|
is there functionality that defender atp has that crowdstrike doesnt? only thing i can see would be ecosystem integration and maybe a reduced operations load with the monthly crowdstrike agent release cycles.
|
# ? Feb 7, 2020 15:23 |
|
|
# ? Apr 28, 2024 12:29 |
|
The compelling things I see on ATP are that it will leverage the SCCM infrastructure we already have for reporting, updates, and management which means I can offload most of the work to our OPs people no questions asked, and the local client does malware analysis on a restricted context instead of giving the thing system perms and hoping the sandbox holds. I don't think there is any other player in the market that can say the latter and that gives them a considerably larger attack surface from the product itself.
|
# ? Feb 7, 2020 15:38 |
|
Captain Foo posted:Just had a conversation about how all av blows remember, it's not protection, it's for corporate liability insurance
|
# ? Feb 7, 2020 17:12 |
|
lol updating your tax contact info in Denmark within the last 5 years has apparently generated a url containing your ss# that ended up with both google and adobe
|
# ? Feb 7, 2020 17:50 |
|
graph posted:remember, it's not protection, it's for corporate liability insurance oh I know
|
# ? Feb 7, 2020 17:51 |
|
Krankenstyle posted:lol updating your tax contact info in Denmark within the last 5 years has apparently generated a url containing your ss# that ended up with both google and adobe
|
# ? Feb 7, 2020 17:51 |
|
Krankenstyle posted:lol updating your tax contact info in Denmark within the last 5 years has apparently generated a url containing your ss# that ended up with both google and adobe lol
|
# ? Feb 7, 2020 17:54 |
|
Krankenstyle posted:lol updating your tax contact info in Denmark within the last 5 years has apparently generated a url containing your ss# that ended up with both google and adobe holy
|
# ? Feb 7, 2020 17:57 |
|
Krankenstyle posted:lol updating your tax contact info in Denmark within the last 5 years has apparently generated a url containing your ss# that ended up with both google and adobe danish ss# are not the insanely secret PII thing that it is in the US, right? right?!
|
# ? Feb 7, 2020 18:02 |
|
Krankenstyle posted:lol updating your tax contact info in Denmark within the last 5 years has apparently generated a url containing your ss# that ended up with both google and adobe Lol. Not defending the secfuc, but if it's only the SSN that was revealed though and they did it in a large enough batch wouldn't this essentially just be like that list of every 9 digit number that someone posted to Twitter and got banned over? Or in Denmark do they not ask for anything else but ssn for anything?
|
# ? Feb 7, 2020 18:03 |
|
BangersInMyKnickers posted:the local client does malware analysis on a restricted context instead of giving the thing system perms and hoping the sandbox holds. I don't think there is any other player in the market that can say the latter and that gives them a considerably larger attack surface from the product itself. it also looks like atp tamper protection is only available if ops is managing via intune and not sccm, which is still 1-2 years out on our side. they also dont have a clear roadmap on linux support without using 3rd party partners. on the plus side it looks like it can incorporate AIP labeling into it's behavioral analysis.
|
# ? Feb 7, 2020 18:04 |
|
El Mero Mero posted:Lol. seems they were loaded piecemeal when citizens were on the tax website? also hard to tell what info they got along with it. CPR-nums are basically ddmmyy-cccc where c is a checksum (and if even = female & odd = male, so we have legal sex change separate from physical), so yeah they arent very useful by themselves. youd need a name and probably current address too if you wanted to do some identity theft Carthag Tuek fucked around with this message at 18:13 on Feb 7, 2020 |
# ? Feb 7, 2020 18:08 |
|
doesnt matter though, another contracter accidentally dropped off a dvd of CPR-indexed health data for basically all danes at the chinese embassy a couple years ago lol e: they estimate this url fuckup to have affected 1.2 million Carthag Tuek fucked around with this message at 18:14 on Feb 7, 2020 |
# ? Feb 7, 2020 18:11 |
|
BangersInMyKnickers posted:you want to search through SEP logs? then you're going to have in ingest this loving mess oh my god i had to deal with SEP being ingested into Arcsight years ago and i almost killed myself. Directional confusion with the logs caused all kinds of goddamn problems. to their credit Arcsight documented it well enough that I could explain the problem, but the security rules kept getting it wrong and gently caress both companies. I’m so much happier with carbon black and splunk.
