Got a phone interview for a backend dev job in an opsec company.

Interviewer:
This is a very serious and prestigious position, we take care of the most important bits of code.

*Proceeds to talk introductory nonsense*

Interviewer:
Do you know what a DNS is?

Me:
Yes, of course! DNS stands for Domain Name System.... Blah blah blah... I explain about the servers, about hosts file, about DNS spoofing and everything else possible on this topic.

Interviewer:
See, I was patient with you - letting you finish. I'm not sure what you're talking about and where you got it from, but a DNS is that line in the browser where you type the site's name.

He didn't ask any more questions, just told me that they'll get back to me. I asked not to do that.

Three weeks later I got an email claiming that I'm not qualified.

I have just concluded a post-mortem on one of my servers.
Cause of death: out of memory due to a tiny memory leak in a VPN service triggered by 66 different IPs brute-forcing the creds at the same time. Mostly from China, of course.

Dear bot writers: you made me put aside my spaghetti and write iptables rules. I hate iptables. And I love spaghetti. You should be ashamed of yourself! Did momma not teach you basic OpSec? Don't crash the target and never, ever, interrupt the sysadmin during dinner!

former boss wrote three cyber-defense books. had his "collections" team sending plaintext passwords to high-side clients over unsecured email

I saw a lot of this this week when browsing GitHub...

how would you make in a fun way your muggle coworkers aware on the topic of cyber security?

Challenge questions are so goddamn stupid.

Apparently I have an account with a certain online organization though I don't remember setting it up.

So naturally I had no idea of my username or password, so they asked me challenge questions.

It asked me the city of my birth, which is a place with a weird spelling. Because of that weird spelling, I never remember if I'm spelling it right (I was only there as a newborn infant) And I'm also supposed to remember if I capitalized it or not.

I hate challenge questions. And anyone doing any remotely simple research on me shouldn't have trouble learning what city I was born in so it seems to me it's a security vulnerability, nothing more.

And maybe I'm giving things away by saying it asks me that question, but it's a common security question any hacker would anticipate anyways.

Is it really good OpSec to log me out of outlook every hour when the password manager lets me automatically log back in?

Anybody like to rip up CTF (or similar)? I've honestly never done a CTF before, I'd like to give jt a shot. I'll get my ass handed to me because I'm not back up to par on OpSec yet, but I adapt well and when I get into a nice groove I can make shit happen! (I like to think so, anyways haha!!)
I've been in full on dev mode lately and haven't had any time to Hulk Smash for a while... I went to fire up a new Kali live USB today and I couldn't run through the updates like I always have- they changed sooo much and I was pissed because I didn't have ethernet with me. That'll be another day for sure, but I still have my machine with Manjaro armed to the nutsack and back with the BlackArch rep. I def could use a break from the chaos, and getting my ass handed right to me sounds like an awesome time because learning is my favorite thing next to a possible chance at getting to destroy shit.
It's weird, because I'm sort of a n00b but also at the same time I've had computers ripped apart/jammed in my face since every day since I was 9 and Y2K was about to hit the fan lmao!! My hardware/network/layering knowledge is fuckin mint titties, I just can't code like a fuckin madman on the fly. I don't have a "primary" language, because I've been having to work with little bits of several languages for extended periods of time... I can at least find my way around all the dox without much of an issue and have no issue solving the probs I come across which is neat, but until the day comes where I can fuck a gaping hole through my keyboard on the fly like George Hotz during one of his lazy Sunday OpenCV SLAM/Python code streams all jacked up on Herba Mate hahahahaha!!!!
The dude uses fucking VIM and codes faster than anyone I've ever seen on levels of science/math so challenging I almost shit myself inside out when I catch one!!!! The level of respect I have for all my fellow red pills in here is as high as it gets, and that's one of the best parts about being a code junkie- sometimes ya get to cross paths with beastly, out of this world people that teach you so much without even having to explain shit.
If anyone's down, or maybe has some resources for me to check out so I can get my chops up let's make it happen

I'd like to one day work on security consulting/advising (incident response, opsec, SOC, etc). For those of you here that are currently in or have worked with people in that field: what advice do you have for handling cyber risk situations?