Jump to content


  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by Nytro

  1. De fiecare data pana acum am cautat doar Seniori, ca nu avem timp de onboarding si invatat, trebuie aruncati direct pe proiecte.
  2. UiPath nu merge rau deloc ca firma, dat fiind faptul ca are venituri anuale de peste 1,3 miliarde de dolari. Sunt foarte multe produse care au foarte multe capabilitati. Si sunt "bune". Exista mai multe metode de automatizare: no code, cu drag and drop sau se poate scrie si putin cod, la nevoie. Dar cele mai multe automatizari se pot face cu cod putin sau deloc.
  3. Nu e vorba doar de salarii si inflatie ci si de cati oameni vor contribui la stat cand noi vom fi pensionari. Daca ajungem pana acolo. Se voia "subtil" sa mute pilonul II la stat, niste jeguri. Da, pilonul 3 poate fi o solutie dar si strangerea de active pana la vremea respectiva.
  4. Ne-am gandit la asta dar nu e vorba doar de cloud. E un mix de Cloud + IT. Firma nu plateste rau deloc, nici salarii si nici partea de stock options care se ofera.
  5. DefCamp Capture the Flag (D-CTF) 2023 Quals START DATE END DATE Friday, October 20, 2023 at 9:00 AM UTC Sunday, October 22, 2023 at 9:00 AM UTC 🚩It’s official! The date for DefCamp Capture the Flag (D-CTF) Qualification Phase is scheduled! 😱 DefCamp Capture The Flag ( D-CTF) is the most shattering and rebellious security CTF competition in the Central Eastern Europe. Here, the most skilled hackers & IT geeks put their knowledge to the test and compete with the best CTF teams from all over the world to get in the shortlist of best top 10, and later on win the overall D-CTF competition or, die trying. DefCamp Capture the Flag is organised since 2011 with over 10,000 players joined since then in annual multi-staged event for anyone. There is one important rule though – hack before being hacked! Event Summary You can expect around 10 exercises for beginners, ranked as entry level and around 15 exercises of various difficulty for players who have previous experience in the field. Format: Jeopardy Play format: Team only Genres: Crypto, Pwning, Reversing, Web, Forensics, Miscellaneous … Language: English Access: Open / Free for everyone Difficulty: Entry Level - Easy - Medium - Hard - Insane Website: D-CTF Link: https://dctf23-quals.cyber-edu.co/
  6. Life at UiPath The people at UiPath believe in the transformative power of automation to change how the world works. We’re committed to creating category-leading enterprise software that unleashes that power. To make that happen, we need people who are curious, self-propelled, generous, and genuine. People who love being part of a fast-moving, fast-thinking growth company. And people who care—about each other, about UiPath, and about our larger purpose. Could that be you? Your Mission UiPath is a leading provider of advanced robotics automation, and we are scaling up. UiPath is searching for an Enterprise Security Architect with an eye for detail to raise the floor of security at UiPath. Leveraging your expertise in cloud security best practices, as well as your background in software engineering and DevOps, you will design, implement and maintain security solutions that seamlessly integrate with our cloud environments. Your ability to bridge the gap between security and development/operations will be crucial in ensuring the confidentiality, integrity, and availability of our digital assets. What you'll do at UiPath Develop a comprehensive architectural blueprint that guides UiPath's product and cloud security strategies, harmonizing with multi-cloud environments and Kubernetes orchestrations. Spearhead strategic security initiatives focusing on product security enhancement and cloud infrastructure protection. Establish a robust and adaptive security architecture for product development, emphasizing secure coding practices and application security. Craft a secure, scalable, and resilient cloud architecture leveraging Kubernetes, enhancing data protection and network security. Have a good understanding of web application vulnerabilities, exploits, CVEs and code review skills to help development team deliver secure code. Take charge of the analysis, selection, and enterprise-wide implementation of security tools, focusing on product and cloud security enhancements. Collaborate closely with various stakeholders including Site Reliability Engineering (SRE), Security Operations and IT operations teams to