|
DigitalMocking posted:I don't understand why anyone in TYOOL 2016 wouldn't use a service like mimecast. Not all crypto comes via mail... We are a Mimecast partner, and have had three clients get hit. The three vectors as derived from intercepted metadata from the end-point: Compromised news service serving malware. USB infection via Windows phone used to introduce pirated content. Compromised Social Media site serving malware. I typically use DTEX SystemSkan to monitor this poo poo.
|
#
?
Apr 6, 2016 10:19
|
|
|
|
| # ? Jun 6, 2024 20:07 |
|
|
Ozz81 posted:He glued more fingers onto the other stuff he glued to his hands, now he's the fastest typist ever He removed his mittens and started furiously multi-keyboard typing while gleefully shouting "LOOK AT THEM - LOOK AT MY BUCKY FINGERS AHAHAHAHAH!"
|
|
#
?
Apr 6, 2016 10:40
|
|
|
I was tasked to update the website of my organization to account for various departmental and personnel changes related to the new fiscal year. I was shown a 2300 line JSON file with a hand-rolled schema that the CMS uses to generate the staff and department list pages. It has descriptive boolean fields such as "R" and "S." It has strings such as "begin" and "end" to denote the start and end of data like a kind of hand-rolled, well-aged, artisanal tag system. It doesn't even include all personnel, just ones high level enough to put their names on a website. There is no way to preview your edits. There is no linter to verify that your edits don't contain syntax errors. The sole feedback you get is the staff/department pages being blank in the event that you forget a comma, paren, or quote somewhere. The person training me on this system has been suffering silently with this for the past 3 years. She described the system as, "something made by people way smarter than us."
|
|
#
?
Apr 6, 2016 13:12
|
|
|
sfwarlock posted:"Oh, those IT idiots are telling me to reboot again, that never works, they just have to say it, they don't realize it throws away all my stuff, I'll lie and tell them I did it." Yeah I don't even ask anymore. Hell, I don't even check uptime, I just send a restart command. If I like you, I'll call you first and ask if you have saved your work recently.
|
|
#
?
Apr 6, 2016 13:17
|
|
|
It took over an hour for someone to help me out on an issue today after repetitively saying "I don't know what I'm doing can someone please help me". It's one of the systems I have very little experience in, and 2 of the 3 other guys here have extensive knowledge, but apparently my pleads fell on deaf ears. I almost pulled a CE and just walked away from the drat thing because if I'm going to be spending an hour doing jack poo poo, I might as well be doing it on my own terms.
|
|
#
?
Apr 6, 2016 14:43
|
|
|
Coworker who is working onsite at client's place sent us a new PC to put some more HDDs in (seriously, who puts 8 4TB drives on consumer motherboard  ). We put disks in, PC won't power on. Hey, maybe this 400W PSU is inadequate? Nope, still won't power on without disks. Let's look at the motherboard then... 
The Claptain fucked around with this message at 16:30 on Apr 6, 2016 |
|
#
?
Apr 6, 2016 14:45
|
|
|
Doctor Bombadil posted:Coworker who is working onsite at client's place sent us a new PC to put some more HDDs in seriously, who puta 8 4TB drives on consumer motherboard How the gently caress do you even get that motherboard in the case? Let alone NOT NOTICE THE HUGE MANUFACTURING DEFECT.
|
|
#
?
Apr 6, 2016 14:47
|
|
|
A ticket came in: "I CAN'T ACCESS THIS loving ATTACHMENT AND MY COMPUTER DOESN'T WORK NOW FIX IT." -> Forwards email
"Did you try and open it?" "OF COURSE IT'S FOR HER BANK WTF." "Please bring your laptop to IT right away and do not use it." "OH MY GOD NOW YOU'RE TAKING MY LAPTOP AWAY."
|
|
#
?
Apr 6, 2016 14:54
|
|
|
GnarlyCharlie4u posted:How the gently caress do you even get that motherboard in the case? Let alone NOT NOTICE THE HUGE MANUFACTURING DEFECT. It's not a defect, that's a standoff. As for how did he managed to fit motherboard in case without noticing it, 
|
|
#
?
Apr 6, 2016 15:09
|
|
|
ming-the-mazdaless posted:Not all crypto comes via mail... We are a Mimecast partner, and have had three clients get hit. Do you not have a UTM intercepting that poo poo? Yes, there are other vectors, like I said, we got caught from a supposedly trusted vendor (HP printer drivers), but from malware? I mean, there's nothing you can do about Windows Phone since that's physical layer, but there really is no reason for an enterprise to get infected with crypto unless someone brings it in from home physically or is trying to circumvent your security.
|
|
#
?
Apr 6, 2016 15:49
|
|
|
Doctor Bombadil posted:Coworker who is working onsite at client's place sent us a new PC to put some more HDDs in seriously, who puta 8 4TB drives on consumer motherboard what the gently caress
|
|
#
?
