|
nielsm posted:I'd probably put a couple different levels/flags for acting on a phishing test mail: Loading an image (pixel) in the HTML mail body, fetching the main web page linked, running JS on the webpage (letting it perform an XHR request), submitting the form, and submitting the form with working credentials. Knowbe4 has a few options like this. They can attempt Java exploits on a click, you can add an attachment that checks macro exploits, you can add a phony portal and record who enters credentials. There are a lot of good options built in though you can probably do most of them with a raspberry pi and some spare time.
|
#
?
Nov 11, 2017 23:56
|
|
|
|
| # ? Jun 7, 2024 00:34 |
|
|
nielsm posted:I'd probably put a couple different levels/flags for acting on a phishing test mail: Loading an image (pixel) in the HTML mail body, fetching the main web page linked, running JS on the webpage (letting it perform an XHR request), submitting the form, and submitting the form with working credentials. Not sure what the other ones are for, since in a proper phishing test, loading the image pixel will signal security to escort the employee from the premises.
|
|
#
?
Nov 12, 2017 02:02
|
|
|
We had a call out this week to a report of a poorly performing wireless network that we had installed a couple of years back. Nothing obviously wrong according to our management console, so somebody went over to see what was up. Turns out that at some point all of their access points have been replaced with a bunch of old ones, and the kit we installed has all disappeared - but it’s online still, presumably in the new location. Current thinking is that another company has been in, sold their own WiFi kit and then generously offered to take a bunch of nearly new units away rather than leaving them for the owner of the business to dispose of, and then reuse them somewhere else. It’s completely the customer’s fault for just signing any old proposal, but it provided a needed laugh.
|
|
#
?
Nov 12, 2017 02:37
|
|
|
carry on then posted:Not sure what the other ones are for, since in a proper phishing test, loading the image pixel will signal security to escort the employee from the premises. Now there's a fun machine learning project: Creating a filter tool that can rewrite emails to remove webbugs but still leave stuff like legitimate product shots and such. Well, someone that is not me...
|
|
#
?
Nov 12, 2017 22:19
|
|
|
KnowBe4 is a lot of fun. My favorite part is coming up with campaigns and running a betting pool about click rates. Highest we've had this year is "Bonus payout structure 2017 CONFIDENTIAL HR ONLY" - 18% Click rate. We've been really happy with the increase in awareness.
|
|
#
?
Nov 13, 2017 08:45
|
|
|
It looks fun so I suggested Knowbe4 to our sysadmin and see if we can get it off the ground in secret. 
|
|
#
?
Nov 13, 2017 09:12
|
|
|
First ticket of the week just came in:quote:i need permission to the systems do you now 
|
|
#
?
Nov 13, 2017 15:16
|
|
|
How high up were they?
|
|
#
?
Nov 13, 2017 16:27
|
|
|
Antioch posted:KnowBe4 is a lot of fun. My favorite part is coming up with campaigns and running a betting pool about click rates. Highest we've had this year is "Bonus payout structure 2017 CONFIDENTIAL HR ONLY" - 18% Click rate. In fairness, I loaded images on a phishing test about shipping. Didn't fall for the actual baited link but I wanted to confirm my suspicions.
|
|
#
?
Nov 13, 2017 17:20
|
|
|
Sirotan posted:First ticket of the week just came in: Just do the needful Sirotan, don't slack in your last week! 
|
|
#
?
Nov 13, 2017 17:42
|
|
|
We had a new user come in who started his first week strong by requesting admin access to almost every system in our catalog. He didn't last long.
|
|
#
?
Nov 13, 2017 18:01
|
|
|
Not even noon on Monday and we already have the ticket of the week:quote:Subject: Laptop felt down and is broken.
|
|
#
?
Nov 13, 2017 20:16
|
|
|
mllaneza posted:Not even noon on Monday and we already have the ticket of the week: "Awww, did it faw down go "BOOM!" ?"
|
|
#
?
Nov 13, 2017 20:34
|
|
|
Sirotan posted:First ticket of the week just came in: Fuckit, granted.
|
|
#
?