innovate and upgrade technology solutions. What you'll bring to the team Practical knowledge of solutions available in the market, their capabilities and limitations, and previous experience rolling out solutions enterprise-wide Demonstrable record of delivering critical security solutions within tight time frames, with multiple stakeholder groups, and competing priorities Demonstrable track record as an influential leader Experience working with a geographically diverse cyber workforce, in a matrixed organization Proven experience in cloud security with a strong background in at least one major cloud platform (AWS, Azure, Google Cloud). Significant software engineering and DevOps experience, with proficiency in software development practices, scripting, and automation. Knowledge of DevOps tools and practices, including CI/CD pipelines, containerization (e.g., Docker, Kubernetes), and infrastructure as code (e.g., Terraform, Ansible). Strong understanding of networking concepts, protocols, and security controls. Excellent problem-solving and communication skills. Ability to work independently and as part of a team, as well as to prioritize tasks in a fast-paced environment. #LI-RU1 Maybe you don’t tick all the boxes above— but still think you’d be great for the job? Go ahead, apply anyway. Please. Because we know that experience comes in all shapes and sizes—and passion can’t be learned. We value a range of diverse backgrounds, experiences and ideas. We pride ourselves on our diversity and inclusive workplace that provides equal opportunities to all persons regardless of age, race, color, religion, sex, sexual orientation, gender identity and expression, national origin, disability, neurodiversity, military and/or veteran status, or any other protected classes. Additionally, UiPath provides reasonable accommodations for candidates on request and respects applicants' privacy rights. To review these and other legal disclosures, visit our privacy policy. Apply: https://careers.uipath.com/careers/jobs/8172?lang=en-us (sau prin mesaj privat) Daca aveti intrebari ma puteti contacta pe privat. Echipa e cea din care fac si eu parte.
  7. Nu asta e problema, problema e ca dam deja o gramada de bani la stat si ca nu se face nimic cu ei. Avem aceleasi beneficii ca cei care nu platesc nimic la stat sau cei care platesc foarte putin. Daca tara ne ofera beneficii, intelegeam, dar nu e cazul.
  8. Mda, adevarul e ca nu contribuim destul la statul asta de cacat... As fi total de acord daca s-ar face ceva cu banii aia si nu s-ar sparge pe oamenii lor. Ramane de vazut cum vor actiona companiile, daca vor acoperi ele costul suplimentar, total sau partial. A mai fost in trecut trecere de la 16% la 10% la impozitul pe venit si fiecare firma a actionat cum a putut. Un lucru e destul de clar, orice ar face Bucuresti nu devine New York.
  9. Nytro

    RST Bashed

    Traiesc toti dar ne-au cam uitat.
  10. Salut, sunt multe astfel de mizerii care se intampla pe net. Ma mir ca mai merg. Pe principiul asta faceau romanii bani pe ebay acum 15 ani. Educatia e importanta. Daca cineva are incredere si trimite bani "random" unei persoane de pe net, isi cam merita soarta. DAR, e o buna metoda prin care invata. Faptul ca ai postat aici e un lucru util ca vad si alte persoane scenariul si o sa fie pregatite. Platformele ar trebui sa faca ceea ce face OLX, sa tina comunicatia intern si sa ofere mesaje de avertizare pentru useri.
  11. In 2019 we celebrated the 10th edition with 3 stages packed with interesting briefings & panel discussions for the 2000+ security experts, developers, decision makers, entrepreneurs, members of the academia and private and public sectors from all around the world. In 2020 we had a COVID-19 break and for 2021 we moved fully online. In 2022, DefCamp returned onsite, in Bucharest, and brought together more than 1,600 participants from over 30 countries. The turnout in such large numbers and the enthusiasm of the participants stood as a powerful motivation to continue strengthening the infosec community and creating a meaningful learning and networking experience. As a result, we are now preparing for the 2023 edition with lots of enthusiasm and energy while we set up the logistics to meet once again with the community under the same roof, in Bucharest. Detaii: https://def.camp/ Bilete: https://def.camp/tickets/ Ne vedem acolo! ❤️ Important: pe 15 creste pretul la bilete.