Apr 6, 2016 16:10
|
|
|
What is that?
|
|
#
?
Apr 6, 2016 16:14
|
|
|
Dillbag posted:What is that? It's one of the little things you clip into the backing plate of the case to then receive the screw coming through the motherboard.
|
|
#
?
Apr 6, 2016 16:20
|
|
|
Dick Trauma posted:Other than their piece of poo poo web interface Mimecast has been solid at this place. No crypto in over a year. Seconded for ProofPoint. Not one case of any cryptolocker variant EVER. Also has a garbage interface, though.
|
|
#
?
Apr 6, 2016 16:20
|
|
|
Dillbag posted:What is that? Someone was trying to desolder with a lighter, but the windscreen ended up getting soldered to it instead. When he realized the lighter was stuck to the motherboard, one quick yank and boom, custom spacer.
|
|
#
?
Apr 6, 2016 16:21
|
|
|
hey I got an e-mailquote:Subject: ??????  I want to respond with "yes"
|
|
#
?
Apr 6, 2016 16:23
|
|
|
Renegret posted:hey I got an e-mail !!!!!!
|
|
#
?
Apr 6, 2016 16:30
|
|
|
AlternateAccount posted:It's one of the little things you clip into the backing plate of the case to then receive the screw coming through the motherboard. This. It probably fell in, or something, and when MB was screwed down it clipped onto the pins.
|
|
#
?
Apr 6, 2016 16:32
|
|
|
18 Character Limit posted:!!!!!!
|
|
#
?
Apr 6, 2016 16:48
|
|
|
Any news on the crypto'd TV station, Larches? 
|
|
#
?
Apr 6, 2016 16:54
|
|
|
Renegret posted:hey I got an e-mail 
|
|
#
?
Apr 6, 2016 16:54
|
|
|
The "????" makes it look like the sender used a special font that the receiver doesn't have installed.
|
|
#
?
Apr 6, 2016 16:55
|
|
|
Footprints tards out like that with unrecognized characters. "Unrecognized" can be as elementary as a semicolon depending on your implementation.
|
|
#
?
Apr 6, 2016 17:08
|
|
|
Doctor Bombadil posted:This. It probably fell in, or something, and when MB was screwed down it clipped onto the pins. I'm sure shorting those pins is really good for whatever it is on the other side of that board, too.
|
|
#
?
Apr 6, 2016 17:13
|
|
|
Probably my favorite moment ever at my job. We did a knowBefore spam test a little while back, and about five people clicked the link and opened the attachment. Yesterday we had an all-hands meeting, a company lunch. During the time at the end when the President stands up and talks about what's going on with our company and the client companies, what's coming down the pipe etc. he brought up the phishing test. He explained what happens when we get Crypto'd and that he'd calculated loss of a file server for a whole day would cost a couple hundred thousand in lost productivity. Then he basically said "don't open attachments or click links in emails, if it's not something you're expecting. You have all been warned." Dead silence in the room, except for in my mind where a triumphant orchestral march was playing. I know it'll result in a ton of paranoia, people asking IT to look at emails to see if they are safe, but better that than yet another restore from backups.
|
|
#
?
Apr 6, 2016 17:30
|
|
|
MrMojok posted:Probably my favorite moment ever at my job. We did a knowBefore spam test a little while back, and about five people clicked the link and opened the attachment. Yesterday we had an all-hands meeting, a company lunch. You should have applauded.
|
|
#
?
Apr 6, 2016 17:32
|
|
|
GreenNight posted:The "????" makes it look like the sender used a special font that the receiver doesn't have installed. It's possible, but here's the thing: It came from a @vtext.com address and like hell I'm looking up who that phone number belongs to. I'm pretty sure it was a tech responding to a page we sent to his group, and also these techs are (generally speaking) idiots. It also might have been intended for his boss. Or maybe he didn't understand the page. Who knows.
|
|
#
?
Apr 6, 2016 17:48
|
|
|
Does anybody here have a template they've used for a Ransomware Security Incident Report? I'm tasked with documenting what happened yesterday and have never written one of these things before, so a template would be immensely helpful in coming up with what format should be used.
|
|
#
?
Apr 6, 2016 18:08
|
|
|
Ticket! : I need a new mouse : ok. Here is a new mouse : Its not wireless : We don't have any wireless mice right now : ok. . . : Whats that noise? *Looks over cube wall* : *Is taking co-worker's wireless mouse* : Actually chat convo from a different of our offices, but seriously, WTF?
|
|
#
?
Apr 6, 2016 18:41
|
|
|
ilkhan posted:Ticket! At new job, my dept is mostly remote, tho we do have desks in the office(its not offically remote, we just do it). Every time I bother going into the office, something else has been missing. Up to and including my dock and the cables for my monitors(2 different days).
|
|
#
?