|
# ? Feb 7, 2020 18:13 |
|
Krankenstyle posted:doesnt matter though, another contracter accidentally dropped off a dvd of CPR-indexed health data for basically all danes at the chinese embassy a couple years ago lol like just for fun?
|
# ? Feb 7, 2020 18:49 |
graph posted:remember, it's not protection, it's for corporate liability insurance Krankenstyle posted:lol updating your tax contact info in Denmark within the last 5 years has apparently generated a url containing your ss# that ended up with both google and adobe Penisface posted:danish ss# are not the insanely secret PII thing that it is in the US, right? right?! Krankenstyle posted:seems they were loaded piecemeal when citizens were on the tax website? also hard to tell what info they got along with it. Krankenstyle posted:doesnt matter though, another contracter accidentally dropped off a dvd of CPR-indexed health data for basically all danes at the chinese embassy a couple years ago lol Shame Boy posted:like just for fun? The DVD very likely includes my data, since just a few months prior I'd finished therapy for cancer, which was one of the medical things specifically mentioned as being on the DVDs.
|
|
# ? Feb 7, 2020 19:17 |
|
yeah ebdrup's got it. such a mess lol iirc it was some kind of massive longitudinal(?) study so it was literally everyone except maybe idk newborns or recently deceased...? i remember a 5 million figure and we were definitely 6+ million at the time
|
# ? Feb 7, 2020 19:31 |
The best part, honestly, is the Chinese embassy employee basically just said "no I didn't open it" and that was that, while the person who delivered the package had stopped working at PostDK/PostNord by the time it was discovered, and could apparently not be reached. Meanwhile, 91 politicians got their CPR numbers leaked a few years before, and iirc two people got prison time for that after an almost two-year intensive search by the police. BlankSystemDaemon fucked around with this message at 19:44 on Feb 7, 2020 |
|
# ? Feb 7, 2020 19:41 |
|
yea, you know its a pretty big deal if you get prison time in denmark. thats at least, violent crime with physical consequences or something?
|
# ? Feb 7, 2020 20:14 |
|
D. Ebdrup posted:Nah, they're only used used for just about every kind of public and private authorization of anything via phone, up to and including taking out loans from the predatory lending schemes that politicians are finally talking about blocking, only some decade after they started. lomarf anyway, come to e-stonia, we will give your folks an e-residency new life in the off-world colonies
|
# ? Feb 7, 2020 20:17 |
|
i should say i dont think you can take a loan out with a CPR & a nice voice/lovely signature anymore unless you also have the personal password and a OTP (physical or phone) the danish supreme court had a recent ruling that some guys were liable for the money because they "gave" the OTPs to their dealers, but the crux of it was that they didnt report them stolen until a week after. the result would be identical with a credit or debit card. personally i could see myself reporting my poo poo stolen too late, and there should be protection for that, but its not an inherent property of the system. Carthag Tuek fucked around with this message at 20:30 on Feb 7, 2020 |
# ? Feb 7, 2020 20:28 |
|
https://community.freepbx.org/t/advanced-notice-to-the-community-regarding-clearly-ip-modules/64510 sangoma bought digium, and digium won the board room war, kicked out the sangoma coo, who got mad and made his own IP telephony company with blackjack and hookers. And since sangoma runs freepbx, the dude had the freepbx signing key sitting around in his home office
|
# ? Feb 8, 2020 01:58 |
|
D. Ebdrup posted:The best part, honestly, is the Chinese embassy employee basically just said "no I didn't open it" and that was that burn after reading
|
# ? Feb 8, 2020 02:00 |
|
Anyone using endgame on hosts?
|
# ? Feb 8, 2020 02:10 |
|
Cocoa Crispies posted:burn after reading if you "didnt" read it who cares who burns it
|
# ? Feb 8, 2020 02:14 |
|
Methanar posted:https://community.freepbx.org/t/advanced-notice-to-the-community-regarding-clearly-ip-modules/64510 Left out the cool part where they posted their notice of scheduling Clearly’s key revocation at 3PM PST on a friday, with the revocation scheduled for monday. Also both Clearly and Sangoma are exhibiting at IT Expo next week.
