|
We used to have people travel from one office four hours away every week to basically just do Teams meetings from a different place and get put up in a hotel overnight, I don't care about spending other people's money.
|
#
?
Jan 13, 2024 20:35
|
|
|
|
| # ? May 23, 2024 11:36 |
|
|
I just got told I need to be in the office at least 2 days a week. I asked my boss who was going to check Nobody. Congrats me in continuing to be full time remote.
|
|
#
?
Jan 13, 2024 22:57
|
|
|
Nitr0 posted:You sound insufferable They hated Sickening because he told the truth.
|
|
#
?
Jan 14, 2024 06:54
|
|
|
Cannon_Fodder posted:I just got told I need to be in the office at least 2 days a week. Be careful, if you need a card to gain access they might be pulling access logs.
|
|
#
?
Jan 14, 2024 07:57
|
|
|
Nalin posted:Be careful, if you need a card to gain access they might be pulling access logs. Oh no, I hope you aren't suggesting (spins the wheel of corpo-buzzwords) Coffee (spings the wheel again) Badging. That's basically theft, dontchaknow?
|
|
#
?
Jan 14, 2024 12:28
|
|
|
Everyone must be in the office two days a week for collaboration but don't all show up at once because there isn't room for everyone
|
|
#
?
Jan 14, 2024 14:55
|
|
|
flakeloaf posted:Everyone must be in the office two days a week for collaboration but don't all show up at once because there isn't room for everyone At the recent employee town hall HR said the following, "We've heard people want to be in person in the office, but they say that well I'll go in and nobody else is not gonna be there so then I end up not going in, so to facilitate this we'll be making a calendar for each person to have two in office days a month" Personally think that it'd be cheaper, more efficient, and better for employee moral to fire the people who outed themselves as the guy in college who for projects contributes nothing but wanting to have meetings so they can appear as if they did poo poo so they get credit. Luckily I'm insolated enough from this kind of bullshit being someone who actually works and does visibly important poo poo.
|
|
#
?
Jan 14, 2024 18:41
|
|
|
Two days a month is closer to my definition of "hybrid" than 2/5 days a week being in-office. But yeah an awful lot of people only want to be in-office so they can waste people's time by booking out meeting rooms.
|
|
#
?
Jan 14, 2024 18:50
|
|
|
Thanks Ants posted:Two days a month is closer to my definition of "hybrid" than 2/5 days a week being in-office. Yeah especially if those 2 days are with your actual team and not random chucklefucks I never ever interact with, or worse yet, everyone.
|
|
#
?
Jan 14, 2024 22:22
|
|
|
Following up on my thing from a couple days ago, I couldn't figure out how to get NFC or usb-c yubikeys to pass the code properly on Android. IPhone worked fine. Wrt charging them, the yubikeys were going to be offered as an alternative to installing MS authenticator on their device (for which they would receive a stipend). Ended up leaving in sms MFA for email only users because I couldn't get the tech to work.
|
|
#
?
Jan 15, 2024 05:02
|
|
|
flakeloaf posted:Everyone must be in the office two days a week for collaboration but don't all show up at once because there isn't room for everyone Nalin posted:Be careful, if you need a card to gain access they might be pulling access logs. 
|
|
#
?
Jan 15, 2024 10:41
|
|
|
At $currentcompany we're a less than 200 people dev shop, and security is responsible for infrastructure and development code base security. I'm nominally the head of infrastructure security, my question is, if I want to be manager of infosec at another company or go for a bigger position somewhere else can I continue just being an infrastructure guy or do I eventually have to learn how to do code security. Like I already know some of the really really basic concepts from college/osmosis, but I don't really like dealing with code security and don't have the actual education to do it properly.
|
|
#
?
Jan 15, 2024 20:22
|
|
|
Defenestrategy posted:At $currentcompany we're a less than 200 people dev shop, and security is responsible for infrastructure and development code base security. I'm nominally the head of infrastructure security, my question is, if I want to be manager of infosec at another company or go for a bigger position somewhere else can I continue just being an infrastructure guy or do I eventually have to learn how to do code security. Like I already know some of the really really basic concepts from college/osmosis, but I don't really like dealing with code security and don't have the actual education to do it properly. "If we have to secure our code, we can't move fast and break things to innovate and pump and dump this crypto"
|
|
#
?
