|
cr0y posted:I mean to be fair anytime that I connect with someone on a dating app that is better looking than I am I go full-blown Maybe they just have better Photoshop skills than you?
|
# ? Apr 29, 2022 11:21 |
|
|
# ? May 25, 2024 00:42 |
|
cr0y posted:Is a super convincing dating app scam that is really loving hard to detect a thing right now? Like full on week+ social engineering poo poo. I have something going on right now that I can't put my finger on but I know it's not right. I don't know that I'd call them "super convincing" for anyone who has even a modicum of skepticism these days, but yeah, dating-app scams are 100% real things. As noted above, a lot of them are long-cons trying to get you to do weird stuff with crypto, or will dive into the more rote pathways of "I just need some cash for <expense> and will totally pay you back" or whatnot. And they keep working because, as it turns out, there's enough people out there who keep giving them cash / crypto and then are surprised when their paramour fucks off with the money. If they're not willing to meet up within a couple weeks they're never gonna, be they scammers or just lonely people looking for pen-pals.
|
# ? Apr 29, 2022 15:15 |
|
Yeah my local news network has done a few stories the past few months, e-dating scams are on the rise. Still, don't let self doubt get you down, it could be ok! Just don't give them shiiiiiiiiiit.
|
# ? Apr 29, 2022 15:35 |
|
Treat it as an opportunity to reverse social engineer them.
|
# ? Apr 29, 2022 17:13 |
|
Jeoh posted:Treat it as an opportunity to reverse social engineer them. This is basically what I'm doing
|
# ? Apr 29, 2022 21:23 |
|
Defenestrategy posted:Well heres healthy advice. If a nerd tries to talk to you about crypto walk away. They may or may not be trying to date you, but certainly theyre scamming you. They may or may not be trying to scam you by talking to crypto, but if they're not they're probably an idiot so either way do not contribute
|
# ? Apr 29, 2022 23:55 |
|
I'd like to ask the folks here if you have heard of any volunteering opportunities for people in cybersec. I guess more specifically with the networking flavor, since I imagine app security has a lot of opportunities for open source projects, but maybe there is something for other specializations too? A few years ago my city had a hackaton-exercise for nerds to find holes in the city's cyber infrastructure which was cool, but that was once. Has anyone heard about similar public initiatives?
|
# ? Apr 30, 2022 09:55 |
|
There's the DIVD, Dutch Institute for Vulnerability Disclosure, which is an entirely volunteer organization of infosec professionals and enthusiasts who in their spare time scan the entire internet for vulnerabilities and then attempt to disclose them to the rightful owners. They've garnered a very good reputation, so much so that they're fast becoming the de facto place to report vulnerable systems to in The Netherlands, even though there are official places to do that, simply because they actually do something with the report. (If actionable) They're based in The Netherlands but they operate globally and their volunteers are from all over the globe also. https://www.divd.nl/contact/
|
# ? Apr 30, 2022 10:35 |
|
That's awesome, thanks for sharing. I'll send them a message
|
# ? Apr 30, 2022 15:00 |
|
Crossposting from YOSPOS:
|
# ? May 5, 2022 15:52 |
|
lol yeah when I got their "WE'RE CHANGING PASSWORDS IN 15 MINUTES" email yesterday on an account I forgot I signed up for but was 100% sure wasn't linked to github, I just assumed it was a total meltdown situation
|
# ? May 5, 2022 16:37 |
|
CommieGIR posted:Crossposting from YOSPOS: Oh man that's bad
|
# ? May 5, 2022 16:58 |
CLAM DOWN posted:Oh man that's bad
|
|
# ? May 5, 2022 17:37 |
|
On the other hand, Heroku/Salesforce seems to be doing a masterful job at "being bad at incident response and communication", so there's that.
|
# ? May 5, 2022 19:43 |
Maneki Neko posted:On the other hand, Heroku/Salesforce seems to be doing a masterful job at "being bad at incident response and communication", so there's that. I mean, at this point nobody and nothing should be expected to be safe from these kinds of attacks. APTs are advanced enough that they can manage to stay resident for weeks, and if APTs can do it it's only a matter of time before those techniques starts spreading. The question is how you deal with the fallout from it; do you you do the right thing and inform the customers and help things along, or do you dig in your heels and pretend nothing is wrong? We all know it's obviously the first that's the only right answer.