Nov 14, 2017 02:03
|
|
|
Paladine_PSoT posted:Fuckit, granted. 
|
|
#
?
Nov 14, 2017 02:19
|
|
|
Since I walked in the door as the lead AIX person, I was handed the keys on day 1. Feels good, man. Edit: yes, I know it's because nobody else wants to touch it. AlexDeGruven fucked around with this message at 02:49 on Nov 14, 2017 |
|
#
?
Nov 14, 2017 02:37
|
|
|
Second ticket of the day: "What is a bitcoin?"
|
|
#
?
Nov 14, 2017 03:08
|
|
|
iospace posted:How high
|
|
#
?
Nov 14, 2017 03:20
|
|
|
Zil posted:Second ticket of the day: I hope you remotely locked their computer down airtight upon seeing that message. And started checking anything it's currently connected to.
|
|
#
?
Nov 14, 2017 08:06
|
|
|
Does anyone have a good 'complete idiot's guide to sharing folders/Onedrive?' A client of mine uses a macbook and stores all her company docs in her personal Onedrive. She wanted to share them with another employee. The 'good with computers' guy came up with the novel idea of simply using her login/password on the second computer and having it store them. Bang! Instant access to the company documents...and her private docs and photos. Obviously I told her that this wasn't right and pointed her in the direction of the Right Way, but it would help if I could give a simple guide on how to do this type of thing correctly. Should have big pictures and short words, if possible.
|
|
#
?
Nov 14, 2017 18:00
|
|
|
https://support.office.com/en-gb/ar...&rs=en-GB&ad=GB Which is part of the quite good: https://support.office.com/office-training-center
|
|
#
?
Nov 14, 2017 18:04
|
|
|
Thanks Ants posted:https://support.office.com/en-gb/ar...&rs=en-GB&ad=GB Perfect, thanks.
|
|
#
?
Nov 14, 2017 19:39
|
|
|
mllaneza posted:Subject: Laptop felt down and is broken. Weinstein, Spacey, Roy Moore, or has a new player entered?
|
|
#
?
Nov 14, 2017 19:49
|
|
|
MANime in the sheets posted:Weinstein, Spacey, Roy Moore, or has a new player entered?
|
|
#
?
Nov 14, 2017 19:51
|
|
|
While we're playing this game: Louis CK, Michael Oreskes
|
|
#
?
Nov 14, 2017 20:00
|
|
|
A Ticket came in for assistance with RHEL installation... See an animated Jeeves whenever their workstation gets an Email. Senior Linux Analysts adds "This looks like my Mom's computer" Is this the 2017 Bonzai Buddy?
|
|
#
?
Nov 14, 2017 20:58
|
|
|
Are they using incredimail?
|
|
#
?
Nov 14, 2017 21:04
|
|
|
anthonypants posted:I don't know what this means, but Tom Sizemore It is a crack about the laptop being 'felt down'
|
|
#
?
Nov 15, 2017 03:42
|
|
|
MANime in the sheets posted:It is a crack about the laptop being 'felt down' Felt down is sad, felt UP is molested.
|
|
#
?
Nov 15, 2017 16:34
|
|
|
The Fool posted:Are they using incredimail? Thy shal not speak that name out loud.
|
|
#
?
Nov 15, 2017 17:02
|
|
|
A ticket didn't come in? Lady calls complaining she can't get on the wireless but before I can even get 1 word in, she just says "Nevermind, I'll use my phone's hotspot" like that's supposed to make me feel bad? 
|
|
#
?
