|
some kinda jackal posted:I know the answer is "the stupidest of the stupid" but I'm looking through this spam message that I got from someone who obviously just trolled IANA's public registry and I'm like.. I don't get it -- this zero effort email that isn't even pretending to be legitimate which presumably costs a non-zero amount of dollars to spam out: What are the economics of this scam? Like maybe this is a failure of imagination on my part because I can't even begin to pretend to dream up someone gullible enough to engage with these kinds of emails. I feel like a contributor to the struggle you're facing is that you haven't recently had an experience that reminded you just how bottomlessly stupid humanity is
|
# ? Nov 16, 2023 05:12 |
|
|
# ? May 24, 2024 14:51 |
|
Tryzzub posted:Not RSS but: GreyNoise usually keeps up with CISA KEV and shows off when the exploits started appearing in the wild. The blogs do a decent job explaining what's going on in the cves and what versions to worry about. https://www.greynoise.io/blog
|
# ? Nov 16, 2023 14:36 |
Cannon_Fodder posted:Yeah, that certainly strikes a note. They also have some very good blogs. It’s the one that has survived me not being in InfoSec anymore; it’s simply too useful.
|
|
# ? Nov 16, 2023 18:45 |
|
Thanks guys/gals. Coming from app Security on an ERP, the greater VM world is pretty vast and overwhelming. I appreciate the resources.
|
# ? Nov 16, 2023 21:36 |
|
Ransomware gang files SEC complaint over victim’s undisclosed breach Hearty chuckle of the day
|
# ? Nov 16, 2023 22:56 |
|
I'm looking to switch from IT infrastructure/ops to entry level security. Despite having some tangential security responsibilities in my prior role, tons of Identity management experience and broad general knowledge/experience in IT infra, I suspect I'm not getting past the recruiter filter much due to no cert. What's a relatively simple cert that might get me passed this hurdle in some cases?
|
# ? Nov 16, 2023 23:12 |
|
Security+ probably.
|
# ? Nov 16, 2023 23:20 |
|
FungiCap posted:Security+ probably.
|
# ? Nov 16, 2023 23:55 |
|
Tryzzub posted:Ransomware gang files SEC complaint over victim’s undisclosed breach "They are out of line, but they are right."
|
# ? Nov 17, 2023 00:00 |
|
Bald Stalin posted:I'm looking to switch from IT infrastructure/ops to entry level security. Despite having some tangential security responsibilities in my prior role, tons of Identity management experience and broad general knowledge/experience in IT infra, I suspect I'm not getting past the recruiter filter much due to no cert. What's a relatively simple cert that might get me passed this hurdle in some cases? Do you have any interest in relocating to SE Michigan? There's an opening on my team right now for an entry level security person and we (or at least I, and I'll be in on the interviews) don't give a poo poo about certs. It's like a 99% WFH gig but you do need to live somewhat close to Ann Arbor. Posting closes on the 19th, if you're interested I'll PM you the link. Edit: lol ok writing this on the mobile app and just saw your av text. Guessing that's a no on the relocation! But if anybody else reading this is interested, PM me!
|
# ? Nov 17, 2023 01:56 |
|
Potato Salad posted:I feel like a contributor to the struggle you're facing is that you haven't recently had an experience that reminded you just how bottomlessly stupid humanity is I’m an eternal optimist, contraray to my posting history
|
# ? Nov 17, 2023 16:15 |
|
There's a niche mod for a game (called Stalker GAMMA) I want to play but the install instructions seem suss to me for reasons I admittedly can't actually say. Technically it's a mod (GAMMA) , of a mod (Stalker Anomaly). To play it, it requires: - Install both into your root C:/ directory - Add them both as anti-virus exceptions - run .exe as adminstrator. The game thats being modded is old as hell so it's not all that weird that a crunchy hacked set of mods like this would necessarily require all this, but I got curious from an infosec perspective if this is in fact as much of a risk as it seems to be at first glance. I really wanna play the mod, but also don't want my PC to be part of a botnet. With those three things in mind above, is there anymore risk than if I was just playing any other community-made mod for a PC game? If so, is there an easy work-around that one could think of to sandbox the game so it could be played without risking anything else? Through a VM or docker container somehow? Here's a video with a guy with a tail going over install instructions https://www.youtube.com/watch?v=vAd2-WyN96o
|
# ? Nov 18, 2023 16:02 |
|
A VM would probably run horribly and to you probably don't have the chops to pull apart the program in the sandbox to see if it's malicious. You could scan with antivirus before running to check for signatures. (with the knowledge it might be a false positive) That said, it's probably fine? Adding an exception to the antivirus is risky but not that far outside the norm for somewhat obscure bolt-on mods. Download from a relatively reputable site like ModDB or Nexus. If you tried to install it at work, though, you'd be nuked. Famethrowa fucked around with this message at 17:47 on Nov 18, 2023 |
# ? Nov 18, 2023 17:38 |
|
If you're REALLY intent on playing this game and you are paranoid about it you can always build a hardware sandbox, just take a computer that has enough resources to run the game, physically make sure it has no network accessibility, play it on that, and never use it for anything else. Alternatively if you don't have a bunch of spare parts laying around you can go with the less secure route, swap in another hard drive to your main computer, disconnect it from the network, and play that way. As stated above, it's probably fine if you got it from a reputable source like moddb or nexus and check the file signatures to see if whats supposed to be there is only whats supposed to be there. It isn't uncommon for windows defender, et al to freak out against actually legit software just based on what the software does and how/if it is actually signed.
