Network Security Channel

🕸 Everyone talks about the "dark web." Almost no one understands it. After working through "Exploring the Dark Web," here's what actually stood out: 🔹 ~94% of the web is never indexed by Google — but most of it is harmless (email, banking, databases). 🔹 Tor wasn't built by hackers. It began as a US Naval Research project to protect intelligence communications, and went public in 2002. 🔹 Anonymity is a discipline, not a download. Tor hides your route — not the data you type into a form. 🔹 ~60% of Tor traffic is fully legitimate: journalists, whistleblowers, researchers, people escaping censorship. 🔹 The recurring lesson from every major darknet takedown: anonymity ≠ immunity. The weakest link is almost always human. The takeaway for defenders: you can't protect against a threat you refuse to understand. Dark web monitoring (OSINT) is now a core part of threat intelligence — leaked credentials and emerging threats often surface there first. Curiosity is good. Caution is better. 🔒 What's the biggest misconception you still hear about the dark web? #CyberSecurity #DarkWeb #OSINT #ThreatIntelligence #BlueTeam #InfoSec #Privacy 🔹 Share & Support Us 🔹 📱 Channel : @Engineer_Computer

دو تن از بزرگان در حوزه‌ی امنیت مدل‌های یادگیری ماشین نیکولاس کارلینی که ۳۶ سال سن دارد و هم‌اکنون در آنتروپیک مشغول به کار است، پیش از آن در دیپ‌مایند گوگل، جزو تیم تحقیقاتی بوده. ایشان لیسانس ریاضی و دکتری علوم کامپیوتر خود را از دانشگاه برکلی دریافت کرده‌اند. خود نیکولاس می‌گوید: من در نقطه‌ی اشتراک مدل‌های یادگیری ماشین و مباحث امنیتی کار کرده‌ام و می‌کنم. آقای نیکولاس پیپرنات نیز در حال حاضر دانشیار دانشگاه تورنتو هستند. ایشان نیز پس از فارغ‌التحصیلی از دانشگاه پنسیلوانیا، در دیپ‌مایند گوگل مشغول شده‌اند. خلاصه اگر در این حوزه دنبال آدم خفن می‌گردید، اشخاصی که هم صنعت را تجربه کرده‌اند و هم از دل دانشگاه بیرون آمده‌اند، این دو نفر جزو بهترین‌ها هستند. یکی از شاخه‌هایی که بزودی در دنیا خواهد ترکاند، همین MLSecOps هست. چون کدهایی که با وایب‌کدینگ تولید می‌شوند، هر روز با دقت کمتر وارد بازی می‌شن و بدون اینکه خودمون خبر داشته باشیم، کلی حفره در سرویس یا مدل‌مون باز می‌گذاریم. . #MLSecOps

با احترام، از افراد متخصص، توانمند و باانگیزه دعوت می‌کنیم فرصت همکاری با دژپاد را بررسی نمایند. فرصت همکاری در دژپاد شرکت دژپاد در راستای توسعه تیم فنی و تخصصی خود، از افراد توانمند و متخصص برای موقعیت‌های زیر دعوت به همکاری می‌نماید: 🔹 کارشناس شبکه و امنیت شبکه مسلط به مفاهیم Network & Security، مباحث CCNA، تجهیزات FortiGate، پروتکل‌های Layer 2 و Layer 3، فایروال‌های NGFW و WAF، طراحی و مدیریت شبکه‌های سازمانی و عیب‌یابی زیرساخت‌های پیچیده. 🔹 کارشناس ارشد زیرساخت مجازی‌سازی و ذخیره‌سازی مسلط به VMware، Storage های HPE و DELL، شبکه‌های SAN Fabric، سرورهای HPE، راهکارهای Backup & Recovery و مدیریت و عیب‌یابی زیرساخت‌های مجازی‌سازی و ذخیره‌سازی سازمانی. 📍 محل کار: تهران 🕒 نوع همکاری: تمام‌وقت 📩 ارسال رزومه به ایمیل: hr@dejpaad.com #استخدام #فرصت_شغلی #امنیت_شبکه #زیرساخت #مجازی_سازی #Storage #VMware #Fortinet #NetworkSecurity #Infrastructure #Hiring #JobOpportunity #دژپاد #Dejpaad 🔹 Share & Support Us 🔹 📱 Channel : @Engineer_Computer

