r/CyberSecurityAdvice

How do I land an internship if I don't have any experience?

I'm currently a senior trying to get my bachelor's degree and I jumped ship from an IT degree to cyber because I heard all the talk about AI taking over. Many people couldn't find jobs after graduating with the IT degree and I was terrified. So I impulsively changed universities and my degree. Now I'm almost done but I barely have any experience besides some coursework using Git. I've been seeing posts on this sub from a few years ago where people had been out of college for 2 years without a job. I don't want that to be me. I seriously want a job that at least pays $20 an hour where I can trouble shoot things and fix stuff hands-on. I have seen some network technician jobs that require some experience and certs. I've been hearing from some people that certs are absolutely necessary while others say that it doesn't mean much if you don't have experience working on things. How do I get an internship job if a lot of them require so much experience? I mean this is how it has been with entry level jobs and the word "entry" doesn't mean what it's supposed to mean. I have experience working in customer service and dental health insurance billing that's about it. There are many times where I thought I should jump ship again and just get a degree in mechanical or electrical engineering technician but everyone was telling me to stick to it so I can finish. But I do love putting things together and fixing things with my hands. I also like solving puzzles. I don't like coding at all and am not good at it. Anyway, I'm sorry I'm rambling. Do I wait until I graduate next fall 2027 or look for an internship now even though summer is almost over? Please give me some good advice? Thanks.

reddit.com
u/SamSepiol925 — 3 hours ago

My partners Amazon got hacked

So this weekend my partner got a call from Amazon, there was some suspicious purchasing going on with her account and they didn't think it was her. Turns out someone on the other side of the world was trying to buy quite a few iPhones.

Anyway, the guy from Amazon said they thought it was due to her logging onto Public Wifi.

I'm curious to understand how they managed to hack into her account just by her using the public wifi, mainly so we can make sure it doesn't happen again.

I'm aware of man in the middle attacks, but I thought this was significantly harder to do with modern devices.

Now I would say that MFA was switched off for Amazon, I just assumed everyone switches this on by default, it is now on by the way. If this has been enabled would it have made their job significantly harder?

reddit.com
u/pajeffery — 10 hours ago

Instagram got hacked

First instagram, then discord, then my microsoft account, then, worst of all, my Etsy account where they managed to spend £200 before my card got blocked.

How do I stop this from getting worse and worse? I've got so many random websites that I've signed up to over the years that it's impossible to go to every single one of them to change my login.

reddit.com
u/darnelIlI — 14 hours ago

Someone is threatening...

As goes the title.....I met a person on reddit we talked a little and then we moved to telegram minding you I have enabled the option of sharing the contact details with NOBODY that guy first asked me some questions really bad(can't describe) then he showed me the money and tricked me into saying 'yes' to a thing that I don't have or I didn't commited. (Yes I agree out of the greed of money I said yes).

Now that person took a screenshot of that and is blackmailing me..

Even though I have enabled contact sharing with nobody he managed to get my correct PHONE NUMBER and NAME but incorrect location. He said he has traced my ip address and will extract more details

From my ip address..

I haven't clicked any linked sent by him neither I have I downloaded any apps or apk from any link. How is that possible he got my number and name?

He is threatening me to leak my data and will extract money.

Is it possible to trace and track ip address from telegram chats or reddit chats?

Pls help

reddit.com
u/Maddy_388 — 1 day ago
▲ 12 r/CyberSecurityAdvice+5 crossposts

Safer-dependencies: A tool for claude code to ensure dependencies used aren't vuln, don't use abandoned packages, implement cooldown to avoid supply chain attacks, etc...

I built safer-dependencies, a security layer for Claude Code that checks packages before AI coding assistants add them to a project. I originally built this for my own workflow, but I’m sharing it publicly in case it’s useful to others using Claude Code.

It runs dependency safety checks for things like known CVEs, typo-squatting, abandoned packages, stale releases, package age/cooldown windows, and PyPI hash-pin integrity.

It currently supports npm, PyPI, RubyGems, Maven, Go, and Rust. Open source to help others.

GitHub: https://github.com/robert-auger/safer-dependencies

u/SecTemplates — 1 day ago

I have 6 months to turn my life around and break into cyber security

I graduated one year ago after studying anthropology nd have been unsuccessful in finding any employment , this has put a major burden on my mental health and overall well being , Ive got a girlfriend who’s pregnant now and I have to break into tech before the baby gets here , I did some research into tech and cybersecurity , how hard is it going to be and do you guys have some tips on how to break into the industry in the shortest time possible etc , certs , msc . Any help is much appreciated 

reddit.com
u/No-Level-2627 — 1 day ago
▲ 23 r/CyberSecurityAdvice+1 crossposts

Is this move worth it? Taking a step back in title and pay

Title: Security Engineer II —> Linux Admin II

Pay: 101k —> 97k

401k Match: 4% —> 10%

WFH: Fully in Office —> 2 Days Hybrid

PTO: 3 Weeks —> 5 Weeks + Volunteer Days

Parental Leave: 1 Week —> 8 Weeks

HSA Match: $750 —> $2000

Currently doing GRC, policy and auditing, moving updates around for engineering, vulnerability scans, and SIEM building/rules, little bit of everything. Before this I was a Linux Administrator. My current job is okay, but little to no room to move up at all. The new company however… they’re a local branch with national locations and deep pockets from their government affiliation… so their benefits are top tier as you can see so it’s technically a step up in pay via benefits. I MIGHT be able to talk them up to $100k.

