u/CyberDeclassified

Put together a beginner roadmap for breaking into cybersecurity — covers stages, certs, and mistakes to avoid

I've been seeing a lot of posts asking where to start with cybersecurity, so I put together a video breaking down the full process from zero to job-ready.

It covers:

- The 4 stages: building a foundation, choosing your path, certifications & projects, and applying/interviews

- A certification tier breakdown so you know what to pursue and when as a beginner

- Common mistakes people make that slow down their progress

Hopefully useful for anyone who's been lurking here trying to figure out their first steps. Happy to answer questions in the comments too.

youtu.be

u/CyberDeclassified — 6 days ago

▲ 5 r/Information_Security

The $625M Ronin hack in 2022 is one of the largest crypto thefts ever, but most coverage stops at the headline number. Here’s what’s actually interesting from a security perspective:

∙ Ronin used a 5-of-9 multisig validator model, Lazarus Group got control of 5 validators, which was the exact threshold needed to authorize withdrawals

∙ The attack went undetected for 6 days because the transactions were technically valid

∙ The initial compromise reportedly came through a spearphishing campaign targeting Sky Mavis employees, not a code exploit ∙ Sky Mavis had temporarily granted Axie DAO permission to sign transactions to reduce load, and never revoked it, that’s what gave attackers the 5th key

The combination of social engineering + overlooked access controls + a bridge architecture with a low signing threshold is a textbook case study in layered failure.

I put together a full breakdown of the attack chain if anyone wants to go deeper

u/CyberDeclassified — 12 days ago