|
|
# ? May 5, 2022 20:08 |
|
BlankSystemDaemon posted:We all know it's obviously the first that's the only right answer. But if we move quickly and lock things down hard then maybe no one will really notice and we won't have to fill out the various reports and our stock won't take a hit this quarter and that means I'll still be on track for the performance bonus and... #justciso/ceothings
|
# ? May 5, 2022 20:45 |
|
Maneki Neko posted:On the other hand, Heroku/Salesforce seems to be doing a masterful job at "being bad at incident response and communication", so there's that. Yeah all these companies continue to make the same mistake of clamming up and thinking ripping off the bandage hurts worse the sooner you do it.
|
# ? May 5, 2022 22:24 |
|
it seems to me that heroku/salesforce has been really forthright about it, though. comms went out as soon as the breach happened, and then they found out it was worse than they thought and this new round happened. as far as i can tell they absolutely haven't been playing the "clam up and hope it goes away" game
|
# ? May 5, 2022 22:44 |
|
Yes, let's not mistake being pwned really badly for being really bad at responding to it.
|
# ? May 6, 2022 00:42 |
|
Hey, sorry not sure if this is the right thread. How do I validate that a random freemium app I'm downloading isn't malware / spyware? I've heard before you can launch it first in a virtual machine, but honestly at that point I wouldn't know how to evaluate if it's malicious or not before installing it on my main machine. http://www.dvo.com/recipe-app.php OTOH I don't think these guys created a feature rich app and also slipped in something nefarious but OTOH it's the internet so also they don't know how to SSL their site so I just don't know. I'd really like to test it out for a variety of reasons.
|
# ? May 12, 2022 06:29 |
|
BrianBoitano posted:Hey, sorry not sure if this is the right thread. How do I validate that a random freemium app I'm downloading isn't malware / spyware? I've heard before you can launch it first in a virtual machine, but honestly at that point I wouldn't know how to evaluate if it's malicious or not before installing it on my main machine. that looks like someone's high school visual basic project use this: https://www.paprikaapp.com/
|
# ? May 12, 2022 07:02 |
|
BrianBoitano posted:OTOH I don't think these guys created a feature rich app and also slipped in something nefarious but OTOH it's the internet so also they don't know how to SSL their site so I just don't know. I'd really like to test it out for a variety of reasons. IMO with library/dependency supply chain attacks being a thing, even well intentioned developers with poor build hygiene check practices are a plausible cause for concern so it’s definitely warranted. You can try to run through something like virustotal or any of the other malware reputation sites but I honestly don’t remember if they actually fire up a full through-install detonation environment or if they just pass it through a virus scanner and call it a day. But with the above, just be prepared for the risk that lack of build hygiene would make any updates that are auto-installed might be baddies. Just part of daily life being an internet citizen at this point
|
# ? May 12, 2022 10:58 |
CLAM DOWN posted:that looks like someone's high school visual basic project Paprika owns
|
|
# ? May 12, 2022 12:14 |
|
CLAM DOWN posted:that looks like someone's high school visual basic project Yeah that's part of my variety of reasons - comparing with Paprika because I hate to admit there's only one good app out there some kinda jackal posted:IMO with library/dependency supply chain attacks being a thing, even well intentioned developers with poor build hygiene check practices are a plausible cause for concern so it’s definitely warranted. Yeah that is the kind of thing that nagged in my subconscious but I couldn't put into words how "old kludge app could be malicious through negligence" actually worked, thank you
|
# ? May 12, 2022 14:40 |
|
BrianBoitano posted:Yeah that's part of my variety of reasons - comparing with Paprika because I hate to admit there's only one good app out there IIRC, it (Paprika) is a goon owned project too. unknown fucked around with this message at 18:21 on May 12, 2022 |
# ? May 12, 2022 18:18 |
|
Paprkia is really good so I won’t hold that against it
|
# ? May 13, 2022 03:03 |
|
Is this good https://www.cisa.gov/emergency-directive-22-03
|
# ? May 19, 2022 01:47 |
|
Threat actors, including likely advanced persistent threat (APT) actors So does that mean organize groups/crime or state actors, just without explicitly saying it? Neat read on response to attacks. https://www.cisa.gov/sites/default/...ybooks_508C.pdf Also sucks for the dudes who do scam bidding calls. I guess there gonna have to redo their VMware set ups they use for allowing a scammer access to their computer. I also apologize for explaining something in information security that everyone posting in this thread knows 5 billion times more than I do. Marshal Prolapse fucked around with this message at 02:35 on May 19, 2022 |
# ? May 19, 2022 02:27 |
|
Marshal Prolapse posted:Threat actors, including likely advanced persistent threat (APT) actors APTs are explicitly state actors or highly competent organized crime groups, yes. They're just not mentioning which (if any in particular) they've noticed going after this vector so far. The wording is intended to get people's attention that this will likely (if it hasn't already been) be exploited by guys who are real good and real nasty, rather than just run of the mill script kiddies and whatnot who might be less of a threat once inside your systems.