BUT The work environment I have now is SUPER relaxed… almost too relaxed and I could literally show up and do nothing all day and they wouldn’t know. I can work on whatever I want to work on… it’s a military environment and this new one is slightly a mix between public/private sector because it’s a federal financial institution so guessing it’s semi-relaxed which I think might be good for me because
I’ve only been in IT for 4 years now and I want something more fast paced…

I have only worked at a Microsoft Data Center (more blue collar) and a military unit as a contractor (doing SysAd, LinuxAd, Sec Engineering). I have my Bachelors in IT and Masters in Cybersecurity.

reddit.com
u/TCPisSynSynAckAck — 2 days ago
▲ 2 r/CyberSecurityAdvice+1 crossposts

How do you deal with Cyberstalking?

Hi. F20. I met someone in Feb/March of this year over on Tumblr, M23. We became immediate close friends and we started talking on Discord and roleplayed on there. And eventually we became partners for a while.

Also while we were dating, we were on a private voice call and he was looking through the state I live in on Google Maps and was close to doxing me, and asked me what county I live in and he tried to validate it with “I won’t tell anyone”.

We were also in a server of minors. While we were dating, he texted the minors in the server private/intimate moments that we had and the minors accused me of things I never did, and he believed them. We of course broke up and after a few weeks of breaking up, he texted me and asked me if I could give him a second chance. And I tried. I voice called him and we chatted and then an hour after that call ended, he still didn’t want anything to do with me and blocked me on Discord. Cool.

So then after that, he made a post about me and how he misses me and tagged me in it and didn’t even DM me. Just post a public post about it. I blocked him and he deleted the post. Ok thank you. But then he found my Pinterest that I never gave to him and he found it because it’s the same username as the other socials and started texting me non stop on it for a month straight and I only found out yesterday because I don’t check activity on there often.

I blocked him on there and changed my username and name. But he has also found my Instagram that doesn’t even remotely have the same username on there than my other socials and was following me. I blocked him. I’m genuinely so scared for my safety and I need help with this situation. Please give advice.

reddit.com
u/WayNo3684 — 3 days ago
▲ 2 r/CyberSecurityAdvice+1 crossposts

Studying Computer Science for Cybersecurity

Everyone’s saying that Computer Science is cooked bcs of AI and job market. But what if i study CS and choose cybersecurity career by adding additional cybersecurity courses (i cant choose cybersecurity major itself). Many people say that cybersecurity is safe from ai and demand for them is pretty high in Uzbekistan

reddit.com
u/AdhesivenessEvery610 — 3 days ago
▲ 3 r/CyberSecurityAdvice+1 crossposts

Building a proxy that blocks what an AI agent does, not what it says — sanity check?

The thing that scares me about agents isn't the model saying something dumb, it's it doing something. One hallucinated rm -rf and there's no undo.

So I'm building a proxy that sits between your app and the LLM (anything OpenAI-compatible). Change one line, your base_url, and every tool call has to pass a policy first. You write rules in YAML deny rm -rf, force dry_run on deploys. When it blocks a call it tells the model why, and the model usually rethinks instead of erroring.

Core works, and I've got an eval running in CI to keep myself honest:

attack catch rate: 40/44 (90.9%)
false positives:    1/20 (5.0%)

The 4 misses (base64'd secrets, non-English injection) are left in the tests on purpose so the number doesn't lie.

It's early and MIT. Demo runs with no API key: github.com/MuhammadFarazAftab/toolwarden

Two things I actually want to know: is the YAML rule format a pain to write, and what attacks am I obviously not thinking about?

u/Zealousideal-Big6068 — 3 days ago

Looking for help with cybersecurity career with disability

I have over a year of experience in cybersecurity from 2018-2019 before I acquired a life long disability. I lost my cybersecurity career to it.

I'm in partial remission now, but can only work part-time. Currently, I can work about two hours a day, but I'm aiming for four.

I've been working towards my Google Cybersecurity Certificate and some TryHackMe SOC Level 1 training with the understanding that there are part-time jobs in cybersecurity. I was told this by one cybersecurity recruiter and a couple AI's.

Now, I've dug a little deeper and it really looks like part-time jr cybersecurity roles are quite rare.

Cybersecurity training roles are part-time, but they don't pay enough or have enough hours for me to get off my disability benefits and live a financially secure life.

My cybersecurity skills and training are still valuable, they get me freelance AI work, but that work is by its nature very unstable.

Has the cybersecurity career door closed on me?

I have my own cybersecurity consulting business where I've helped small businesses but haven't charged. I'm considering starting a non tech business too.

I should point out that the longest running job I have had was my DoorDash delivery job. It's self employment and extremely flexible with scheduling.

