Dare I invoke the spectre of log4j?
|
|
# ? Sep 27, 2023 12:33 |
|
|
# ? May 24, 2024 23:23 |
|
it's going to be really funny if that exploit works in imagemagick and the entire internet needs patching but doesn't
|
# ? Sep 27, 2023 12:41 |
|
BlankSystemDaemon posted:So, every browser and Electron app? does it affect firefox?
|
# ? Sep 27, 2023 16:41 |
|
The Fool posted:does it affect firefox? Yes, but as long as you're up to date, you're good. Annoyingly, it seems that Microsoft Defender for Endpoint vulnerability management is not accurate and flags Chrome version 116.0.5845.117 and 116.0.5845.118 are vulnerable to CVE-2023-4863, and also Firefox version 117.0.1.0 as well, even though these versions have the vulnerability patched.
|
# ? Sep 27, 2023 16:53 |
Fart Amplifier posted:Yes, but as long as you're up to date, you're good.
|
|
# ? Sep 27, 2023 17:30 |
|
BlankSystemDaemon posted:Yes, electron apps - well-known for always being kept up-to-date, and certainly never using ages-old vendored version-locked libraries. Case in point, my Teams that was updated earlier today:
|
# ? Sep 27, 2023 18:23 |
|
It took me like five minutes clicking around the Teams interface to even find the “check for updates” function. What a dumpster fire.
|
# ? Sep 27, 2023 20:52 |
|
geonetix posted:it's going to be really funny if that exploit works in imagemagick and the entire internet needs patching but doesn't Quick scan of the imagemagick dependencies lists libwebp as optional but required for operations on webp files. So chances are it's compiled in by default lmao
|
# ? Sep 27, 2023 21:22 |
Kibner posted:Case in point, my Teams that was updated earlier today: Also, it's a webp.
|
|
# ? Sep 28, 2023 00:37 |
|
|
# ? Sep 28, 2023 01:22 |
|
Guy training me wants me to help him train 30k users on using a password manager. I'm not sure that's gonna happen.
|
# ? Sep 28, 2023 03:14 |
|
Cannon_Fodder posted:Guy training me wants me to help him train 30k users on using a password manager. I'm not sure that's gonna happen. Assign training in LMS, send reminder emails weekly, call it good by end of quarter. So what if the helpdesk call volume triples? You're not on helpdesk anymore!
|
# ? Sep 28, 2023 05:04 |
|
Cannon_Fodder posted:Guy training me wants me to help him train 30k users on using a password manager. I'm not sure that's gonna happen. if you're getting a 30k quote from a password manager then onboarding should be included i hope
|
# ? Sep 28, 2023 05:05 |
|
I dare someone to train 30k users to do anything, much less use any technology.
|
# ? Sep 28, 2023 07:27 |
|
I could train them to ignore my emails
|
# ? Sep 28, 2023 07:47 |
|
I just set aside a day to complete all my mandated compliance training a few weeks ago. Six hours of every department producing cobbled together information from powerpoints and PDFs, read in an unskippable monotonous voiced video that pauses when you change browser window focus. Some modules went in trying to make it "fun" and "engaging" by throwing in 1999-era-quality flash "games". By the third assigned course I was jokingly wishing there was some kind of incident call I'd be asked to join to pull me away. By the eighth assigned course I was not so jokingly wishing we'd just go out of business.
|
# ? Sep 28, 2023 12:20 |
|
Hearts and minds: destroyed! That is why you need communications people if you want to do wide scale training. If you can't make people care, you're better off not wasting their time.
|
# ? Sep 28, 2023 12:57 |
|
https://twitter.com/BleepinComputer/status/1707120191212048613?t=TCBXV3r4oEH5lCUSHdSTRw&s=19
|
# ? Sep 28, 2023 13:06 |
|
sickos dot jpeg
|
# ? Sep 28, 2023 13:17 |
|
cr0y posted:https://twitter.com/BleepinComputer/status/1707120191212048613?t=TCBXV3r4oEH5lCUSHdSTRw&s=19 this one weird trick dramatically improves the security posture of enterprises all across the United States simultaneously
|
# ? Sep 28, 2023 13:54 |
|
Crowdstrikes detection for this CVE is off for my team as well so far. Lots of false positives for hosts that have already updated to the latest and greatest version of Chrome/FireFox/Edge. Got a support ticket in with them, will see what comes of it.
|
# ? Sep 28, 2023 14:13 |
|
I just had an OT engineer shocked, SHOCKED that we run CrowdStrike on our industrial control servers. He had an unrelated issue, and is now making enough noise that we should: Disable windows firewalls Disable all automatic updates Remove AV If AV can't be removed, disable ALL automatic definition updates. On our fleet of um.... a lot of servers.
|
# ? Sep 28, 2023 14:39 |
|
cr0y posted:I just had an OT engineer shocked, SHOCKED that we run CrowdStrike on our industrial control servers. He had an unrelated issue, and is now making enough noise that we should: Lol and further lmao.