|
# ? Nov 18, 2023 17:51 |
|
Oysters Autobio posted:There's a niche mod for a game (called Stalker GAMMA) I want to play but the install instructions seem suss to me for reasons I admittedly can't actually say. Technically it's a mod (GAMMA) , of a mod (Stalker Anomaly). To play it, it requires: You can install it into whatever folder you want, as long as it has no spaces. D:\Games or J:\Games\CHEEKIEBREEKIE works just as well as C:\
|
# ? Nov 18, 2023 18:54 |
|
A virtual machine will probably run just fine if the game is that old and you set up GPU passthrough.
|
# ? Nov 18, 2023 23:53 |
|
Sirotan posted:Do you have any interest in relocating to SE Michigan? There's an opening on my team right now for an entry level security person and we (or at least I, and I'll be in on the interviews) don't give a poo poo about certs. It's like a 99% WFH gig but you do need to live somewhat close to Ann Arbor. Posting closes on the 19th, if you're interested I'll PM you the link. Does it include Michigan season tickets? I might know a guy if you can throw that in.
|
# ? Nov 19, 2023 00:11 |
|
jaegerx posted:Does it include Michigan season tickets? I might know a guy if you can throw that in.
|
# ? Nov 19, 2023 01:49 |
|
Thanks Ants posted:Pass the token back and forth )) <token> ((
|
# ? Nov 20, 2023 07:34 |
|
TIL: Defender for Endpoint will send an informational alert to the dashboard if you plug in a Flipper Zero.
|
# ? Nov 22, 2023 00:51 |
|
I actually just bought a FZ on a whim, I can't wait to see what the SOC guys have to say about that.
|
# ? Nov 22, 2023 01:54 |
|
some kinda jackal posted:I actually just bought a FZ on a whim, I can't wait to see what the SOC guys have to say about that. I would at least talk to someone before doing that. Not many orgs I have been a part of would see that as very funny in the blind. Even the folks who do red team like things here would be risky getting shitcanned over rolling the dice on that without approval with current leadership IMO.
|
# ? Nov 22, 2023 06:03 |
|
Oh entirely joking -- I spent enough time in an operational security role to know better than to throw a grenade to those poor souls I'm the guy who's littering the infosec chat with "uh hey if you're getting any SOC alerts from me I'm drunk and fat fingering my password right now"
|
# ? Nov 22, 2023 15:14 |
|
some kinda jackal posted:I'm the guy who's littering the infosec chat with "uh hey if you're getting any SOC alerts from me I'm drunk and fat fingering my password right now"
|
# ? Nov 22, 2023 15:58 |
|
evil_bunnY posted:"your account will be re-enabled in 8 hours when you've sobered up, see ya" You could lock me out for a week and my contributions to the enterprise wouldn't be significantly affected
|
# ? Nov 22, 2023 17:15 |
|
Sober after 8 hours? That's awful brave of you to say in the infosec thread.
|
# ? Nov 22, 2023 17:17 |
|
The sobriety patch is stuck in qa approvals, this will have to wait until after the holiday
|
# ? Nov 22, 2023 17:26 |
|
Internet Explorer posted:Sober after 8 hours? That's awful brave of you to say in the infosec thread.
