I get the same DM all the time:
“What certifications do I need to land a job in cyber security?”
When I first started out, I thought the answer was simple: stack up certs.
I went into a pen test interview with all the right ones… and completely bombed it.
Why? Because I couldn’t explain basic network security fundamentals.
I walked out thinking, “But I had XYZ certs - wasn’t that enough?”
It was not.
What actually helped me break in wasn’t another course. It was going back to basics, Googling what I didn’t know, and proving I had the curiosity and drive to keep learning.
Here’s what I’ve learned since:
- You don’t need a degree or a pile of expensive qualifications to get into cyber.
- Most of what you need is out there for free.
- Fundamentals + hands-on practice (HTB, TryHackMe, GitHub, etc.) matter way more than a cert you got 5 years ago.
Sure, certs can help tick a box for hiring managers.
But the people you’ll actually work with? They mostly just care if you know your stuff and keep pushing yourself to get better.
One month into my new Head of Penetration Testing role, and the learning curve has already been steep (in a good way).
Lessons learned:
- Change works best in stages, not all at once.
- I can’t (and shouldn’t) do everything.
- Delegation isn’t optional - it’s essential.
Wins so far:
- We’ve delivered some awesome pen tests.
- Focused on high-value, bespoke testing tailored to each client rather than rigid, one-size-fits-all methodologies.
- Expanded our team’s experience and capabilities across more technologies.
Plenty more to learn but I’ll get there!
Yep I found that. My first submission took about 24-48 hours but then after that, most subsequent updates took about 1-5 hours to be released
This is brilliant!
Yeh that’s the thing that’s pissing me off right now. Everyone wants to keep pushing the war in Ukraine but only as long as it’s someone else that goes to fight in it.
Hi folks we've been experiencing some disruptions over the past couple days as we've been working to mitigate against an attacker who found and exploited a vulnerability in our system that allowed them to get password reset codes for accounts that didn't belong to them.
Using this exploit they were able to gain access to a number of accounts that they shouldn't have had access to and withdraw funds.
We've patched the issue and believe we've revoked the attacker's access to the compromised accounts by invalidating their JWT authentication tokens and NWC secrets.
We've instituted system-wide withdrawal limits as a precautionary measure while we work to fully restore and migrate the payment records of affected accounts.
If you are seeing a blank screen when you visit the Coinos site, you may need to visit https://coinos.io/logout or clear your browser cache. If you have Coinos installed as a PWA you may need to uninstall it and re-add it to your homescreen.
About 80 accounts had their passwords reset by the attacker but only a handful were actively stolen from. If your account was compromised you may be missing some recent transactions. We do have backups and will be writing scripts to find and restore those payment records over the coming days.
If you were using Coinos via NWC your NWC connection string secret may have changed in which case you will need to re-connect Coinos to your Nostr apps.
We'll be reverting unsolicited withdrawals and covering all losses ourselves to make all our users whole. Thankfully we caught the attack relatively quickly and managed to take corrective action before the attacker had time to fully drain our wallets.
Coinos is essentially a volunteer effort and one-man show on the tech front so please be patient as it's going to take me a few days to restore everything back to normal.
This incident has not shaken my resolve, only strengthened it.
Sincerely,
Adam Soltys
Sorry to hear this, I’m a penetration tester and happy to work with you to validate that the fix you’ve implemented has worked?
nostr:nprofile1qqsrhrkznzltm0y7hr2arql9errve5g5g5xlmyk79j6k77hezadm77cpr9mhxue69uhhqatjv9mxjerp9ehx7um5wghxcctwvsq3jamnwvaz7tmnv4hxg6t59ehx7umxd3shyefwvdhk6qg5waehxw309ahx7um5wghx77r5wghxgetkp9v9j4 is a penetration tester and I believe offered assistance in the past so might be able to help 🤙
Thanks nostr:npub1fhpw2ux9flhcxyl6xp84996qgnkkcy59zqzjvq9fhpxcx7upymus69ds8n for tagging me into this. nostr:npub1p6y243ek340jtqjr0qnqg2elkw3x5yn08kzhvxxxkejj486mlg9qtnwx3t I can spend some time looking at your website on Thursday this week to see if I can find any security issues if that’s alright. If I find anything I’ll contact you directly!
100% agree, if government stopped trying to help us then we’d actually be way better off
Just watched The Dark Knight for the first time in ages. Still one of the best films I’ve ever watched. What a film!
Good question actually, I’ll be interested in what people have to say on this!
Yeh I feel the same way when I have to do this. Although, I have to lie so that I can store as much of my income into bitcoin as possible. Crazy that I can freely gamble 100% of my money but can’t put 10% of my annual income into Bitcoin 🙈
Politicians need Bitcoin, Bitcoin doesn’t need politicians.
Huge congratulations, I hope baby and your wife are doing good! I became a dad back in March and it’s been the most life-changing, fulfilling time of my life.
Kudos to you for shining a light on this. Too many people are looking at this from the perspective of short-term fiat gains as opposed to the long-term consequences of this on our financial freedom
So glad you’ve joined Nostr and looking forward to listening to this episode! You’re the only MP that I can think of that talks frankly about the existing credit based system.
This 👇
nostr:note12fxmplul54gvz4226weklqe7a4rpct65kuv4pmh6u2tem5qachss2vwp2n
We are genuinely thrilled whenever someone is generous enough to zap our notes. Your zaps fuel our mission towards a more secure, inclusive, and innovative financial future powered by #Bitcoin. Thank you for being part of this journey.
The zaps we receive contribute to our broader fundraising goals which can be found on nostr:npub1kmwdmhuxvafg05dyap3qmy42jpwztrv9p0uvey3a8803ahlwtmnsnhxqk9, with more details on our website here:
Great to see you on Nostr!
