|
wrong thread
|
#
¿
Jul 17, 2018 20:09
|
|
|
|
| # ¿ May 18, 2024 18:44 |
|
|
15 bits/hour lol. I guess it can be added to a threat model like way at the bottom.
|
|
#
¿
Jul 27, 2018 16:34
|
|
|
vomit https://twitter.com/duosec/status/1024989452031143936
|
|
#
¿
Aug 2, 2018 13:45
|
|
|
Features and product innovation go down. Security goes down. Support goes down. Prices go up.
|
|
#
¿
Aug 2, 2018 17:53
|
|
|
wait, so this is basically single factor auth? does the bifti device itself hold no purpose? lol
|
|
#
¿
Aug 7, 2018 18:52
|
|
|
Anyone deployed or played around with Vera for DRM? If so, thoughts? It’s one of the options we’re looking to deploy along with AIP. Vera seems more attractive without having a mature classification and labeling system in place as a functional prerequisite.
|
|
#
¿
Sep 29, 2018 04:26
|
|
|
It’s the 10 year anniversary of MS07-067. https://twitter.com/Trustwave/status/1054842313955074053
|
|
#
¿
Oct 23, 2018 23:10
|
|
|
astral posted:Don't you have to go out of your way to enable the hardware encryption on Samsung SSDs, anyway? If you/they didn't take the time to enable it, Bitlocker just uses software encryption. Yes. We have roughly 300 EVO 850s in the environment and none are vulnerable. The encryption process done during imaging (Lenovo firmware) defaults to software encryption. Pretty sure you have explicitly enable hardware encryption via Samsung Magician and then do a full re-install.
|
|
#
¿
Nov 8, 2018 21:44
|
|
|
Here is that process: https://www.itsupportguides.com/knowledge-base/tech-tips-tricks/how-to-enable-disk-encryption-on-samsung-evo-ssd-hard-drive/ What Astral said. It's a big pain in the rear end that I can't imagine too many enterprises have gone through just for a mild performance increase.
|
|
#
¿
Nov 8, 2018 22:22
|
|
|
Just use the Official CISSP Practice Tests book. It’s like $20 for 2000 questions in all domains. Track your results. If you’re getting in the 75-80% range over a large enough sample size you’ll be fine.
|
|
#
¿
Nov 21, 2018 00:42
|
|
|
lol at the CPEs too. I watched 25 sales pitch webinars and listened to 15 hours of Security Weekly on my commute this year. I get to retain my certification.
|
|
#
¿
Nov 21, 2018 22:30
|
|
|
This is a pretty great Humble Bundle for security books. https://www.humblebundle.com/books/cybersecurity-packt-books
|
|
#
¿
Nov 26, 2018 22:40
|
|
|
lol at being a shithead on Facebook with your real name. Good opsec. quote:One female member of the Facebook group who asked to remain anonymous in order to avoid retaliation told Motherboard she monitors illmob as a way to avoid hiring questionable individuals.
|
|
#
¿
Jan 24, 2019 19:15
|
|
|
Mr. Crow posted:What CVE scanner are yall running at home? I've just been using nmap --script vuln, but want to update to something more proactive; buddy recommended Qualys Community Edition? Nessus Home and OpenVAS. Nessus is obviously a bit more user friendly. You will find different vuln scanners yield different results so I find it better to use both.
|
|
#
¿
Feb 28, 2019 13:22
|
|
|
Good write-up on TPM sniffing. Or why pre-boot auth PINs are necessary with BitLocker. https://pulsesecurity.co.nz/articles/TPM-sniffing
|
|
#
¿
Mar 13, 2019 16:13
|
|
|
AES128 is stupidly strong and effectively unbreakable unless we're talking about theoretical quantum computers in the hands nation states. It should have always been the recommendation for just about every reasonable BitLocker use case.
|
|
#
¿
Apr 25, 2019 21:17
|
|
|
Pretty sure there’s some declared mental health issues and a proclamation to quit the industry in there as well. Fun times. I hope she gets the help she needs prior to getting arrested.
|
|
#
¿
May 23, 2019 21:27
|
|
|
I say "sim" and I have no idea if it's correct but I've gone too far to stop now.
