|
D. Ebdrup posted:You're posting in the infosec thread, and you can't make the definitely hugely massive leap of logic that if standards aren't open and implemented across different alternatives so that people have a choice, you're just putting money directly into Alphabets pockets since they make the vast majority of their money by tracking people?
|
#
?
Sep 6, 2019 18:59
|
|
|
|
| # ? May 24, 2024 22:50 |
|
|
Factor Mystic posted:Great, then go back in time and tell web developers to actually test in other browsers. Please tell Google's early in the set!
|
|
#
?
Sep 6, 2019 19:51
|
|
|
wyoak posted:what? To increase the likelihood of users interacting with ads, Alphabet tracks as much about users as they think they can get away with (which is a lot even if you aren't using Chromium-based browsers, given fingerprinting technologies today). If Google has an effective monopoly, future standards (even if open) can let Alphabet integrate systems to effectively know when people 1) get shown ads, 2) mouse over ads, or 3) click on ads (there are already existing systems to do some of this such as javascript, hidden pixels, guid tracking, et cetera ad nauseum - but I find it hard to believe that Alphabet doesn't want more of them).
|
|
#
?
Sep 6, 2019 20:01
|
|
|
The Fool posted:Since this is the infosec thread, let me pose an infosec related hypothetical. I'd hypothetically not use vulnerable browsers and stick to ones which get frequent patches (Chrome, Edge, Firefox, whatever)
|
|
#
?
Sep 6, 2019 20:11
|
|
|
D. Ebdrup posted:Alphabets primary source of income comes from the money people pay for getting their stuff shown to users via Google AdSense. I was skeptical that this was still true, but I looked it up and you're right -- those little ads are still a full 86% of their revenue, according to Wiki. drat. I would have expected things like Youtube and Android and Google Cloud to be bringing in a bigger slice of the pie these days.
|
|
#
?
Sep 6, 2019 20:23
|
|
|
Powered Descent posted:I was skeptical that this was still true, but I looked it up and you're right -- those little ads are still a full 86% of their revenue, according to Wiki. drat. It's also worth noting that Google is by far the biggest advertiser on the internet, though there are many companies (including Amazon) who wants a bit of their cake (similar to how Google wants a bit of Amazons cake  cake).
|
|
#
?
Sep 6, 2019 21:37
|
|
|
Google can gather all the info they want on me, I'm still blocking every ad they try to serve me
|
|
#
?
Sep 6, 2019 23:32
|
|
|
Between Google pushing me news, services at work, Twitter, this thread, and really any other source of communication or news, I get absolutely inundated with infosec news and the world is terrible and everything is bad. I don't know if I can handle this and all the non-technical things that are wrong with the word. 
|
|
#
?
Sep 9, 2019 16:35
|
|
|
Internet Explorer posted:Between Google pushing me news, services at work, Twitter, this thread, and really any other source of communication or news, I get absolutely inundated with infosec news and the world is terrible and everything is bad. I don't know if I can handle this and all the non-technical things that are wrong with the word. Username/post combo
|
|
#
?
Sep 9, 2019 16:59
|
|
|
Internet Explorer posted:Between Google pushing me news, services at work, Twitter, this thread, and really any other source of communication or news, I get absolutely inundated with infosec news and the world is terrible and everything is bad. I don't know if I can handle this and all the non-technical things that are wrong with the word. If it makes you feel better, the world has always been terrible, this is just the world being terrible at scale and in the cloud 
|
|
#
?
Sep 9, 2019 21:59
|
|
|
I've been messing around with Azure Sentinel for a little bit, but I've realized that I have no experience with any other SIEM products and as a result have nothing to compare to. The closest I've gotten has been setting up Graylog for log injestion and limited alerting. Anyone have any products they'd like to recommend, or products that I should avoid? e: I know Lain's written some words on the subject, and that logrythm should be a non-starter based on that The Fool fucked around with this message at 18:52 on Sep 11, 2019 |
|
#
?
Sep 11, 2019 18:48
|
|
|
We're looking at Deepwatch/Splunk now, and ELK for anything we cant cover outside of that.
|
|
#
?
Sep 11, 2019 23:07
|
|
|
Avoid splunk unless you have Infinity Dollars
|
|
#
?
Sep 11, 2019 23:39
|
|
|
BangersInMyKnickers posted:Avoid splunk unless you have Infinity Dollars Yeah. If you have money to throw at a SIEM, Splunk is fine. But if you're going to work within nasty budget constraints, just ELK it and find a consultant to provide support.
|
|
#
?