A FREE 25+-hour course on getting started in OT/ICS cybersecurity? Over 110,000 people have watched my course on YouTube. At least the first part 🙂 Over 2,000+ people have taken my course live. Here are a few of the nice things some students have said: "I got the job because of your course!" "The contents covered during this week were amazing and insightful, and I learned so much from it." "This was by far the best training that I have ever received on OT/ICS Cybersecurity. Your teaching style is absolutely top notch." "It was interesting to learn from your unique and insightful perspectives. Not many folks have a strong exposure to Industry and OT Security experience." "It is really useful and beneficial course. I really appreciate your time that you sacrifice for us to make we more understand about the ICS Cyber Security especially in a way of view from the IT perspective in OT environment." "It helped me have a much greater understanding of the environment, technologies and strategies to secure ICS/OT facilities!" "I just wanted to express my gratitude and appreciation for the amazing course! The contents covered during this week were amazing and insightful, and I learned so much from it." "I really enjoyed the class and learned quite a lot of new information, including how much I don't know about the topic.  It was really fascinating to me.  And of course, you are an excellent teacher." "You have a horrible singing voice, Grandpa!" Want to learn more about OT/ICS cybersecurity? The complete course is now available! With 200+ review questions to test your knowledge! You can find the entire course on my YouTube channel at https://www.youtube.com/@utilsec Here's the section list: Part 1: Introduction to Getting Started in ICS/OT Cyber Security Part 2: ICS/OT Cyber Security Overview Part 3: Control Systems & Protocols Part 4: Secure Network Architecture Part 5: Asset Registers & Control Systems Inventory Part 6: Threat & Vulnerability Management Part 7: OSINT for Industrial Controls Part 8: Incident Detection & Response Part 9: Industry Standards & Regulations Part 10: Introduction to ICS/OT Penetration Testing Part 11: Review Questions Thank you for taking the time to check it out! 🔹 Share & Support Us 🔹 📱 Channel : @Engineer_Computer

🛡 "Never trust, always verify." — Zero Trust, demystified I just went through the NSA's "Zero Trust Implementation Guideline (ZIG) Primer" (Jan 2026) — a clear entry point into how large, high-stakes organizations actually operationalize Zero Trust, not just talk about it. Sharing a few takeaways 👇 🔑 The core mindset: Drop perimeter-based thinking. Continuously authenticate and authorize every user, device, and application — built on two assumptions: "never trust, always verify" and "assume breach." 🧱 It's structured around the DoW ZT Framework's seven pillars: User, Device, Application & Workload, Data, Network & Environment, Automation & Orchestration, and Visibility & Analytics — each broken into Capabilities → Activities you can actually implement. 🪜 A phased, modular roadmap instead of "boil the ocean": Discovery — inventory your Data, Applications, Assets & Services (DAAS) and identities Phase One & Two — Target-level capabilities (think MFA, identity lifecycle, EDR/XDR, comply-to-connect, data tagging) Phase Three & Four — Advanced-level maturity 📚 What I appreciated: it ties together the big reference points — NIST SP 800-207, the CISA Zero Trust Maturity Model 2.0, and the DoW ZT Strategy — so you see how the standards fit into one implementation path. 💡 Biggest reminder for me: Zero Trust is a journey of capabilities, not a product you buy. Start with visibility and identity, then build outward. A great vendor-neutral read for anyone working in security architecture, identity, or critical infrastructure. Credit to the NSA Cybersecurity Directorate for publishing it openly. 🙏 What's the hardest pillar to get right in practice — Identity, Data, or Visibility & Analytics? 💬 #ZeroTrust #CyberSecurity #NIST80027 #ZTA #IdentitySecurity #NSA #SecurityArchitecture #DefenseInDepth #InfoSec #CriticalInfrastructure 🔹 Share & Support Us 🔹 📱 Channel : @Engineer_Computer