Jan 15, 2024 21:07
|
|
|
Defenestrategy posted:At $currentcompany we're a less than 200 people dev shop, and security is responsible for infrastructure and development code base security. I'm nominally the head of infrastructure security, my question is, if I want to be manager of infosec at another company or go for a bigger position somewhere else can I continue just being an infrastructure guy or do I eventually have to learn how to do code security. Like I already know some of the really really basic concepts from college/osmosis, but I don't really like dealing with code security and don't have the actual education to do it properly. If you want to lead an infosec program your job won't have much to do with the day to day of security. At that level, your job is fundamentally communicating and agreeing on risk management strategies. The key to succeeding at that level is understanding that your job isn't to secure the company, it's to align with the business on the risks it is willing to accept in order to operate.
|
|
#
?
Jan 15, 2024 21:11
|
|
|
Blinkz0rz posted:If you want to lead an infosec program your job won't have much to do with the day to day of security. At that level, your job is fundamentally communicating and agreeing on risk management strategies. The key to succeeding at that level is understanding that your job isn't to secure the company, it's to align with the business on the risks it is willing to accept in order to operate. That is really well put.
|
|
#
?
Jan 15, 2024 21:21
|
|
|
Certainly you're not gonna be looking at programs and doing nuts and bolts stuff, but you should be able to communicate with execs why a policy is a good idea and be able to see if your engineers aren't doing things in a lovely manner right?
|
|
#
?
Jan 15, 2024 21:31
|
|
|
Zorak of Michigan posted:That is really well put. I mean its the ideal and it looks really great on paper, but often isn't what the role ends up being.
|
|
#
?
Jan 15, 2024 21:54
|
|
|
Defenestrategy posted:At $currentcompany we're a less than 200 people dev shop, and security is responsible for infrastructure and development code base security. I'm nominally the head of infrastructure security, my question is, if I want to be manager of infosec at another company or go for a bigger position somewhere else can I continue just being an infrastructure guy or do I eventually have to learn how to do code security. Like I already know some of the really really basic concepts from college/osmosis, but I don't really like dealing with code security and don't have the actual education to do it properly. I'm with what is essentially a construction company, so this might be so far different than what you want that you should take it with a grain of salt. We develop no internal code. I'm nominally in charge of all information security as well as all IT. My strategy was to hire someone incredibly good at infosec who can break down risk levels, help me choose products and have him implement them, etc. I communicate needs and reasons to the board. If you want to be management, you need to know enough about the various security areas you'll be managing to understand what your technical people are telling you, know if they're bullshitting you, and translate to higher management. I would say you won't have to know how to do code security, but you'll have to know enough about it to attest that it was done right.
|
|
#
?
Jan 16, 2024 06:26
|
|
|
flakeloaf posted:Everyone must be in the office two days a week for collaboration but don't all show up at once because there isn't room for everyone
|
|
#
?
Jan 16, 2024 09:09
|
|
|
I told my boss that I would be in office if they needed me, but I'm not going to do it to fill some quota. I'm considered "leadership" for some reason so I can't tell if they're just letting me get away with this BS or we actually are a wink-wink nod-nod "just come in if you REALLY need to" type of org. That said I have actually made the effort to do the two-hour-each-way trek to come in for some one-on-one meetings and get some face time with my management since I actually DO think that I have a really good candid line of communication with them when I'm face to face, and it's usually really productive. I am incredibly pained hearing people who have to come in to check a box and are actually held to it  On the technicality of infosec leadership, I'm also pretty blessed to have fairly technical execs here so I never really have to struggle to get people to understand risk or risk treatment when it translates to technical controls. The more I think about it, the more I realize I have a really good safety net and am in a pretty ideal position.
|
|
#
?
Jan 16, 2024 14:43
|
|
|
some kinda jackal posted:
This is me, also my boss will immediately notice if cameras aren’t on and call you complaining after the meeting. Don’t worry though, the company seems to have no way to measure actual productivity and is infested with middle managers who don’t seem to do anything other than have meetings about unreadable spreadsheets. Least it’s only one day a week in the office but loving hell. I’ve applied for 5 jobs today lol
|
|
#
?