|
# ? Sep 28, 2023 14:41 |
|
that kinda poo poo should be a firable offense TBH
|
# ? Sep 28, 2023 14:43 |
|
cr0y posted:I just had an OT engineer shocked, SHOCKED that we run CrowdStrike on our industrial control servers. He had an unrelated issue, and is now making enough noise that we should: We must work for the same company. I got asked this week to place approximately 500 hosts in a bypass mode because occasionally they see sustained CPU spikes on these hosts and they think its Crowdstrike. They think this because they've ran no perfmons, or done any digging into their logs whatsoever but it has to be CrowdStrike. Nevermind they are wildly under provisioned and running an application written in the 90s for on prem networks that cant handle latency at all that theyve shucked into AWS. God drat this week.
|
# ? Sep 28, 2023 14:56 |
|
cr0y posted:https://twitter.com/BleepinComputer/status/1707120191212048613?t=TCBXV3r4oEH5lCUSHdSTRw&s=19 They just bought out the company I currently work for. Not sure if it’s time to start looking again.
|
# ? Sep 28, 2023 15:05 |
|
Having done a lot of SCADA/HVAC work in the past I'm honestly surprised things like this dont happen more often. I've been out of that space for a few years now, but it seemed like those industries lagged behind the rest of the tech space by a decade.
|
# ? Sep 28, 2023 15:11 |
|
Cannon_Fodder posted:Guy training me wants me to help him train 30k users on using a password manager. I'm not sure that's gonna happen. My wife has been part of training 15,000 people to use a healthcare patient data system (it’s the one you’re thinking of) and their approach is probably the best one: train a bunch of meta-meta-meta-trainers, then have them train other trainers, (etc) then have them train people. They only had 2 layers because the software is quite complex so it takes weeks to learn well enough to teach, but for a password manager you could probably make every manager and director volunteer someone as a “local expert” to learn the software with the aid of some videos/docs and support them with an escalation path for cases that are really weird. If you use an open-source password manager, you could add an interactive tutorial to it!
|
# ? Sep 28, 2023 15:20 |
|
some kinda jackal posted:I just set aside a day to complete all my mandated compliance training a few weeks ago. Six hours of every department producing cobbled together information from powerpoints and PDFs, read in an unskippable monotonous voiced video that pauses when you change browser window focus. Some modules went in trying to make it "fun" and "engaging" by throwing in 1999-era-quality flash "games". That bolded poo poo right there. gently caress the jackholes that did that. Jokes on you bitch - I'm the IT guy. I have like 8 machines...
|
# ? Sep 28, 2023 15:32 |
|
I had a "distinguished engineer" private message me in slack about how requesting privileged access doesn't make sense for developers. When asked to elaborate on what they mean they apparently been lost to the ether.
|
# ? Sep 28, 2023 15:43 |
|
What the gently caress is a distinguished engineer? An engineer that failed upward too many times?
|
# ? Sep 28, 2023 15:54 |
|
stoopidmunkey posted:They just bought out the company I currently work for. Not sure if it’s time to start looking again. You might get a few weeks paid to do nothing while everything is offline, so don't leave yet
|
# ? Sep 28, 2023 15:57 |
|
Mustache Ride posted:What the gently caress is a distinguished engineer? An engineer that failed upward too many times?
|
# ? Sep 28, 2023 16:17 |
|
Diva Cupcake posted:Pretty much. Someone the business can't trust with actual direct reports but they still needed another title for like director level individual contributors. also known as a career goal
|
# ? Sep 28, 2023 16:25 |
|
Mustache Ride posted:What the gently caress is a distinguished engineer? An engineer that failed upward too many times? It’s basically the IC track equivalent of VP. Usually the same signing limit, in the same strategy meetings, repping the engineering rather than organizational aspects. I’m a distinguished engineer because I was a VP they wanted to hire but didn’t have an org for me to run. I stayed pretty technical through my career, so it’s working out pretty well.
|
# ? Sep 28, 2023 16:34 |
|
The Fool posted:also known as a career goal Absolutely. It's a dope gig. Almost all of the money with like 20% of the stress and responsibility.
|
# ? Sep 28, 2023 17:10 |
|
My daughter was phished over text for iTunes money at 4:30 on her first day, allegedly by her boss who was in a meeting and unavailable at they time. They knew his name too. She called me to double-check that it was fraud before finding some other company authority.
|
# ? Sep 28, 2023 17:16 |
|
Remulak posted:My daughter was phished over text for iTunes money at 4:30 on her first day, allegedly by her boss who was in a meeting and unavailable at they time. They knew his name too. Check if their company subscribes to zoom info.
|
# ? Sep 28, 2023 17:18 |
|
cr0y posted:I just had an OT engineer shocked, SHOCKED that we run CrowdStrike on our industrial control servers. He had an unrelated issue, and is now making enough noise that we should: If this is part of an active incident with operational impact then help triage and trouibleshoot and disable with proper incident management approval. If he's just making noise then feed him a security policy exception form to get signed off by the CIO or whoever. Let them explain why they don't need to follow policy.
|
# ? Sep 28, 2023 17:31 |
|
|
# ? May 24, 2024 23:23 |
|
Diva Cupcake posted:Pretty much. Someone the business can't trust with actual direct reports but they still needed another title for like director level individual contributors. Usually principal=director, distinguished=VP, I think.
|
# ? Sep 28, 2023 18:02 |