|
when is there going to be a patch that alerts people to horrifically hosed up AD setups
|
# ¿ Jun 28, 2017 04:47 |
|
|
# ¿ May 6, 2024 14:59 |
|
don't make users rotate passwords? what? ever? sounds dumb, more chance they'll have the same password as a public breach. at least they'd need to use PasswordJuly17 if they had to rotate
|
# ¿ Jun 30, 2017 03:48 |
|
Trabandiumium posted:information warfare does sound like debate club tbh info... wars? ah poo poo yeah I think that's taken
|
# ¿ Jul 4, 2017 04:47 |
|
downloaded the sample off VT, definitely nothing 0day. maybe the binary it downloads and runs was cool? more likely that pentesters aren't using 0day
|
# ¿ Jul 7, 2017 07:23 |
|
Phone posted:I won't tell anyone that you lived in orlando speaking of horrible places... If any of you are going to defcon and want a cool hardware badge cheaper than the other parties grab this https://sunshinectf.org/floridaman/ the guy making them is legit, if you don't want it mailed he'd be fine giving it to you irl at dc
|
# ¿ Jul 7, 2017 18:37 |
|
so say someone recently got a job doing internal code security auditing. they're reviewing one feature, and their "Senior" coworker is meant to be reviewing another feature. they're adjacent on the org chart. co-worker's output only seems to be "design flaws." the coworker has even taken a brief look at the feature they aren't tasked with and spotted what they think is a big design flaw and worthy of meetings etc etc. of course it's framed like the coworker was just being helpful with getting the person up to speed on how things go during reviews. new person thinks the design flaw isn't really a big deal because it doesn't affect confidentiality integrity or availability, it only disables the non-critical feature temporarily. new person suspects a lot of memory corruption bugs in several areas of their feature. confirming would require debugging, and simple fuzzing due to the complexity of the code being too great to be certain from code review alone. memory corruption in this situation would allow RCE. coworker likes to repeatedly say how code review is enough and debugging/fuzzing would take too much time. however, other than design flaws they're never filing anything more than very simple+obvious memory corruption bugs. is coworker a useless charlatan or just skirting along doing the bare minimum? are they trying to drag the new person down to their level? how can you even CYA with them trying to inject themselves into your project like that. he really wants the new person to spend time trying to fix the design related to his bug instead of find bugs that actually matter. his poo poo would take 2wks out of the 3wks allotted. I'm probably unreasonably angry about this, I guess using the new person to make you look good is common. job security fuckup
|
# ¿ Jul 18, 2017 09:24 |
|
anthonypants posted:microsoft will officially block emet in the fall windows 10 update https://support.microsoft.com/en-us/help/4034825/features-that-are-removed-or-deprecated-in-windows-10-fall-creators-up it's only deprecated in that patch because WD exploit guard reaches feature parity then, probably. this is emet baked in by default which is a Good Thing
|
# ¿ Jul 23, 2017 23:50 |
|
he probably did some weev poo poo, b4 he was popular the guy was pretty skiddy
|
# ¿ Aug 3, 2017 18:26 |
|
Cocoa Crispies posted:idk why this suddenly became news again yesterday but I wouldn't have signed off on something called "meatpistol" either even if it is an anagram of "metasploit" I'm glad security doesn't have a gender problem like the rest of tech and their ten page manifestos hurry up boys let's think of a way to anagram something into a dick joke for our next tool
|
# ¿ Aug 10, 2017 07:41 |
|
so we all know kaspersky is the best AV, but now they've really cemented the title. new official marketing (USER WAS PUT ON PROBATION FOR THIS POST)
|
# ¿ Aug 14, 2017 04:11 |
|
BangersInMyKnickers posted:Is anyone using MS ATP? I am so sick of Symatec's garbage console and security practices, I can't wait to force them to bid. I ran a PESecurity scan on their SEP14 stack and its an inconsistent shitshow. 14 even includes a feature that forces applications to opt in to SEHOP but a ton of their own binaries and libraries opt out of it. yep, SEP is rear end garbage. WD ATP is really good but you've got to be all windows 10 to get any real benefit from it. previous companies I've seen using SEP were very far from getting win10 rolled out... (if your co is competent enough to enforce win10 company wide it's probably competent enough to use MS ATA as well which is really great combined with WD ATP)
|
# ¿ Aug 22, 2017 21:51 |
|
BangersInMyKnickers posted:We don't have that kind of authority to get everyone up to 10 unfortunately, got another 3 years of Win7 clients hanging around before everyone takes the plunge. Not to mention almost zero 2016 adoption at this point. How much functionality is lost on Win7/8 and their server counterparts? We're still on SEP12 with the 14 rollout in progress so we don't even have heuristics at this point; the bar is pretty loving low over here. It doesn't support versions prior to win10, win10 introduces all the telemetry it uses. which sucks, yep.
|
# ¿ Aug 22, 2017 23:38 |
|
BangersInMyKnickers posted:The MS docs say that it isn't built in but there is a client you can install for prior versions (along with OSX and linux). I don't know what to believe any more. endpoint protection does, but you don't get a bunch of the useful details you would into ATP they do free trials btw, you should test it out in your org and see if it's worth it
|
# ¿ Aug 23, 2017 05:22 |
|
oscp takes like 8hrs max if you are familiar with msf(like not googling poo poo constantly) and already wrote your report template
|
# ¿ Aug 29, 2017 18:43 |
|
a bunch of people are legitimately just posting screenshots of them exploiting the vulnerability on companies maybe the feds should stop them
|
# ¿ Sep 15, 2017 06:11 |
|
https://twitter.com/esetglobal/status/919974497926766593 https://www.blog.google/products/chrome/cleaner-safer-web-chrome-cleanup/ uhhh? tavis?
|
# ¿ Oct 16, 2017 23:32 |
|
https://twitter.com/zerosum0x0/status/925486850399019009 how many fuckups can you spot * probably just hashing the file as a signature * flagging a legitimate driver as malware just because malware is using it to get kernel code exec * these AV companies should probably flag eachothers drivers, as there's infinite admin->kernel bugs in those too
|
# ¿ Oct 31, 2017 23:41 |
|
yeah literally no private info or security implication insecurity fuckup
|
# ¿ Nov 14, 2017 05:43 |
|
there's a new password manager i saw some sec people talking abouit https://www.remembear.com/ can someone evaluate it for fuckups pls it sounds too good (also the bear art on the main page is a little weird)
|
# ¿ Nov 28, 2017 19:26 |
|
|
# ¿ May 6, 2024 14:59 |
|
Suspicious Dish posted:oh hey uber sucks https://medium.com/bread-and-circuses/how-i-got-paid-0-from-the-uber-security-bug-bounty-aa9646aa103f to be fair, his first submissions are garbage begbounty style poo poo and probably set the tone for how the engineer would read his future reports
|
# ¿ Dec 24, 2017 20:38 |