|
# ? Nov 22, 2023 19:10 |
|
MustardFacial posted:TIL: Defender for Endpoint will send an informational alert to the dashboard if you plug in a Flipper Zero. Sometimes more than just Defender will alert on it depending what your environment is configured to look for! First hand experience with that one. Not all of the interactions I ran were picked up (expected), some were blocked via USB policies, and others I think I didn't write properly. I am the SOC guy that was testing detections. some kinda jackal posted:-- I spent enough time in an operational security role to know better than to throw a grenade to those poor souls Appreciated lol
|
# ? Nov 23, 2023 18:20 |
|
Anyone ever use TryHackMe? How did you like it as a training/educational tool? I'm 100% blue team with an ops background in networking, and have been thinking of paying (getting work to at least) for a subscription just to tool around and have fun with and learn new things. Seemed like the best platform out there for that sort of thing but wondered if there are better alternatives.
|
# ? Nov 28, 2023 21:18 |
|
BaseballPCHiker posted:Anyone ever use TryHackMe? How did you like it as a training/educational tool? It's a good start. Eventually you'll outgrow it but then there will be things like HackTheBox.
|
# ? Nov 28, 2023 21:51 |
|
BaseballPCHiker posted:Anyone ever use TryHackMe? How did you like it as a training/educational tool? if work is paying for it, why wouldn't you just do the oscp thing?
|
# ? Nov 28, 2023 22:23 |
|
Thanks for the recs on HackTheBox, may look there as well! I just want some casual learning. I renewed a bunch of certs and got one new one this year, not looking to start studying for any new ones in any serious way at least.
|
# ? Nov 28, 2023 22:30 |
|
"studying" for oscp is literally doing the labs like you're saying you want to do, though
|
# ? Nov 28, 2023 23:52 |
|
Huh TIL. I thought that was the hard one that they gave you like 2-3 days on to hack and write up reports on.
|
# ? Nov 29, 2023 00:05 |
|
BaseballPCHiker posted:Huh TIL. I thought that was the hard one that they gave you like 2-3 days on to hack and write up reports on. It is, and theyre right. All you're doing is the same sort of stuff you'll be doing in labs except that you can't rely on metasploit to do the heavy lifting for you. The new scoring requirements also make it more annoying than the people before you as well, because now you either have to be able to fully crack an AD domain or you have to do perfectly on all machines. Personally if work is willing to foot the bill you may as well go the Pen-200 route, you don't HAVE to take the OSCP after doing it, but it gives you the option to be prepared. Defenestrategy fucked around with this message at 00:57 on Nov 29, 2023 |
# ? Nov 29, 2023 00:53 |
|
BaseballPCHiker posted:Anyone ever use TryHackMe? How did you like it as a training/educational tool? TryHackMe is pretty great on fundamentals, even better if the place you're at is really Linux heavy since a lot of their blue side training uses a ton of open source material/software.
|
# ? Nov 29, 2023 01:16 |
|
I just passed my cissp. So if you’re gonna do this remember that according to the isc2 website their test is going to try and give you questions you have a 50% chance of getting right based on your previous answers and you already have a 25% chance of randomly getting a right answer. So if it’s assfuck hard and you’re asking yourself what the questions have to do with the study material even tangentially then you’re probably doing good. I had a practice test app that showed what percent of people answered a given question correctly and that would have been a useful feature if I’d bothered to read the isc2 website. And I guess that is about all I’m allowed to say about it.
|
# ? Nov 29, 2023 02:33 |
|
Internet Old One posted:I just passed my cissp. What app did you use?
|
# ? Nov 29, 2023 15:46 |
|
|
# ? May 24, 2024 14:51 |
|
Sickening posted:What app did you use? Learn2zapp was the one that showed how well other people scored on particular questions so if you’re passing their quizzes by a good margin and your wrong answers are mostly hard with a few mediums then I guess you’re as ready as you can be. The thing is all the questions are targeted to have a 50% chance of failure and factoring in the automatic 25% of guessing and often being able to eliminate one or two answers. This means the test questions are all basically nonsense way over whatever you’re actually prepared to answer. I wasn’t thinking like a manager or using a cissp mindset or whatever other meaningless slogans people like to throw around. I didn’t understand how the test works so I was basically going through the motions confident that I failed, skim reading the questions and I passed at 125 with over 100 minutes left which I guess is good but honestly I don’t know how they measured any sort of competency from my collection of quick guesses. Almost none of it was very related to the study materials. I was planning on not retaking the test and just getting something else by the time I finished.
|
# ? Nov 29, 2023 17:32 |