📢 Call for Papers: ICETCS 2026 We are pleased to announce the 3rd International Conference on Emerging Trends in Cybersecurity (ICETCS 2026), taking place at the University of Genoa, Italy, on 12–13 October 2026 in hybrid mode. ICETCS 2026 will provide a global platform for researchers, academics, industry professionals, and policymakers to share insights, present cutting-edge research, and explore emerging trends in cyber and hardware security. The conference welcomes submissions across a wide range of areas, including: 🔹 Cybersecurity for network space challenges 🔹 Cybersecurity for mobility and transport 🔹 Cybersecurity for IoT 🔹 Cybersecurity for connected autonomous vehicles 🔹 Hardware security 🔹 Cloud security 🔹 Blockchain security 🔹 Space security All accepted technical papers will be published in Lecture Notes in Electrical Engineering, a Scopus-indexed Springer proceedings series. Extended papers will also be invited for submission to selected journals. 📅 Important dates: Paper submission deadline: 31 July 2026 Notification of acceptance: 31 August 2026 Final paper submission deadline: 14 September 2026 Early bird registration deadline: 20 September 2026 Final registration deadline: 4 October 2026 📍 Venue: University of Genoa, Italy 🌐 Mode: Hybrid We warmly invite researchers and practitioners working in cybersecurity, hardware security, IoT, mobility, blockchain, cloud, and space security to submit their work and join this international forum for knowledge exchange and collaboration. #ICETCS2026 #CallForPapers #Cybersecurity #HardwareSecurity #IoT #CloudSecurity #BlockchainSecurity #SpaceSecurity #ConnectedVehicles #CyberResilience #Springer #AcademicResearch 🔹 Share & Support Us 🔹 📱 Channel : @Engineer_Computer

علان! السلام عليكم ورحمة الله وبركاته كل عام وانتم بخير وعيد مبارك عليكم جميعاً كنت حابب أفكر الشباب اللي بتشارك في مسابقات ال CTF ان فيه مسابقة كويسة ان شاء الله يوم ٦ /٦ ولما دخلت على ال teams اللي سجلت ملقتش حد من مصر فحبيت الفت نظر الشباب ليها https://ctf.thesascon.com/ بالتوفيق ان شاء الله

✨ فرصت همکاری در شرکت فرداد✨ ما در راستای توسعه و تقویت تیم فنی، به دنبال همکاری با متخصصان واجد شرایط برای پیوستن به تیم "تست نفوذ شبکه" هستیم. اگر در حوزه امنیت شبکه، تست نفوذ و تحلیل ریسک‌های امنیتی تجربه دارید و به دنبال فعالیت در یک محیط حرفه‌ای و چالش‌برانگیز هستید، مشتاق دریافت رزومه شما هستیم. ✅ برای مشاهده جزئیات موقعیت شغلی و ارسال رزومه، از طریق لینک زیر اقدام کنید: 🔗 https://B2n.ir/sh7794 اگر فرد مناسبی را می‌شناسید، لطفاً این فرصت شغلی را با او به اشتراک بگذارید. معرفی متخصصان توانمند به رشد جامعه حرفه‌ای امنیت سایبری کمک می‌کند. hashtagاستخدام hashtagفرصت_شغلی hashtagتست_نفوذ hashtagامنیت_شبکه hashtagCyberSecurity hashtagPenetrationTesting hashtagNetworkSecurity hashtagHiring