|
# ? Feb 8, 2020 03:01 |
|
https://twitter.com/gcluley/status/1225931427151273984
|
# ? Feb 8, 2020 04:54 |
|
so khoros is a thing that lets you do stuff like have customer service reps handling tweets. i would not be surprised in the least if the reps facebook hired to manage their twitter account are outsourced and have poor credential controls.
|
# ? Feb 8, 2020 04:59 |
|
https://krebsonsecurity.com/2020/02/dangerous-domain-corp-com-goes-up-for-sale/ "Some he sold over the years, but for the past 26 years O’Connor refused to auction perhaps the most sensitive domain in his stable — corp.com. It is sensitive because years of testing shows whoever wields it would have access to an unending stream of passwords, email and other proprietary data belonging to hundreds of thousands of systems at major companies around the globe."
|
# ? Feb 8, 2020 21:21 |
|
yeah but it's 2020 what about beyondcorp.com?
|
# ? Feb 8, 2020 21:48 |
|
he who controls Corp.com controls the world
|
# ? Feb 8, 2020 21:51 |
|
https://twitter.com/carfucar/status/1226258265014767619?s=19
|
# ? Feb 9, 2020 00:16 |
|
Hollow Talk posted:https://krebsonsecurity.com/2020/02/dangerous-domain-corp-com-goes-up-for-sale/ quote:O’Connor said he hopes Microsoft Corp. will buy it, but fears they won’t and instead it will get snatched up by someone working with organized cybercriminals or state-funded hacking groups bent on undermining the interests of Western corporations. absolutely nothing i can do about this, just gotta sell it to the first person who shoves money in my hands, sure would be a shame if that wound up being a criminal, oh well!! e: quote:That experience, portions of which are still indexed by the indispensable Internet Archive, saw O’Connor briefly redirecting queries for the domain to the Web site of a local adult sex toy shop as a joke. He soon got angry emails from confused people who’d also CC’d Microsoft co-founder Bill Gates. oh man i remember when people thought emailing bill gates did anything Shame Boy fucked around with this message at 00:33 on Feb 9, 2020 |
# ? Feb 9, 2020 00:26 |
|
that poo poo succcccks
|
# ? Feb 9, 2020 03:00 |
|
Ladies and gentlemen the lowest bidder
|
# ? Feb 9, 2020 15:47 |
|
the Russians used a key
|
# ? Feb 9, 2020 22:03 |
|
https://twitter.com/avischarf/status/1226578004052234240 Read on to discover the heavy-duty security
|
# ? Feb 9, 2020 22:48 |
|
mickens_mossad.txt
|
# ? Feb 9, 2020 23:27 |
|
NoneMoreNegative posted:https://twitter.com/avischarf/status/1226578004052234240
|
# ? Feb 10, 2020 07:14 |
|
|
# ? Apr 28, 2024 12:29 |
|
lol trend micro labs just raked SEP's rear end over the coals https://support.symantec.com/us/en/article.SYMSA1505.html Acknowledgements CVE-2020-5820: Z0mb1E working with Trend Micro Zero Day Initiative CVE-2020-5821: Z0mb1E CVE-2020-5822: Z0mb1E working with Trend Micro Zero Day Initiative CVE-2020-5823: Z0mb1E working with Trend Micro Zero Day Initiative CVE-2020-5824: Z0mb1E working with Trend Micro Zero Day Initiative CVE-2020-5825: Z0mb1E working with Trend Micro Zero Day Initiative CVE-2020-5826: Z0mb1E working with Trend Micro Zero Day Initiative CVE-2020-5827: Z0mb1E working with Trend Micro Zero Day Initiative CVE-2020-5828: KPC of Trend Micro Zero Day Initiative CVE-2020-5829: KPC of Trend Micro Zero Day Initiative CVE-2020-5830: KPC of Trend Micro Zero Day Initiative CVE-2020-5831: KPC of Trend Micro Zero Day Initiative
|
# ? Feb 10, 2020 15:38 |