|
# ? May 19, 2022 02:53 |
|
In my recent experience CISA alerts are great for getting the c-suite to take things seriously and to actually devote some time/money/people to fixing things. So hooray I might actually get a patching policy with teeth out of this one! Might, but probably wont...
|
# ? May 19, 2022 16:58 |
|
So I found out that one of our secondary window/door vendors uses IIS 8.0 when I decided to go to the URL in the startup log window of their quoting software. It's the IIS 8.0 landing page. Is this enough of a vulnerability that I need to go about finding out who to talk to at their IT department and letting someone know?
|
# ? May 19, 2022 17:23 |
|
it should be on their radar for EOL for sure lol who anm I kidding, there's still iis6 out there
|
# ? May 19, 2022 18:21 |
|
Today's nihilism comes from more AD/kerb penetration training This entire industry is a fraud. We're collecting paychecks to pretend this poo poo can be defended. Any small foothold that didn't itself get caught gives you domain admin, and there's nothing that anyone can do about it. Like, nothing. Get rid of AD, I guess, like anyone whose products are physical in any way can do that in less than a decade. Or pay for the kind of security ops team that is seriously able to find, lock down, and painstakingly engineer capture/analysis on Literally Every Transaction Ever, always, from any site, no matter what, then follow up lol. Hope none of you are running systems that Absolutely Need™ active directory. So, gently caress you if you make real, tangible things. Toys. Paper towels. Drones. Cars. Insulin. Lol. Lmao.
|
# ? May 19, 2022 18:32 |
|
Oh yeah, legacy AD is horribly insecure. It's real bad.
|
# ? May 19, 2022 18:34 |
|
Maybe some of this industry isn't a loving fraud, it's just that you have to work for the kind of startup that will be dead or acquired one way or another within four years, and the only security that they need is for someone to know what Okta is, then provide assistance getting their $1,300 corporate phone onboarded with the MS Auth app. Edit: who am I kidding, nobody with less than 5,000 users can afford Okta. It's all lovely loving GSuite and Google auth integrations implemented by someone who departed shortly before Google broke it again, because that's what Brad and Hunter used in college before founding Lickrr Inc. Potato Salad fucked around with this message at 18:42 on May 19, 2022 |
# ? May 19, 2022 18:36 |
|
"We can't patch because it's too haaaaaard" - Every sysadmin before they see your flag on their domain controller. Folks, if you want to impact change in your environment, red teaming is where it is at (assuming you can get leadership buy-in). FungiCap fucked around with this message at 21:46 on May 19, 2022 |
# ? May 19, 2022 21:34 |
|
Potato Salad posted:Edit: who am I kidding, nobody with less than 5,000 users can afford Okta. It's all lovely loving GSuite and Google auth integrations implemented by someone who departed shortly before Google broke it again, because that's what Brad and Hunter used in college before founding Lickrr Inc. At a previous company I moved money between budgets so that our IT head could implement the SSO solution that I was least likely to ever hear about in a status meeting, which was Okta. A little pricy for a 90-person company, but they were true to their word and I never had a reason to talk about it again after “Okta rollout complete”.
|
# ? May 19, 2022 22:00 |
|
Is there a brief version of why Okta is superior to Active Directory? Is this thread's criticism of the latter focused on the on-premise version or AAD as well? I'm just being curious, not trying to be a lovely bait-troll or anything if this is anything contentious.
|
# ? May 20, 2022 00:14 |
|
Active Directory is a lumbering mess, Azure AD is great. I'm not sure I'd use Okta even if I had the money for the licensing.
|
# ? May 20, 2022 00:16 |
|
|
# ? May 25, 2024 00:42 |
|
Ynglaur posted:Is there a brief version of why Okta is superior to Active Directory? Is this thread's criticism of the latter focused on the on-premise version or AAD as well? I'm just being curious, not trying to be a lovely bait-troll or anything if this is anything contentious. They aren’t apples to apples technologies.
|
# ? May 20, 2022 00:24 |