Open navigation

Go to Reddit Home

Log in to Reddit

Open settings menu

Advertise on Reddit

Shop Collectible Avatars

Get the Reddit app

Scan this QR code to download the app now

Or check it out in the app stores

r/cybersecurity

members

online

Hot

Open sort options

Change post view

Mentorship Monday - Post All Career, Education and Job questions here!

u/AutoModerator

MOD

•

Mentorship Monday - Post All Career, Education and Job questions here!

Career Questions & Discussion

This is the weekly thread for career and education questions and advice. There are no stupid questions; so, what do you want to know about certs/degrees, job requirements, and any other general cybersecurity career questions? Ask away!

Interested in what other people are asking, or think your question has been asked before? Have a look through prior weeks of content - though we're working on making this more easily searchable for the future.

Why does the Utilman.exe trick to break into windows not fixed?

•

Why does the Utilman.exe trick to break into windows not fixed?

I just discovered and sucessfully used the trick where one can rename Utilman exe to something else and cmd.exe to utilman.exe and use this to bypass the windows password. Which means I can break into anybody's windows system without knowing their password, and steal their data. This is a very well known work around to bypass windows password, So my question is WHY doesn't windows simply fix this if its so vulnerable and well known?

Also for my curious mind, Could someone ELI 5 how this trick works and what's actually being done here ?

•

Promoted

Master Cybersecurity Compliance - Download the IT’s Professional’s Blueprint for Compliance eBook by ThreatLocker. Secure your organization’s data and reputation.

threatlocker.com

Download

Newly discovered ransomware uses BitLocker to encrypt victim data

•

Newly discovered ransomware uses BitLocker to encrypt victim data

New Vulnerability Disclosure

https://arstechnica.com/security/2024/05/newly-discovered-ransomware-uses-bitlocker-to-encrypt-victim-data/

Top 1% Rank by size

Community Bookmarks

Promoted

Rules

1

Read the FAQ before posting

Please read the FAQ before posting a question, as it may contain the answer you are looking for. Please also check the collections we have, such as the Breaking In to Cybersecurity FAQ, which contains a ton of useful information for people looking to go into cybersecurity!

Due to repetition, posts containing questions which are answered in the FAQ will be removed.

2

Must be relevant to cybersecurity professionals

This is a discussion-oriented sub for people who are, or aspire to be, cybersecurity professionals. The rule of thumb we apply is: if professionals would find it insightful or would enjoy insightful discussions around it, then it's appropriate here.

Questions about personal or "home" cybersecurity MUST be posted on r/cybersecurity_help or r/techsupport.

Memes, "security fails," homework help, etc. historically don't drive conversation, and will generally be removed.

3

No low effort / poor quality posts

This is a community of cybersecurity professionals - the people reading and replying to threads are actual people taking time out of their day. If you aren't putting effort into writing something, why should anyone put effort into reading it?

"AI"/machine generated content, whether linked to or posted directly, is explicitly forbidden across this subreddit and will be removed when discovered.

Copywritten content, SEO farming, and other slop are similarly forbidden.

4

Security first / no editorializing

This is the guiding principle for all posts. No editorializing and no political agendas. Posts discussing political issues that affect security are fine, but the post must be geared towards the security implication. Such posts will be heavily monitored and comments may be locked as needed.

5

No advertising

Want to share information or resources? Please review these guidelines: https://www.reddit.com/r/cybersecurity/wiki/advertising_guidelines

You would rather build a relationship with the r/CyberSecurity community than get banned!

Educational articles or blogs that contain advertisement to a service are to flair their posts with "Corporate Blog."

Soliciting DMs/calls/etc instead of posting answers directly has been used by marketers to try to circumvent this rule, and may also result in a ban.

6

No excessive promotion

All promotion (i.e. self-promotion) on this subreddit must be both:

Under 10% of your posts and comments on this subreddit.
Once per week at most per promoted entity.

This rule is enforced to curb spam and unwanted promotional posts by non-community-members. We must always be a community member first, and self-interested second.

A full explanation with examples is available on our wiki.

7

No personally-identifiable information.

Do not post personally-identifiable information, unless the source has consented to it. Moderation staff can and will request proof.

8

Civility

We're all professionals. Be excellent to each other.

9

Ongoing security incidents are to be collated into one thread

During ongoing major incidents - hacks, vulnerabilities, etc - in order to collate all discussion into one area, threads will be locked or removed and discussion redirected to one or few megathreads.

Need personal security help?

r/cybersecurity is a business-oriented subreddit, where professionals discuss cybersecurity for businesses, careers in cybersecurity, etc. It's tailored to handle questions from technical professionals and students trying to become professionals in our field.

If you are an individual user looking for help with one of the following topics or similar:

Do you suspect or know you've been hacked?
Struggling with a malware infection?
Looking for tips to stay safe online?
Concerned someone has your IP address?
Have other questions on personal security?

We now have a sister subreddit, r/cybersecurity_help, where technical Redditors from our community and beyond can help you out! You will need to post there for assistance.

General Related Communities

r/netsec 497,792 members

r/AskNetsec 201,088 members

r/sysadmin 890,267 members

r/redditsecurity 37,577 members

r/SecurityCareerAdvice 35,808 members

r/ITCareerQuestions 439,877 members

r/security_CPE 3,146 members

r/threatintel 5,635 members

Technical Communities

r/blueteamsec 44,296 members

r/SecurityBlueTeam 15,521 members

r/redteamsec 30,781 members

r/SecurityRedTeam 9,369 members

r/hacking 2,716,122 members

Promoted

sidebar promoted post thumbnail