Jan 16, 2024 16:10
|
|
|
Does anybody know if MS Defender XDR or Sentinel support YARA rules? And if so can you point me to some docs on how to enable them? Without going into too much detail, I found an Ivanti VPN instance on our network that nobody else seems to know existed before. So while they are tracking down who owns it/why/update it, I need to do some threat hunting for IOCs and all I've found so far are YARA rules. I don't really want to spend 2-3 hours translating these into KQL queries (if I even can, I don't think KQL will even support some of this logic).
|
|
#
?
Jan 16, 2024 18:01
|
|
|
flakeloaf posted:Everyone must be in the office two days a week for collaboration but don't all show up at once because there isn't room for everyone Unrelated to your post, but you know how I know I'm old? I recognize your avatar from the segment of The Electric Company of my youth. 1-2-3-4-5, 6-7-8-9-10, 11-12, doo doo doo... https://www.youtube.com/watch?v=mTr_HS_O4Ek fake edit: huh, it's Sesame Street. Could have sworn it was The Electric Company...
|
|
#
?
Jan 16, 2024 20:31
|
|
|
The song they used to teach us how to count had a drum score that was impossible to countGeneric Monk posted:This is me, also my boss will immediately notice if cameras aren’t on and call you complaining after the meeting. My old section got a new manager who put in a rule like that. Three of us quit.
|
|
#
?
Jan 16, 2024 23:10
|
|
|
flakeloaf posted:
Yep i’m very motivated by the prospect of loving him over when the time comes. I was a camera on kind of person before this but nothing sours you more on the concept than having it be mandated. There were morale issues before this but at least the previous guy didn’t helicopter monitor the stupid meaningless bullshit. Now we have the same morale issues and organisational issues, but with some nobody doing cargo cult bullshit to appease management while fake-laughing through it all. Just gotta grit my teeth and get out I guess
|
|
#
?
Jan 17, 2024 01:16
|
|
|
MustardFacial posted:Does anybody know if MS Defender XDR or Sentinel support YARA rules? And if so can you point me to some docs on how to enable them? Yeah this has worried a few of our customers. Some links: Remediation steps Original report IOCs from above: Yara CSV Mandiant report with more stuff I'd run these indicators against your firewall logs or add that CSV as a threat Intel list in Sentinel. Mustache Ride fucked around with this message at 14:58 on Jan 17, 2024 |
|
#
?
Jan 17, 2024 14:56
|
|
|
evil_bunnY posted:Also since everyone else can't be in, all your meetings on your office days will be remote or hybrid. Yes our offices are open plan why do you ask? This is my exact problem when I have to go into the office. I tend to go in on Friday because nobody else is there and I will not have to deal with listening to everyone on my floor have a Teams meeting where they scream at their laptops. However this means I am usually one of two people in the office that day; how is this helping the "culture" again? Moron execs push RTO.
|
|
#
?
Jan 17, 2024 18:51
|
|
|
flakeloaf posted:The song they used to teach us how to count had a drum score that was impossible to count https://www.youtube.com/watch?v=TMtGImlEmu0
|
|
#
?
Jan 18, 2024 13:37
|
|
|
ChubbyThePhat posted:This is my exact problem when I have to go into the office. I tend to go in on Friday because nobody else is there and I will not have to deal with listening to everyone on my floor have a Teams meeting where they scream at their laptops. However this means I am usually one of two people in the office that day; how is this helping the "culture" again? My favorite is all the people joining a call from the same open office area and you can hear them all in the background.
|
|
#
?
Jan 18, 2024 13:37
|
|
|
I like it when a bunch of people are in a conference room, join the room, then all join on their laptops
|
|
#
?
Jan 18, 2024 16:07
|
|
|
The Fool posted:I like it when a bunch of people are in a conference room, join the room, then all join on their laptops you need the room camera, but also the face camera. also people doing the mic unmute dance
|
|
#
?
Jan 18, 2024 16:38
|
|
|
Some really impressive funk, in a children's show! Hook 'em young. Worked for me. I'm 54 years old (which means I probably saw the debut of the piece...  ) and still remember it clearly. That and the "Lowercase N" song.
|
|
#
?
