|
CaladSigilon posted:I'm still saddened that Firefox is majorly dragging their heels on implementing support in the browser. There''s an add-on that works pretty much perfectly (minus for a couple of sites that intentionally don't support it -- looking at you, Google); it shouldn't take them so long. What the gently caress, that bugzilla thread. I thought people got pissy in the request thread that FF ESR include "esr" in its DisplayName in the Win reg. Holy gently caress I had no idea. Potato Salad fucked around with this message at 20:39 on Jan 2, 2017 |
# ¿ Jan 2, 2017 20:36 |
|
|
# ¿ May 8, 2024 08:37 |
|
Infosec needs to have a separate authority chain so they can't just be squished in the name of cost savings by a single man.
|
# ¿ Feb 20, 2017 20:54 |
|
Cool, infosec thread was pretty activ-
|
# ¿ Mar 1, 2017 06:34 |
|
Absurd Alhazred posted:MD5 is deader than dead. h- wh- how okay freggin how
|
# ¿ Mar 8, 2017 17:21 |
|
Burning a dumpster full of passwords would be waaaaaay better than volunteering passwords. Like, take a moment to appreciate that this metaphor is better than reality.
|
# ¿ Mar 22, 2017 16:46 |
|
Recommended CISM study guides? My employer is paying my way because reasons, just need a book to cram before forgetting all the formalisms of the exam material five years later Potato Salad fucked around with this message at 16:26 on Apr 19, 2017 |
# ¿ Apr 19, 2017 16:22 |
|
That indictment. Well, we aren't going to see poo poo on this for months
|
# ¿ Aug 3, 2017 20:12 |
|
So...yeah. That happened. https://twitter.com/GossiTheDog/status/905946778608050176 https://twitter.com/x0rz/status/906046732722679808 https://twitter.com/mrjohnkelly73/status/906048026665472001 https://twitter.com/Daniel15/status/905953979934187520 Potato Salad fucked around with this message at 14:08 on Sep 8, 2017 |
# ¿ Sep 8, 2017 14:01 |
|
Lain Iwakura posted:July 29th, they knew that they had a breach. Three managers dumped stock shortly afterward but it was totally coincidental. It wasn't just "three managers," it was the CIO, CEO, and another dude. Insider trading is something that we actually still seek justice for in this country, so expect them to be at least investigated.
|
# ¿ Sep 8, 2017 15:05 |
|
CLAM DOWN posted:I honestly feel like giving up on this industry sometimes. It doesn't matter what we do from an infosec perspective, this poo poo is only getting worse. It's disheartening as gently caress that still, after all these breaches, including new ones like this, it feels like we're fighting an uphill battle. Its okay. It has always been on fire, everyone everywhere is running around with their hands on fire right now, and especially with the commoditization of IT, people will be running around with their hands on fire in the future. https://twitter.com/awoodash/status/906193650421551105 This one reminded me of The Phoenix Project
|
# ¿ Sep 8, 2017 17:43 |
|
|
# ¿ Sep 8, 2017 17:47 |
|
CLAM DOWN posted:I need a fancy badass infosec related job title for a new set of business cards, help what do you do
|
# ¿ Sep 8, 2017 22:43 |
|
|
# ¿ Sep 9, 2017 19:14 |
|
Martytoof posted:It's hard to dumb yourself down enough to answer some of those questions ^^^^ Studying was an exercise in "English Language Vocabulary Extension: CISSP" Or, how I learned to stop thinking and love the buzzword.
|
# ¿ Sep 12, 2017 20:02 |
|
fyallm posted:"Let me get into the weeds and then once I have a better understanding we can circle back around, until then can I get some air cover?" - Every corporate meeting these days for me. The Something Awful Forums > Serious Hardware/Software Crap > Infosec Operator HQ
|
# ¿ Sep 12, 2017 22:57 |
|
Username: admin Password: admin
|
# ¿ Sep 14, 2017 18:00 |
|
Just post your ssn, birth, and name on your Facebook and make your profile public.What's the difference.
|
# ¿ Sep 14, 2017 18:02 |
|
CCleaner
|
# ¿ Sep 18, 2017 16:06 |
|
"Hi there's a payload on our installer that we didn't know about" I actually want to see if cylance picks this up, pinging a consultant
|
# ¿ Sep 18, 2017 18:39 |
|
Heh, almost everyone on virustotal misses it.
|
# ¿ Sep 18, 2017 19:41 |
|
The Fool posted:Who didn't? ClamAV; I am not familiar with it
|
# ¿ Sep 18, 2017 19:45 |
|
De-escalation training, day 1: Don't tell someone to gently caress off from the outset.
