|
Echo $GOATSEASCII before every command
|
#
?
May 12, 2021 20:22
|
|
|
|
| # ? May 26, 2024 06:56 |
|
|
Better yet rename all your commonly used binaries to a bash script with its former name that does that then runs the binary
|
|
#
?
May 12, 2021 20:23
|
|
|
Achmed Jones posted:goddammit i'm still mad that when i meet people at defcon and ask if they're interested in crypto they want to tell me about their dumb fake money portfolios instead of talking about the real poo poo Obv, otherwise you might find a bigfoot fan.
|
|
#
?
May 12, 2021 20:49
|
|
|
CLAM DOWN posted:ahahaahahahahhahh I applied just for the funsies.
|
|
#
?
May 12, 2021 21:58
|
|
|
Absolutely need some fun interview stories out of that.
|
|
#
?
May 12, 2021 22:00
|
|
|
"Do you have any experience with Em-Eff-Ay? Our consultants say we should use it, whatever that acronym means."
|
|
#
?
May 13, 2021 00:33
|
|
|
Sickening posted:I applied just for the funsies. That job posting is gonna be great for whoever actually gets it. Incredible visibility, tons of people busy trying to make it look like they give a single poo poo about security, then 6 months later there is no budget, nobody wants to do any of the remediation steps you came up with, everyone is in the MFA exempt group because the CFO had a hissyfit after MS had a Azure outage for 20 minutes one day, and the 2nd time they get hosed in the rear end by FancyBear or whatever APT group decides to kick that sandcastle over, you're the 'go to jail for malicious negligence' guy because you didn't fix anything. Did I say great? I meant a sysphysian task made worse by the fact the big rock is actually dried antelope turds the scarab god Khepri rolled up for you as a favor to Zeus. If you are in a single party state, PLEASE record the phone interview and transcribe out the choice bits for us. My bet is "salary is negotiable, but we're looking at 65k to start".
|
|
#
?
May 13, 2021 00:54
|
|
|
Good stuff coming out of the Feds post Solarwinds https://twitter.com/ericgeller/status/1392608990819926017?s=20
|
|
#
?
May 13, 2021 01:03
|
|
|
encryption and mfa werent already required in 2021??
|
|
#
?
May 13, 2021 01:22
|
|
|
SMEGMA_MAIL posted:Better yet rename all your commonly used binaries to a bash script with its former name that does that then runs the binary Recompile busybox to print it before and after every command.
|
|
#
?
May 13, 2021 02:18
|
|
|
Biowarfare posted:encryption and mfa werent already required in 2021?? not to the degree they need to be. it was all very very basic
|
|
#
?
May 13, 2021 05:09
|
|
|
Biowarfare posted:encryption and mfa werent already required in 2021?? We have a federal microagency as a customer and sherpaing them up on their FISMA audits from "lol ad hoc on everything" has been quite the journey. If anyone is actively enforcing anything requirements wise it hasn't ever made it to our customers level.
|
|
#
?
May 13, 2021 06:52
|
|
|
Our it department insists on asking for/taking screenshots. Yesterday I finally figured out why: I got an error on windows and the goddamn text wasn't selectable. Copy the error message by hand or screenshot? Both are poo poo, but at least the screenshot will be accurate. I hate windows.
|
|
#
?
May 13, 2021 07:13
|
|
|
Iirc you can copy the text of any dialog box in windows if you click on it (not any of the buttons but the window itself) and hit Ctrl+C
|
|
#
?
May 13, 2021 07:54
|
|
|
spankmeister posted:Iirc you can copy the text of any dialog box in windows if you click on it (not any of the buttons but the window itself) and hit Ctrl+C Well then they have no excuse, and I've gotta try that next time
|
|
#
?
May 13, 2021 08:18
|
|
|
That only works for the old-style win32 MessageBox I think, so it's not great.
|
|
#
?