Sep 12, 2019 00:11
|
|
|
I have had some intimate knowledge for Alphabet Chronicle passed along to me. As a person who makes the majority of their money from Splunk consulting it scares the crap out of me. Mark my words, in 2-3 years Splunk will be dead and Chronicle will be King.
|
|
#
?
Sep 12, 2019 01:43
|
|
|
Mustache Ride posted:I have had some intimate knowledge for Alphabet Chronicle passed along to me. I'm ok with Splunk dying out (or maybe it'll force their pricing to be a little more sane) but I sincerely doubt Backstory will be as good as folks think it will be. That won't stop people switching in a heartbeat amd crowning it the best SIEM of all time because it's in Google's orbit. Full disclosure: I work for a company that makes a pretty decent SIEM and I've seen enough hype to instantly be skeptical of the way folks in the industry have been salivating over Backstory.
|
|
#
?
Sep 12, 2019 02:31
|
|
|
Chronicle seems real neat.
|
|
#
?
Sep 12, 2019 02:38
|
|
|
Last I heard of Chronicle they still hadn't wired up an external facing api for their beta customers, and the move back into the goog hosed up their org a little bit. IMO GCP's place at #3 in the market shows google isn't quite good at selling to the enterprise. While I would like very much for the entire SIEM industry to die, I doubt very much that chronicle will overtake much of anything in 3 years. Though I certainly wouldn't take that to mean you should keep investing time doing just splunk consulting, a lot of the other log solutions are better than splunk. It's already got the enterprise software death smell on it, it is just a matter of time until the market catches on. 2nd Rate Poster fucked around with this message at 02:52 on Sep 12, 2019 |
|
#
?
Sep 12, 2019 02:47
|
|
|
I work for a VAR, I do what they tell me. Believe me, I loving hate Splunk.
|
|
#
?
Sep 12, 2019 02:58
|
|
|
Lain Iwakura posted:Yeah. If you have money to throw at a SIEM, Splunk is fine. But if you're going to work within nasty budget constraints, just ELK it and find a consultant to provide support. We got a pretty bug budget, and most of the other departments are Splunk'ed already. I'd rather use ELK, but its not my project.
|
|
#
?
Sep 12, 2019 03:09
|
|
|
Mustache Ride posted:I work for a VAR, I do what they tell me. Believe me, I loving hate Splunk. I used to work for a VAR and had to deal with Splunk. They’re the least worst product out there That said, I have little faith in Google since they didn’t manage to wow us when we were actively considering switching our 12,000 person company to them.
|
|
#
?
Sep 12, 2019 05:37
|
|
|
At my previous job we used ELK + Elastalert (https://github.com/Yelp/elastalert), and it scaled decently as we grew from a 1k to 10k person company. Kibana has Watcher, but I found it pretty obnoxious and clunky whereas Elastalert queries ES every 5 minutes or so based on comparatively straightforward yaml rules you define. It also has Slack/Pagerduty integrations if that's a thing you care about, though I ended up writing a customized alert type that fit better with our IR workflows.
|
|
#
?
Sep 12, 2019 06:27
|
|
|
Shuu posted:At my previous job we used ELK + Elastalert (https://github.com/Yelp/elastalert), and it scaled decently as we grew from a 1k to 10k person company. Kibana has Watcher, but I found it pretty obnoxious and clunky whereas Elastalert queries ES every 5 minutes or so based on comparatively straightforward yaml rules you define. It also has Slack/Pagerduty integrations if that's a thing you care about, though I ended up writing a customized alert type that fit better with our IR workflows. We seem to be having issues deploying elastalert where I am. I haven't been following but one of our guys had been working on it for like a week. Did you have any trouble setting it up?
|
|
#
?
Sep 12, 2019 13:44
|
|
|
I'd really like to read Lain's words on Chronicle. I heard an interview they did on Risky Business but even though Patrick gives good interview and I trust his integrity it's still a sponsor interview and  ?
|
|
#
?
Sep 12, 2019 14:34
|
|
|
Schadenboner posted:I'd really like to read Lain's words on Chronicle. I heard an interview they did on Risky Business but even though Patrick gives good interview and I trust his integrity it's still a sponsor interview and We aren’t considering it and I’ll only review it when our licence is up for renewal. However, Google has a notoriously bad history of giving long term support to its products even including those for the enterprise so take that as you will.
|
|
#
?
Sep 12, 2019 15:14
|
|
|
Lain Iwakura posted:We aren’t considering it and I’ll only review it when our licence is up for renewal. Yeah...
|
|
#
?
Sep 12, 2019 15:19
|
|
|
Lain Iwakura posted:We aren’t considering it and I’ll only review it when our licence is up for renewal. I assume that's why they spend so much time on the "We're Alphabet not  " talking-point thing.I mean, I don't necessarily think that's a distinction with much difference but they sure are maintaining that it is. 
|
|
#
?