🔻*هشدار به کاربران ایرانی: بعد از اتصال اینترنت این موارد امنیتی را جدی بگیرید* 🔹 بعد از وصل شدن اینترنت، امنیت، اولویت نخست است. 🔹اگر بعد از نزدیک به سه ماه قطعی یا محدودیت شدید اینترنت، دوباره به اینترنت وصل شده‌اید، اولین کار شما نباید دانلود فیلم، باز کردن شبکه‌های اجتماعی یا تست سرعت باشد. ابتدا امنیت گوشی، کامپیوتر، حساب‌ها و نرم‌افزارهایتان را بررسی کنید. 🔹در این مدت، بسیاری از دستگاه‌ها و برنامه‌ها آپدیت‌های مهم امنیتی را دریافت نکرده‌اند. از طرف دیگر، خیلی از کاربران برای وصل شدن به اینترنت مجبور شده‌اند فایل‌های ناشناس، فایل‌های APK غیررسمی، فیلترشکن‌های مشکوک یا تنظیمات عجیب روی گوشی و کامپیوتر نصب کنند. همین موارد می‌تواند دستگاه را آسیب‌پذیر کند. لذا رعایت نکاتی، لازم به نظر می‌رسد. 🔹 اگر برنامه‌ای را از کانال‌ها، سایت‌های ناشناس یا فایل APK نصب کرده‌اید، بهتر است آن را حذف کنید و نسخه رسمی را از فروشگاه معتبر نصب کنید. 🔹سیستم‌عامل گوشی و کامپیوتر را به‌روزرسانی کنید. 🔹 اگر برای عبور از محدودیت‌ها فیلترشکن، کانفیگ، پروفایل، DNS خاص، گواهی‌های امنیتی یا سرتیفیکیت‌ها یا ابزار ناشناخته نصب کرده‌اید، حالا وقت بررسی و پاک‌سازی است. هر چیزی را که نمی‌شناسید یا دیگر به آن نیاز ندارید، حذف کنید. 🔹رمز ایمیل، تلگرام، اینستاگرام، حساب‌های بانکی، حساب‌های کاری و سرویس‌های ابری را تغییر دهید. اگر در این مدت مجبور شده‌اید از فیلترشکن‌ها یا ابزارهای ناشناس استفاده کنید، تغییر رمز عبور را جدی‌تر بگیرید. 🔹 به‌روزرسانی مرورگرها مهم‌ترین قسمت است. همچنین افزونه‌های ناشناس، مشکوک یا غیرضروری را حذف کنید. بعضی افزونه‌ها می‌توانند اطلاعات مرور، رمزها یا کوکی‌های شما را بخوانند. 🔹بعد از بازگشت اینترنت، احتمال انتشار لینک‌های جعلی، فیلترشکن‌های تقلبی، بدافزارها و پیام‌های فریبنده زیاد است. هر فایلی را نصب نکنید و هر لینکی را باز نکنید، حتی اگر در کانال‌ها یا گروه‌های آشنا منتشر شده باشد. 🔹 Share & Support Us 🔹 📱 Channel : @Engineer_Computer

🛡 AI isn't just a tool attackers use — it's becoming the defender's biggest advantage. The new World Economic Forum white paper (in collaboration with KPMG) makes one thing clear: attackers now operate at machine speed, using AI for reconnaissance, malware generation, and large-scale attacks. What once took weeks can now happen in minutes. So defenders have to keep pace — and the numbers show they're starting to. 📊 A few findings that stood out: 🔹 94% of organizations now see AI as the single most significant driver of change in cybersecurity 🔹 77% already use AI in their security operations 🔹 Organizations using AI extensively cut breach times by ~80 days and reduced average breach costs by $1.9M 🔹 88% of security teams report time savings and more room for proactive defense But here's the part most people miss 👇 AI doesn't replace human judgment — it amplifies it. The report repeatedly warns against over-reliance: excessive trust in automation creates a false sense of security and erodes the very expertise teams need when systems fail. The winning approach isn't "AI vs. humans." It's AI + human oversight, deployed across the full security lifecycle — govern, identify, protect, detect, respond, and recover. The defenders who win won't be the ones with the most automation. They'll be the ones who deploy it strategically, validate it through pilots, and keep humans firmly in the loop. #Cybersecurity #ArtificialIntelligence #AI #InfoSec #ThreatIntelligence #CISO #CyberDefense #WEF 🔹 Share & Support Us 🔹 📱 Channel : @Engineer_Computer

🛡 "Nobody cares, nobody understands, and fear drives most of the decisions." That's the brutally honest reality Todd Barnum opens with in The Cybersecurity Manager's Guide — and after 25+ years leading InfoSec programs, he's earned the right to say it. What I appreciated most: this isn't another technical manual. It's a leadership road map for the part of the job no certification prepares you for — building a program when you're under-resourced, misunderstood, and largely on your own. His framework splits the work into the science (the eight domains of InfoSec) and the art — seven practical steps that need surprisingly little budget 👇 🔹 Cultivate relationships — security is won through people, not tools 🔹 Ensure alignment with the business, not against it 🔹 Lay the foundation with a few core cornerstones 🔹 Communicate relentlessly — get the message out 🔹 Give your job away — empower others; it's your only hope to scale 🔹 Organize your InfoSec team intentionally 🔹 Measure what matters — not what's easy to count The line that stayed with me: organizations pour millions into "best-in-class" tools, yet a decent social engineer still gets in with three well-crafted phishing emails. The gap usually isn't technology — it's culture, communication, and leadership. My takeaway: the hardest problems in security aren't technical. They're human. This book is for anyone stepping from doing security into leading it. A great read for new managers, aspiring CISOs, and anyone building a program from scratch. 📑 If you lead a security team — what's the one lesson you wish you'd learned sooner? #CyberSecurity #InfoSec #SecurityLeadership #CISO #SecurityManagement #BlueTeam #GRC 🔹 Share & Support Us 🔹 📱 Channel : @Engineer_Computer