Jan 18, 2024 17:05
|
|
|
The Fool posted:I like it when a bunch of people are in a conference room, join the room, then all join on their laptops that’s the only way to be in the chat, at least for gmeet (though it has a “companion mode” that keeps you from taking up a rectangle)
|
|
#
?
Jan 18, 2024 17:13
|
|
|
I got a call yesterday from Wells Fargo, someone in their fraud department calling to confirm whether I had applied to open a credit card with a $16k limit. The caller had my full name, and an address where I used to live. It all seemed legit, because I have had this exact conversation multiple times in the past with legit financial institutions when people have tried to open lines of credit in my name after stealing my identity. Then the dude says, I am sending you a secure code via text, can you read it back to me? lol, man I can see how people get caught by these scams. When I said yeaaaahhh nah bro I am gonna have to hang up and call back to a known good number before I give you anything, he didn't even try to keep me on the line! Then I spent a good 45min on the phone with the real Wells Fargo just to confirm no funny business had occurred (it hadn't). The thing that is still bugging me is, what exactly were they hoping to accomplish? Normally how this scam goes is the malicious actor has your account credentials but they can't defeat the MFA challenge so they call you and try to con you into reading out your OTP. Then they get into your account and steal your money, or whatever. But I don't have any banking or credit accounts with Wells Fargo. I've never had an account with Wells Fargo. Were they trying to create one with my information? If so, why use my actual phone number? (It seems very unlikely.) Why not just try and put in a credit card application with all of my PII that they clearly already had and hope I don't have any fraud alerts set up? That was a whole lot of effort to do...what exactly? idgi
|
|
#
?
Jan 18, 2024 17:27
|
|
|
Could be an attempt to gain trust by using what sounds like a reasonable security measure and procedure, "Hey I am from wells fargo and I'm gonna send you a secure code so please trust that this is a secure measure from the actual wells fargo, I will also need your SSN to validate this is you before we talk further"
|
|
#
?
Jan 18, 2024 17:42
|
|
|
They were likely just hoping that you did, it's all a big numbers game to them. Usually any sort of resistance will get them to hang up and just dial the next person and try the same thing. Sounds like they could have been trying to maybe open an account in your name or something.
|
|
#
?
Jan 18, 2024 17:44
|
|
|
Defenestrategy posted:Could be an attempt to gain trust by using what sounds like a reasonable security measure and procedure, "Hey I am from wells fargo and I'm gonna send you a secure code so please trust that this is a secure measure from the actual wells fargo, I will also need your SSN to validate this is you before we talk further" They probably already had it, tbqh. I've lost count how many times people have used the same PII and address to open lines of credit and poo poo in my name. Generally you do need an SSN for that. Thanks, OPM. Blurb3947 posted:They were likely just hoping that you did, it's all a big numbers game to them. Usually any sort of resistance will get them to hang up and just dial the next person and try the same thing. Maybe, I've just never heard of the scammers already having your PII when initiating this scam (besides account credentials). Usually that's what they're trying to get. ¯\_(ツ)_/¯
|
|
#
?
Jan 18, 2024 17:54
|
|
|
I have absolutely no idea how you fell into their game of numbers if you don't even have an account at the bank. Perhaps an assumption that most people have an account at the major institution? An odd place to 'never attribute malice when incompetence will do', but it's hard to imagine anything other than they don't know who they're targeting. From the FI side of that encounter, there has been a pretty large upswing in persistent ATOs (or at least attempts) as of recent. Once again though, I have no idea why they would come after you if there was nothing to gain access to.
|
|
#
?
Jan 18, 2024 19:14
|
|
|
The real target seems to be the OTP code. The caller claimed to represent Wells Fargo for the sake of the social engineering narrative, but that doesn't mean they couldn't have been targeting another account altogether. Sounds like they found some historic personal information that was likely valid and pivoted from there. What they wanted was for you to get that SMS message and read them the code so that they could access whatever they were trying to access, to do whatever they wanted to do. I'm usually of the opinion that attackers aren't obligated to be transparent as to their objectives, they're just gonna say or do whatever they think will work.
|
|
#
?
Jan 18, 2024 19:53
|
|
|
|
| # ? May 23, 2024 11:36 |
|
|
Possibly someone trying to do a SIM swap. If you'd strung them along until the SMS was sent that might have told you more.
|
|
#
?
Jan 18, 2024 20:18
|
|