Sep 12, 2019 15:24
|
|
|
Broadcom has started cutting Symantec employees, 12% by the end of the quarter.
|
|
#
?
Sep 12, 2019 16:31
|
|
|
CommieGIR posted:Broadcom has started cutting Symantec employees, 12% by the end of the quarter. lol if their products weren't lovely enough. half of the people we talk with over there outright quit when the acquisition was announced, I'm betting that 12% is on top of that already reduced headcount
|
|
#
?
Sep 12, 2019 16:51
|
|
|
BangersInMyKnickers posted:lol if their products weren't lovely enough. half of the people we talk with over there outright quit when the acquisition was announced, I'm betting that 12% is on top of that already reduced headcount Yup. We're dumping them too by next year. Already replacing their SIEM solution we use.
|
|
#
?
Sep 12, 2019 17:20
|
|
|
PBS posted:We seem to be having issues deploying elastalert where I am. I haven't been following but one of our guys had been working on it for like a week. It's been like 5 years since we deployed it but no, I don't remember anything about it being particularly challenging. Sorry!
|
|
#
?
Sep 13, 2019 01:08
|
|
|
I ran into something new that I have not been previously exposed to as I am not someone who usually seeks out event tickets on the secondary market and am curious how the scam works. Can someone clue me in? I am in a big city and a popular non-sports event is occurring this weekend, and normally these types of events don't sell out but this weekend it did, driving people to private facebook event pages for tickets. I started looking for people selling tickets and immediately ran into a flood of brand new facebook accounts selling "tickets" to this event with payment via paypal/venmo. People are getting scammed left and right the entire group is just a flood of "are you a real person?" replies. So my questions are this: 1) Is it that easy to spool off a bajillion fake paypal/venmo accounts backed by a valid bank account? 2) Are these actually 'local' people scamming local event pages or a more orchestrated general bot-type scam operation? 3) How does facebook not detect this poo poo? (i know...) I immediately started alerting moderators of these groups as it stunk of a scam operation from the start but am curious as to the scale and sophistication of this nonsense.
|
|
#
?
Sep 13, 2019 05:02
|
|
|
The instances of that I've seen on Facebook have been individual Nigerians (in Nigeria, not locally) who appear to have changed the name and profile picture on their real accounts to be more western and white looking, to better fool victims. I was able to scroll down their profiles a bit and find what appear to be real conversations and pictures with their friends and family. I assume they find events to target by searching for phrases like "sold out". I tracked the same accounts repeatedly trying to scam people in both Australia and the UK. I have no idea how they successfully cash out, but there's obviously a very different cultural attitude at play where it's considered acceptable (even something to be proud of?) to be a blatant and unrepentant scammer. Facebook clearly don't give a poo poo and didn't respond to any of my reports.
|
|
#
?
Sep 13, 2019 05:49
|
|
|
Rufus Ping posted:The instances of that I've seen on Facebook have been individual Nigerians (in Nigeria, not locally) who appear to have changed the name and profile picture on their real accounts to be more western and white looking, to better fool victims. I was able to scroll down their profiles a bit and find what appear to be real conversations and pictures with their friends and family. You could have just said you were on Facebook?
|
|
#
?
Sep 13, 2019 13:31
|
|
|
Schadenboner posted:You could have just said you were on Facebook? ???
|
|
#
?
Sep 13, 2019 13:57
|
|
|
Sorry if everything I wrote was already widely known. I'm only on Facebook very sparingly
|
|
#
?
Sep 13, 2019 14:05
|
|
|
What do ELK consultants do that would be needed? Are they helping with index layout, mapping, stuff like that? Are there any known good ELK consultants I should look at if I ever needed one?
|
|
#
?
Sep 13, 2019 21:22
|
|
|
Another day, another reason not to use LastPass https://www.forbes.com/sites/daveywinder/2019/09/16/google-warns-lastpass-users-were-exposed-to-last-password-credential-leak/amp/
|
|
#
?
Sep 16, 2019 22:50
|
|
Cat Army
|
https://twitter.com/zackwhittaker/status/1173942683141906438
|
|
#
?
Sep 17, 2019 13:57
|
|
|
|
| # ? May 24, 2024 22:50 |
|
|
Maybe there's a better thread for this, but I have a friend who works in HR and they want to use their people skills to get hired as a social engineer. Does anyone have recommendations for certifications, courses or must-read books, or other tips about how to get a job doing soceng? They've already read the books by Hadnagy and Mitnick.
|
|
#
?
Sep 18, 2019 00:27
|
|