|
# ¿ Sep 18, 2017 19:51 |
|
*busts door open, panting* ms tools..... minimum feature set..... *collapses to the floor*
|
# ¿ Sep 20, 2017 11:33 |
|
holy poo poo equifax needs to be destroyed
|
# ¿ Sep 20, 2017 17:15 |
|
"Eh you have to have a compromised machine to escape to the hypervisor, and because of our VPN you can't get into our network from the outside so " Spiceworks community is awful. Its like cybersecurity theater. Security cargo cult? "Do these things, scan these firewall ports and we're safe! Because intrusion = network exploits, cybersecurity = a network problem."
|
# ¿ Sep 21, 2017 16:38 |
|
anthonypants posted:Experian. Furism posted:Some VM escape vulnerability just patched by VMWare: https://nakedsecurity.sophos.com/2017/09/21/critical-vmware-vulnerability-patch-and-update-now/ mewse posted:NSA's spying is hindering their efforts to propose encryption standards Lain Iwakura posted:Time to put machine learning IPSes on every internal router and switch. Alfajor posted:Curious, and I think this is the best place for this query: Jewel posted:nice NICE NICE NICE Proteus Jones posted:Via YOSPOS Sec gently caress thread CLAM DOWN posted:Every day, more dumpster fires
|
# ¿ Sep 23, 2017 01:16 |
|
2017 has been loving amazing, and never let someone tell you otherwise.
|
# ¿ Sep 23, 2017 01:17 |
|
CLAM DOWN posted:NIST 800-53 is too long you working on low,
|
# ¿ Sep 25, 2017 19:50 |
|
Diva Cupcake posted:dont touch the poop, etc. Or maybe trade their internal auditor for a good firm.
|
# ¿ Sep 25, 2017 22:46 |
|
How Can You Expect A Security Company To Provide Better Service If They Don't Practice, Practice, Practice? -lovely IT Rag Headline
|
# ¿ Sep 26, 2017 00:23 |
|
Martytoof posted:"(...) and added that investigators still are not certain that they have completely evicted the intruders from the network" no loving way
|
# ¿ Sep 26, 2017 00:24 |
|
Thanks Ants posted:
Real talk, when you finally produce a bottom line on your risk to business continuity and ip, buy appropriate insurance.
|
# ¿ Sep 26, 2017 00:54 |
|
orange sky posted:What's stopping Equifax from starting a spinoff with nothing related to their brand, transfer their managers and sell all their data to the spinoff, effectively cleaning their image? Nothing. Blackwater-playbook.txt
|
# ¿ Sep 27, 2017 17:37 |
|
orange sky posted:I'd say that's gonna happen a lot in the future, when companies find out they've been hacked for the last 5 years without noticing That plus.every state entity. Evis posted:Hey as long as the industry is attributing validity and value to my empty, overworked soul that's okay.
|
# ¿ Sep 27, 2017 17:42 |
|
Furism posted:I understand that the USA are really full throttle in favor of free-market, weak state, strong companies, etc.. How does one keep thinking like this when they see what you quoted? Is anybody, anybody who doesn't have a direct stake that is, in agreement that class actions are bad, etc. ? This is a genuine question from a dirty left-wing European who cannot wrap his head around this. Send me my PM if you prefer (this not being D&D). I think at least some small part of it is how short our memories are, and how powerfully conditioned we seem to be to give every possible benefit of the doubt to the invisible hand of money -- capitalism as something that cultivates self-policing, ethical behavior. My much more personal opinion is that we frequently conflate capitalism, patriotism, and Christianity -- so many Americans fuse those three separate things into a single lens through which they interpret the world. I'm only really comfortable living where I do because my husband is a canadian citizen with a current passport with our marriage certificate stapled inside
|
# ¿ Sep 27, 2017 20:04 |
|
mewse posted:Where's the dating site for me to seduce American chicks with my Canadian passport Obama???????????? https://www.ofa.us http://www.dsausa.org
|
# ¿ Sep 27, 2017 20:33 |
|
The Fool posted:password_requirements.txt What actual authentication system would legitimately have this character class restriction?
|
# ¿ Sep 30, 2017 00:37 |
|
CLAM DOWN posted:Bank websites (lol) u fokken wot
|
# ¿ Sep 30, 2017 01:22 |
|
Are you using a tool to help you link your existing controls to new requirements, a la ServiceNow GRC or KB4 KCM? Or are you just working with spreadsheets? example, control "Bitlocker is turned on and managed with gpos, we run a monthly report to confirm" mapped to 800-53:sc-28, fedramp sc-28, pr.ds1, 800-122 PII 4.3, 800-171 3.13.16....." You can save a lot of time in either of the above as KB4 and Servicenow have hired dudes to enter frameworks into their apps and do a lot of the cross-framework mapping for you Potato Salad fucked around with this message at 19:55 on Oct 2, 2017 |
# ¿ Oct 2, 2017 19:47 |
|
|
# ¿ May 8, 2024 08:37 |
|
get a remote desktop solution in place that actually does federated login ask the 3rd party if they even know that that means you're looking for a user experience that is 1) enter username and primary auth pw 2) get a mfa challenge of some sort 3) there is no third step, they're in
|
# ¿ Oct 4, 2017 15:07 |