Apr 6, 2016 18:47
|
|
|
User: Hi, I was wondering how long it would take to install the Windows 10 App on my iPad like <manager> does? Me: <manager> has a Surface Pro, not an iPad. I'll get out an order if you can get your manager to approve it. User: No, Surfaces are terrible - they are made by Microsoft, you know? I need to stay with Apple. So, when can you put Windows 10 on here? Me: ...Microsoft Windows 10 will not work on an Apple iPad. User: Microsoft? They don't make Windows 10, do they? Me:  User: Wow. I need to get rid of my PC at home..... I bet Windows 7 isn't Microsoft. I'll just use that. *walks away lost in thought* People. People hurt.
|
|
#
?
Apr 6, 2016 18:48
|
|
|
MrMojok posted:Dead silence in the room, except for in my mind where a triumphant orchestral march was playing. I know it'll result in a ton of paranoia, people asking IT to look at emails to see if they are safe, but better that than yet another restore from backups. I will look at every drat attachment by hand if that is what I have to do to have users avoid getting my stuff cryptoed. It takes all of a few minutes for me, and if I'm still unsure because it seems odd (but we deal with odd people) I have an isolated computer I can test it on physically and then reimage without it touching my network. That computer has had 0 actual infections but 4 PDFs that were "locked click here to install unlocker" or "click here to unlock with your google account" and 1 legit that I thought was bogus. Everything else has been glaringly fake with 1 user who is a bit paranoid and sent me 3 very legit looking messages (that I didn't bother to test and said they are good).
|
|
#
?
Apr 6, 2016 18:57
|
|
|
A ticket went out to Toshiba. Hold music: "Welcome to Toshiba. Woop woop!" (Some promotional words here) "....so be sure to check us out on the inter-webz (emphasis on the z)." 
|
|
#
?
Apr 6, 2016 19:03
|
|
|
Dick Trauma posted:Other than their piece of poo poo web interface Mimecast has been solid at this place. No crypto in over a year. late but mimecast is cool and great
|
|
#
?
Apr 6, 2016 19:24
|
|
|
Neddy Seagoon posted:Any news on the crypto'd TV station, Larches? Nope. I've been busy with my employee literally hiding in his office for three days now in the dark with bloodshot eyes. I've asked him several times if he's alright and what's going on but he just says nothing and that he's fine. I've got too much other poo poo on my plate to be concerned with him now and nothing has broken that's needed his immediate attention. This morning the director noticed his door was shut, barged in, and loving lambasted him for a good ten minutes. Then he turned on me and told me that if there isn't enough work for two people then maybe we don't need two people. His disdain for my employee is hardly a secret. My disdain is getting harder to hide.
|
|
#
?
Apr 6, 2016 19:29
|
|
|
So your underling is Towlie from South Park?
|
|
#
?
Apr 6, 2016 19:44
|
|
|
Potato Salad posted:A ticket went out to Toshiba. Hold music: "Welcome to Toshiba. Woop woop!" Oh man I had to call Spirit airlines at 5 AM because they canceled my loving flight (I got what I paid for) and the loving stuff the voiceover was saying was so god drat annoying. Literally shouting "WE KNOOOW, WE KNOOOOOOOOOOOOW! Customer service calls can be a drag" god drat stop trying to be cute you idiots and get a backup 737 for the route.
|
|
#
?
Apr 6, 2016 19:50
|
|
|
larchesdanrew posted:My disdain is getting harder to hide. And you two started out so well, too.
|
|
#
?
Apr 6, 2016 19:53
|
|
|
larchesdanrew posted:Nope. Tell him it's currently slow and you need enough manpower for high volume times. Any down time is spend researching new technology to implement or learning a new skill to save money not having to hire a consultant. Lack of ablity to deal with peak volume will lead to downtime of several people and will cost more then the yearly salary of a helpdesk guy. Not having someone under you means you will have to do simple tasks such as replace a mouse or assist with an email issue. If the entire phone system is down or the file server you will not be able to help with day to day issues resolving an issue that may take the better part of the day, if not multiple days for a large scale failure. Ideally you don't have any recovery that takes days (this means you didn't have a good backup ready most of the time but it happens from time to time, some undocumented system, or something you have said needs $xxxx to have a good backup for).
|
|
#
?
Apr 6, 2016 19:54
|
|
|
|
| # ? Jun 6, 2024 20:07 |
|
|
Malek posted:So your underling is Towlie from South Park? I asked him for the IP for our wifi controller and he says "It's... uh... 1.2.3.4 and then those two little dots. I don't know what they're called... uh... those two little dots 1234."I just... I told him those are a colon, and asked if he knew what the number after them represented and he did not know what they represented and oh my god.
|
|
#
?
Apr 6, 2016 19:54
|
|