May 13, 2021 10:26
|
|
|
Maneki Neko posted:We have a federal microagency as a customer and sherpaing them up on their FISMA audits from "lol ad hoc on everything" has been quite the journey. If anyone is actively enforcing anything requirements wise it hasn't ever made it to our customers level. LIGMA audits
|
|
#
?
May 13, 2021 14:39
|
|
|
omeg posted:That only works for the old-style win32 MessageBox I think, so it's not great.
|
|
#
?
May 13, 2021 15:28
|
|
|
https://twitter.com/kimzetter/status/1392853446059954177
|
|
#
?
May 13, 2021 18:48
|
|
|
Maneki Neko posted:We have a federal microagency as a customer and sherpaing them up on their FISMA audits from "lol ad hoc on everything" has been quite the journey. If anyone is actively enforcing anything requirements wise it hasn't ever made it to our customers level. I worked in two Danish government agencies. All agencies are required to be "ISO 27001 compliant", and both my places had plenty reason to be. On paper they were both 4 on a 1-5 scale. The trouble is that it's self evaluation. So basically it's a requirement with essentially zero enforcement beyond "tell us you're doing well please". Long story short, my honest evaluation would have been a lot lower, and when talking to colleagues in other agencies off the record, they said the same thing. Very few agencies officially dip below 3, despite a lot of them having no real concept of system/service ownership. Of course, there's the state audit institution, but I'm very much but impressed with them. They're nice and could be a really good resource if the agencies treated them as a partner helping to improve security, but in all cases I know of, they're treated as an opponent that you have to dodge. Now I'm doing consulting/ISMS software designing. The customers range from "what's a risk assessment" to a few guys who really run a tight ship (at least on the governance level, we don't really do deep technical stuff). It's a lot of fun seeing the range and sherpaing/nudging organisations towards actually thinking about security.
|
|
#
?
May 13, 2021 19:53
|
|
|
Yup. They lied. They lied to the Us Government, that then announced that lie. Jesus, these people are bad. Even more, one of their ex-pentesters leaked that they had done an audit and found that Colonial was not very secure at all (shockingly!) and that it was pretty much a matter of time.
|
|
#
?
May 13, 2021 20:23
|
|
|
Gee creating decrypted files on a machine is slower then deleting?? What weaksauce.
|
|
#
?
May 13, 2021 22:59
|
|
|
EVIL Gibson posted:Gee creating decrypted files on a machine is slower then deleting?? What weaksauce. you and i both know it's a high latency remote mounted drive over vpn to a 'central onprem location' that is nowhere near the branches
|
|
#
?
May 14, 2021 01:15
|
|
|
I got a good friend who is being harassed by her exhusband and she needs to have her digital identity erased because her ex is disseminating revenge porn in an attempt to ruin her life. Does any goon in this thread know of someone who is good at webscrubbing that would be willing to be put in contact with them for their services?
|
|
#
?
May 14, 2021 02:11
|
|
|
I listen to a lot of Michael Bazzell’s stuff about recon, osint and privacy, apparently he’s kinda the guy on that stuff but I’m willing to bet it costs an arm and a leg to actually contract him
|
|
#
?
May 14, 2021 02:26
|
|
|
You probably need a lawyer more than whatever it is you're looking for. If it's known that the ex is doing it then there are probably several laws being broken depending on jurisdiction. If the dude has a vendetta, they might just keep doing it unless there's some kind of repurcussion.
xtal fucked around with this message at 02:48 on May 14, 2021 |
|
#
?
May 14, 2021 02:41
|
|
|
friendbot2000 posted:I got a good friend who is being harassed by her exhusband and she needs to have her digital identity erased because her ex is disseminating revenge porn in an attempt to ruin her life. Does any goon in this thread know of someone who is good at webscrubbing that would be willing to be put in contact with them for their services? This is illegal in almost every state in the union. I know that isn't what you asked for, but knowing this is important. There is no scrubbing service that is going to be fast enough to protect someone actively doing something like this.
|
|
#
?
May 14, 2021 02:47
|
|
|
You want a lawyer but you should also report the vids to whichever tube site they're on asap because they all mirror each other
|
|
#
?