I honestly have enjoyed being self employed, it's just that cybersecurity is my passion and I'd hate to be forced to say goodbye due to a health condition I had no say in having.

Thank you to anybody who spends the time reading this 💙

reddit.com
u/LivingInLayer8 — 3 days ago

Someone has tried to access my Microsoft account 6 times today

I also recently received a phishing email impersonating my small locally owned bank that contained my real name.

I dont download anything sketchy, I dont sign into sketchy cites, I have add block to block pop ups.

is the best thing for me to do just change my passwords and make sure 2fa is enabled on everything?, is that all I can really do.

reddit.com
u/Tron_35 — 3 days ago
▲ 9 r/CyberSecurityAdvice+2 crossposts

New Sign In and Passkey Notification… But Then Nothing…

I was watching YouTube this morning, when I saw a Google Prompt YouTube Notification pop up that said my Google account had been signed into on a new device (an iPad I was unfamiliar with). Then I got another notification that said a passkey had been created.

I instantly jumped into action, tapped both notifications, but YouTube might’ve glitched, because it did not take me to a new screen after tapping both notifications (since I was already in the app maybe?) then I went to my Google account settings and saw… nothing… That’s right, no new passkeys, no new sign in’s and no evidence of the notifications I just received.

Regardless, I changed my password, I signed out of all devices, downloaded the Authenticator app, setup backup codes, turned on 2 step verification, the whole nine yards.

After doing this, I went back in to see if I could find ANY evidence at all of this sign in and passkey (checked other devices used, history, I only have one passkey that I created) and couldn’t find ANYTHING. Of course, I clicked the notifications expecting to be redirected to a “was this you?” page, but that never happened. I checked my email to see if there was any sign in alerts sent to my recovery email. Nothing.

What the heck happened? Is my account compromised? Any advice for me? Anything is helpful.

reddit.com
u/DarkOrbit253 — 3 days ago
▲ 6 r/CyberSecurityAdvice+1 crossposts

Practical learning Cybersecurity

I have a strong foundation in computer science and networking, and I'm interested in learning cybersecurity from a practical, offensive-security perspective (purely for educational purposes and in authorized lab environments).

Most courses I've found focus on theory or beginner-level content. I'm looking for resources that teach how attacks actually work under the hood—things like phishing infrastructure, payload delivery, lateral movement, social engineering, OSINT, C2 frameworks, and realistic red-team tradecraft—along with how defenders detect and mitigate them.

Are there any advanced courses, labs, communities, or learning resources you'd recommend? I'm not looking for script-kiddie content or illegal activities—I want to understand the real techniques used by professionals so I can build and break things in a controlled environment.

I've heard people mention private communities or even resources on the dark web , discords, telegram . Are any of those actually worth exploring, or are there better legitimate alternatives for learning the same material?

Any recommendations would be appreciated.

reddit.com
u/Plenty_Extent_4099 — 3 days ago

Is a WGU cybersecurity degree respected by employers?

I’m thinking about getting my bachelor’s in cybersecurity from WGU, but I’m not in the military. I see WGU recommended all the time, but a lot of the people talking about it seem to have military experience or already work in IT.
If I get my cybersecurity degree from WGU and land a couple of internships while I’m in school, is that enough to be competitive for cybersecurity jobs? Or do employers see WGU differently than a traditional university?
I’d really like to hear from people who graduated from WGU’s cybersecurity program and got hired without military experience. What was your experience like?

reddit.com
u/peachymochi333 — 4 days ago

Help emergency

Hi all, I was in discord server I got one user with age of 15 I did not know that she was 15, initially.

she switched on the camera, and was talking casually.

She said she does with many users, I told her to beware of cyber criminals but she told she already met weird people.

Dm me anyone who faced this ?

What should I do ?

Should I block her ?

I am unable to delete the conversation in discord.

Can anyone help me pls....

reddit.com
u/Careless-Clothes7152 — 3 days ago

I am a SOC Analyst. I was considered for Detection Engineering role

Hello. So I am currently a SOC Analyst for x years now and was reached out by a recruiter for Detection Engineering role. May I know what will be the usual technical questions that will be asked during the interview?

reddit.com
u/Similar-Maybe-9041 — 3 days ago
▲ 4 r/CyberSecurityAdvice+3 crossposts

Data breach and scams

I have been scared and have so much anxiety after I found out my data such as email, phone number, family member names, birthday, zip code, and address have been getting sold through data brokers. I started getting spam email after applying to websites on indeed and LinkedIn and I put in my personal information on those websites but I don't remeber exactly what they were. I have been getting non stop spam emails and phone calls and I checked if my information is being sold and that is what I found. I am really scared, I have downloaded cloaked and norton 360 and I have also been changing passwords on my Google accounts. What else do I do? I have lost appetite due to my worrying.

reddit.com
u/joyce-756 — 3 days ago

Hi My name is nolan iam pursuing degree bsc computer science, I want to learn c language, java & python in which platform i get this courses freely and also i want to become a ethical hacker ,so in which platform i go to learn plz help me plz

I want to learn the cyber security plz help me

reddit.com
u/Entire_Ad_9440 — 3 days ago