useful certs in this field? Are OSCP or OSCE or others worth it?
Are these certs even needed?
For international jobs: Are there any specific differences in employment, are there significant difference in prerequisites one has to have?
What knowledge one should bring after uni at the very least when not having a specialized degree and just something like a CS degree [Similar to the question above about what skills people should focus on]
What are some possibilities for relocation, in entry jobs?
For Hiring Managers
What do hiring managers want to see?
What are hiring managers sick of seeing?
tl;dr: Be about that life, be humble, be ever curious, and good things will come.
PREV || NEXT