📊 "You can measure anything — even cybersecurity risk." That's the core argument of How to Measure Anything in Cybersecurity Risk by Douglas Hubbard & Richard Seiersen, and it challenges how most of us think about risk. The uncomfortable truth the book opens with: the risk matrix — those red/amber/green "High / Medium / Low" heatmaps we all use — often adds noise, not clarity. Vague labels feel rigorous but hide the very uncertainty they're meant to manage. The authors make the case for something better 👇 🔹 Replace ordinal scales with real quantities. Swap "High likelihood" for an actual probability and a dollar range of impact. 🔹 Calibrate your experts. Most people are overconfident. With training, analysts can give estimates that are honest about what they don't know. 🔹 Start simple. You don't need perfect data — a basic quantitative model (Monte Carlo + a few calibrated ranges) beats a color-coded chart almost immediately. 🔹 Reduce uncertainty with Bayesian thinking. Even sparse data can update and sharpen your risk estimates. 🔹 Measurement isn't about certainty — it's about reducing uncertainty enough to make better decisions. My takeaway: in security we obsess over tools and detection, but we rarely question how we quantify the risks driving those decisions. This book is a strong nudge to treat risk like the measurable, decision-relevant thing it actually is. A must-read for anyone in SOC, GRC, or security leadership. 📑 Have you moved beyond the risk matrix yet? #CyberSecurity #RiskManagement #GRC #SecurityMetrics #QuantitativeRisk #InfoSec #SOC #CISO 🔹 Share & Support Us 🔹 📱 Channel : @Engineer_Computer

📊 Stanford just dropped the AI Index Report 2026 — here's what stood out to me. The ninth edition of Stanford HAI's annual report is out (400+ pages), and the through-line is sharp: AI is scaling faster than the systems built to govern, evaluate, and absorb it. A few numbers worth sitting with 👇 🔹 Capability isn't plateauing — it's accelerating. On SWE-bench Verified, model performance jumped from 60% to nearly 100% of the human baseline in a single year. Frontier models now meet or beat human baselines on PhD-level science and competition math. 🔹 The US–China model gap has effectively closed. The two have traded the lead repeatedly since early 2025; as of March 2026 the top US model leads by just 2.7%. South Korea quietly leads the world in AI patents per capita. 🔹 The "jagged frontier" is real. A model can win IMO gold — yet read an analog clock correctly only ~50% of the time. AI agents leapt to ~66% task success on real-computer benchmarks but still fail roughly 1 in 3 attempts. 🔹 Adoption broke records. Generative AI hit 53% population-level adoption within three years — faster than the PC or the internet. Organizational adoption reached 88%, and 4 in 5 university students now use it. 🔹 Responsible AI is lagging. Safety benchmarks aren't keeping pace, and reported AI incidents are rising sharply. 🔹 The footprint is growing too. Data-center power capacity hit ~29.6 GW — comparable to New York State at peak demand. 🔹 The labor signal is subtle but important. Productivity gains of 14–26% are showing up in support and software roles — the same fields where entry-level employment is starting to soften. My takeaway: 2025 was the year AI arrived. 2026 is the year we find out whether our governance, evaluation methods, and institutions can actually keep up. The capability curve is steep — the readiness curve isn't. Worth a read for anyone in tech, policy, or security. 📑 What stood out most to you? #AI #ArtificialIntelligence #StanfordHAI #AIIndex2026 #MachineLearning #AIGovernance #ResponsibleAI #TechPolicy #CyberSecurity 🔹 Share & Support Us 🔹 📱 Channel : @Engineer_Computer