What are /r/Information_Security's favorite Products & Services?

From 3.5 billion Reddit comments

CompTIA Security+ is a good start. Professor Messer can get you up to speed prior to the exam (no advert, just come across this myself and like it)

http://www.professormesser.com/security-plus/sy0-401/sy0-401-course-index/

Have you checked out https://haveibeenpwned.com As a professional in the InfoSec community, when my boss complains about getting phishing or spam email thats passing through our email filter, I tend to check out to see where his email was grabbed.

Thanks for your help u/scabrat.

We try to use HIBP. But as he does not inform the password leaked for the account, and users usually reuse the same password in different services, I will never know if when resetting the account the user will not register the same password that was leaked.

We are evaluating using the hashcast.axur.com suggested by u/jennSec.

To contribute to everyone's help, I'll be back with new information as soon as I define which solution to use.

I prefer the App Privacy - you can setup burner cards - max cash limits etc all for free - they create a temporary card for each charge if you want. You can lock cards to specific merchants too.

https://privacy.com/

I understand that we need a system to store all passwords we cannot remember. A password manager makes good security as easy as possible. But, aren't password manager sites equally vulnerable. I mean, what if your LastPass account gets hacked?

On the contrary, people have started spending a lot on cybersecurity field. Cost of handling cyberattacks is expected to rise to $2.1 trillion by 2019. Companies are very active in hiring and retaining talent. So, you need not worry.

The future of ransomware is IoT . As more devices are getting connected to internet, it is becoming easy for hackers to find vulnerabilities and exploit it through ransomware.

There is no way to configure what you want with that configuration. Your modem has one public IP, so all traffic coming from your home network will originate from that IP. Only thing you should be able to do is separate tenants local network from your local network by using Guest WiFi settings. With that tenants will be able to use Internet but won't be able to connect to your devices (network printers, file shares, smart TVs etc.) you can also limit bandwidth assigned to Guest network.

Edit: I'm not sure about this, but there may be a way to assign different DNS server to your tenants (for example one of yandex's with family filter) and with that you will limit access to porn and other non-family friendly websites. Check https://dns.yandex.com for details.

We advise our employees to never use the same password on different services, in addition to recommending the use of lastpass and enabling two factor authentication whenever possible.

We also started to monitor email and password leaks with our domain, but we are using hashcast.axur.com because it shows which password is leaked.

Facebook has some profile visibility settings that will prevent people from finding you.

creating a basic profile with a single picture is probably fine enough.

couple points:

• Facebook collects data about you even if you don't have an account.
• images sent in messenger cannot be deleted

you can read a summary of the terms of use here:

https://tosdr.org/

Ah Thanks for bringing that to my attention. I have a lastpass that I haven't used in a long time, mainly only for things i needed where ever and whenever. Today I pretty much just use keepass, but I dont use a yubi key with it.

https://keepass.info/help/kb/yubikey.html

To my knowledge, Telegram secret chats implement end-to-end encryption, don't keep the chat history on the phone, and don't store any data in the cloud. https://telegram.org/faq#q-do-you-process-data-requests

I'm also not aware of any cases where telegram secret chats are compromised.

I haven't ran into this problem myself but my biggest fear would be to have some scanning/bruteforcing going on and the VPN connection would drop. ProtonVPN(and probably others) has a feature where they'll block all network traffik if the VPN connection is lost.

I recommend checking this out before deciding on VPN: https://restoreprivacy.com/5-eyes-9-eyes-14-eyes/