May 14, 2021 03:53
|
|
|
friendbot2000 posted:I got a good friend who is being harassed by her exhusband and she needs to have her digital identity erased because her ex is disseminating revenge porn in an attempt to ruin her life. Does any goon in this thread know of someone who is good at webscrubbing that would be willing to be put in contact with them for their services? Revenge porn is illegal, find out where he's posting it, report it, and have her lawyer up. There is no easy solution to this. If its bad, reach out to https://badassarmy.org/ Badass also has a link to Revenge Porn laws by state: https://badassarmy.org/revenge-porn-laws-by-state/ CommieGIR fucked around with this message at 04:26 on May 14, 2021 |
|
#
?
May 14, 2021 04:24
|
|
|
CommieGIR posted:If its bad, reach out to https://badassarmy.org/
|
|
#
?
May 14, 2021 09:58
|
|
|
poo poo is going down against Darkside, the ransomware group that hit Colonial https://twitter.com/EamonJavers/status/1393236555616165891?s=20
|
|
#
?
May 14, 2021 20:38
|
|
|
Ars thinks it's just an exit scam. https://arstechnica.com/gadgets/2021/05/pipeline-attacker-darkside-suddenly-goes-dark-heres-what-we-know/
|
|
#
?
May 14, 2021 23:19
|
|
|
https://twitter.com/aionescu/status/1393728058629136387 i'm sure it's fine https://twitter.com/aionescu/status/1393798004151181312 welp (that exact command doesn't work, he altered it instead of dropping a fully working 0day on twitter)
|
|
#
?
May 16, 2021 16:57
|
|
|
Watching https://x33fcon.com presentations today and the next two days. not alot of presentations which is normal for smaller conventions.quote:Agenda Looking forward to Mubix's talk today about old malware being used (and working), the O Event tommorow which shows examples of how to prevent certain event logs from showing up and being able to create totally arbitarty ones, and on the third day the COVID-19 Tracing Apps which is the reason I had concern of using. x33f will post all the videos later on their youtube channel but I am recording them for the Q&A questions since I find that more interesting.
|
|
#
?
May 17, 2021 13:39
|
|
|
Gonna need Cyberinsurance for a Cyber Insurance Broker https://twitter.com/gcluley/status/1394237883394019330?s=20
|
|
#
?
May 17, 2021 20:04
|
|
|
wonder if they followed their own best practices
|
|
#
?
May 17, 2021 20:50
|
|
|
What's that, pay someone else to cover them if their infosec policies aren't good enough? 
|
|
#
?
May 17, 2021 21:03
|
|
|
RFC2324 posted:wonder if they followed their own best practices Gonna guess that'd be a no. Guess that means their insurance was invalidated. Apple is moving their encryption to China, both to comply with the Chinese government'd demands and to "provide them a shield from American Law" Its as bad as it sounds. While Google and most others also do this same thing, Apple specifically prides itself on its "Privacy Protection" https://twitter.com/matthew_d_green/status/1394389869540089856?s=20 CommieGIR fucked around with this message at 23:28 on May 17, 2021 |
|
#
?
May 17, 2021 21:03
|
|
|
Crossposting because some of you need this in your lives.Malloc Voidstar posted:https://thehill.com/opinion/technology/553891-our-cybersecurity-industry-best-practices-keep-allowing-breaches idiot profossor who should have stuck to teaching posted:I have obviously heard the feedback on my article in The Hill. I know there are some who are deeply offended by my broad-based characterization of the Information Security industry. I will also cede that I know many engineers in the field who I respect deeply. I guess he didn't think he would get so exposed.
|
|
#
?
May 19, 2021 03:08
|
|
If I do, would someone please hack in, empty my bank account and forward the proceeds to the "Buy Everyone a Beer" foundation?
|
|
| # ? May 26, 2024 06:56 |
|
|
quote:He has well over four decades of experience with systems, networks, data and other cyber resources. bet he knows how to code in html
|
|
#
?
May 19, 2021 03:21
|
|