|
|
#
¿
Jun 10, 2019 21:33
|
|
|
If you thought the CISSP fee was high, check out the CEH lol. $1200 for that piece of poo poo. I didn't think the exam was particularly tough although I might have barely passed and I'll never know since they dont tell you your score. I spent about a month studying 11th Hour CISSP and the Official ISC2 Practice Tests book. Just pull the trigger. It's a good/great resume signal.
|
|
#
¿
Jul 17, 2019 20:59
|
|
|
Anyone have experience with PentesterLab and how it compares to HackTheBox? I’ve had HTB VIP for the past year or so when I started OSCP and I’m looking for new service, good variety of platforms, more up to date vulns, etc. https://pentesterlab.com/pro
|
|
#
¿
Nov 28, 2019 18:16
|
|
|
siggy2021 posted:I don't have any personal experience with it, but I know I've seen it mentioned in an Infosec/oscp prep discord I'm in and it has always received positive reviews. I just bought it. Hope it doesn’t suck.
|
|
#
¿
Nov 30, 2019 23:28
|
|
|
https://twitter.com/KringleCon/status/1205491010958020608
|
|
#
¿
Dec 14, 2019 19:01
|
|
|
Now now, the CIO and some other manager level guy got 4 months home confinement and had to relinquish their profits from insider trading.
|
|
#
¿
Feb 11, 2020 17:20
|
|
|
Anyone use Rumble.run and have any thoughts? Distributed asset discovery service by HD Moore. I really only need it for a bridged wifi audit across ~50 sites. https://www.rumble.run
|
|
#
¿
Feb 19, 2020 18:04
|
|
|
Related, the 3rd edition of Security Engineering is online and free until he actually finishes it. https://www.cl.cam.ac.uk/~rja14/book.html
|
|
#
¿
Feb 20, 2020 19:21
|
|
|
Do not use 3rd party EDR either. Defender ATP owns plenty.
|
|
#
¿
Mar 10, 2020 20:04
|
|
|
They’re selling ATP ala carte now. We have an E3 enterprise and paid for it separately.
|
|
#
¿
Mar 11, 2020 00:55
|
|
|
I’m corona.bat
|
|
#
¿
Mar 13, 2020 01:46
|
|
|
Those of you who manage BitLocker within an organization, do you also prevent access to manage-bde? Curious about compensating controls.
|
|
#
¿
Mar 26, 2020 19:16
|
|
|
The Fool posted:Doesn't doing anything with manage-bde require elevation? Only 3 more years until the Intune rollout and we can get rid of MBAM.
|
|
#
¿
Mar 26, 2020 20:19
|
|
|
Zoom hired a new CISO from SalesForce. https://twitter.com/ryanaraine/status/1275866120361144320
|
|
#
¿
Jun 24, 2020 20:50
|
|
|
lol https://twitter.com/FCC/status/1278009203228098562
|
|
#
¿
Jun 30, 2020 18:15
|
|
|
https://twitter.com/yashar/status/1281634348639244288 Meh. Deleted but said that an Amazon company-wide email went out requiring TikTok be removed from any device which accesses their corporate email account. e: Other source: https://twitter.com/nytimes/status/1281639684691636224 Diva Cupcake fucked around with this message at 18:33 on Jul 10, 2020 |
|
#
¿
Jul 10, 2020 18:09
|
|
|
Most of Garmin services are coming back online. Pretty decent chance they paid the $10m or a negotiated amount. https://twitter.com/BleepinComputer/status/1287805598801768450
|
|
#
¿
Jul 27, 2020 18:46
|
|
|
Garmin paid the ransom https://twitter.com/BleepinComputer/status/1289641485873209344
|
|
#
¿
Aug 1, 2020 20:54
|
|
|
fun https://twitter.com/wdormann/status/1305564045282598912
|
|
#
¿
Sep 14, 2020 21:28
|
|
|
 https://twitter.com/briankrebs/status/1321554013226209287
|
|
#
¿
Oct 28, 2020 22:19
|
|
|
super happy for the next 3 pages of password manager chat.
|
|
#
¿
Oct 29, 2020 21:00
|
|
|
Here's a fun read. https://twitter.com/i41nbeer/status/1333885229086412801?s=20
|
|
#
¿
Dec 2, 2020 20:58
|
|
|
|
| # ¿ May 18, 2024 18:44 |
|
|
https://twitter.com/thegrugq/status/1336468185244045312
|
|
#
¿
Dec 9, 2020 01:51
|
|