Nov 15, 2017 17:09
|
|
|
Some goddamn idiot boss approved the purchase of a Mac. We don't support Macs. Idiot-with-a-Mac creates a ticket to get shiny new iMac "Connected to the network". I reply to ticket that as per [Company policy] we don't support Macs, and that he's welcome to use the BYOD WLAN and help himself. Then I close the ticket. Today I see a new ticket in my queue. This time he's found a guide on how to join a Mac to Active Directory, and he's been trying to do that himself.. through the wired connection for his thin client, but he doesn't have "the password". I reply that we still don't support Macs, and close the ticket. Then I write a mail to the network guys and my own boss informing them of the ticket. Network replies 20 seconds later that the network post has been closed for "security reasons due to suspicious network activity", and boss replies 10 minutes later by BCCing me in a letter to HR explaining that we've suspended his account due to breach of security protocols. Idiot-with-a-Mac is fresh out of college, and still on his 3-month probationary period. I wonder if we'll get an account termination ticket tomorrow. (probably not. He'll likely get off with a note in his record and a stern talking to.) Crowley fucked around with this message at 21:11 on Nov 15, 2017 |
|
#
?
Nov 15, 2017 21:09
|
|
|
Is the idiot boss going to be given a talked to as well? The employee did get approval.
|
|
#
?
Nov 15, 2017 21:11
|
|
|
GreenNight posted:Is the idiot boss going to be given a talked to as well? The employee did get approval. Yeah, this. He should have been set on the right path from the beginning. But then, once he received the WE DONT SUPPORT THIS, he should have at least tried the "Whoops, can I get something you do support, plz?"
|
|
#
?
Nov 15, 2017 21:28
|
|
|
AlternateAccount posted:Yeah, this. He should have been set on the right path from the beginning. But then, once he received the WE DONT SUPPORT THIS, he should have at least tried the "Whoops, can I get something you do support, plz?" And then he would have to use the same kind of computer/OS like the plebs? This will not do!!!
|
|
#
?
Nov 15, 2017 21:38
|
|
|
AlternateAccount posted:Yeah, this. He should have been set on the right path from the beginning. But then, once he received the WE DONT SUPPORT THIS, he should have at least tried the "Whoops, can I get something you do support, plz?" Ehhh I wouldn't expect that, especially out of a fresh grad, he should have been setup for success not for failure, his idiot boss is the one that needs talking to/disciplined.
|
|
#
?
Nov 15, 2017 21:38
|
|
|
Yeah - in some companies "we don't support that" means "you are prohibited from doing that, do it our way" and in some it means "you can do it if you want, but you'll do it our way instead if you want any help." We have this with Macs at my company - you can get one if you want, but IT is going to mostly point you at internal wikis instead of holding your hand if you have issues. It sounds like you're somewhere in the middle and the manager who approved the Mac may need a clarification on policy themselves so they can guide their reports more effectively.
|
|
#
?
Nov 15, 2017 21:44
|
|
|
Eletriarnation posted:Yeah - in some companies "we don't support that" means "you are prohibited from doing that, do it our way" and in some it means "you can do it if you want, but you'll do it our way instead if you want any help." We have this with Macs at my company - you can get one if you want, but IT is going to mostly point you at internal wikis instead of holding your hand if you have issues. It sounds like you're somewhere in the middle and the manager who approved the Mac may need a clarification on policy themselves so they can guide their reports more effectively. My bosses are finally onboard with Macs in a Windows environment being a spectacularly bad idea. This is after three years of me telling him this, and repeatedly being demonstrated by the litany of problems the Macs have caused over the years. They are also now finally onboard with wireless devices being a bad idea.
|
|
#
?
Nov 15, 2017 21:56
|
|
|
GreenNight posted:Is the idiot boss going to be given a talked to as well? The employee did get approval. Doubtfully. People can (and do) use their own devices all day long.. on the BYOD WiFi. The problems start when 1) They want assistance with their out-of-scope machines. 2) They try to attach them to anything but the BYOD net. (Security on the BYOD network is handled by requiring all devices to be logged in by a person's National Online ID. Effectively tying the device to an identified person. That's also why we let the BYOD network be open to the public.)
|
|
#
?
Nov 15, 2017 22:16
|
|
|
|
| # ? Jun 7, 2024 00:34 |
|
|
The Fool posted:Are they using incredimail? *winces in pain*
|
|
#
?
Nov 15, 2017 23:03
|
|