  12. Asa o duc unii bine, de ani de zile, iar asta nu o sa se schimbe prea curand.
  13. Super, ma bucur sa vad ca sunt persoane care dezvolta tool-uri. Wordlist-ul e cam mare si inutil, nu e nevoie sa se incerce toate acele payloads, cateva simple care sa acopere scenarii comune ar trebui sa fie de ajuns.
  14. Eu, nu e tocmai imens si complex dar isi face treaba.
  15. Dragut, ai putea sa il face sa scaneze constant reteaua locala pentru noi device-uri. Si lista de domenii sa fie intr-un configuration file.
  16. Nu stiu care ar fi solutia ideala, nu mai sunt anii 2000 sa te dea in judecata, dar nici nu poti avea vreo asteptare ca primesti ceva. E o idee care ar fi utila dar probabil necesita buget iar sumele platite nu ar fi prea mari. Macar daca si-ar pune security.txt cei care sunt interesati de subiect ca un program de bug bounty e prea mult pentru ce e la noi in tara...
  17. Nu stiu cum te-am putea ajuta, ar trebui sa stii cine sunt persoanele relevante si sa poti discuta cu ele. Daca nu merge treaba, o plangere pe la Ministerul Educatiei sau mai stiu eu unde. Deci ai "picat" licenta din cauza acelui proces verbal? Nu inteleg exact procesul, cand am dat eu licenta nu s-a pus nicio intrebare la nicio lucrare.
  18. Si eu imi aduc aminte la fel, la baza era comunicatia locala intre aparat si card. Iar pe card era disponibila suma ramasa, dar intr-un fel "criptat" destul de ciudat. Daca imi aduc bine aminte, facand bit flipping puteai sa te trezesti cu o suma mare pe card si era de ajuns pentru "nevoie".
  19. Cateva lucruri interesante: 1. "Cl0p ransomware group leaked data" - Zic si ei mai jos ca nu era ransomware, dar se pare ca gigeii astia fac niste chestii mai "interesante" decat sa cripteze niste fisiere 2. "recent MOVEit Transfer hack" - Lucru deja stiut, cand apare ceva critic e exploatat in masa in "ore" (excluzand 0days sau altele mai avansate) 3. "SecurityWeek was unable to download the archive files" - Probabil cel mai des se afla despre astfel de atacuri cand fisierele ajung publice, ceea ce inseamna ca sunt probabil multe atacuri nedetectate 4. "the cybercriminals noted that the company did not want to negotiate" - Utila practica dar interesant ca atacatorii au vrut sa negocieze
  20. Nop, fie incerci sa iei legatura cu speakerul fie cu @Andrei desi slabe sanse sa le mai aiba pe undeva.
  21. Poti incerca, conteaza mult cum se face suprascrierea de date de catre ransomware si de filesystem. Daca nu se modifica datele inline pe disk e posibil sa poti recupera anumite date, dar sansele sunt mici dat fiind faptul ca ransomware suprascrie fisiere care in final au aceeasi dimensiune.
  22. Decryptere exista pentru foarte putine ransomware, cazurile in care: 1. S-a putut face unul - aka algoritmi de criptare facuti prost sau deloc 2. A meritat - aka cazuri in care companii importante au fost atacate si firme de research au avut motivatie financiara sa faca unul Dar sunt mii astfel de ransomware si sansele de decryptor sunt mici... Backup de duminica e lux, problema e la cei care nu au deloc. Da, nu e ideal, dar e foarte bine totusi. Oficial pot sa dea vina ca le-au crapat niste servere.
  • Create New...