Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
Mustache Ride
Sep 11, 2001



Schadenboner posted:

There's no need to use profanity, you could just say "MS Access project"*

*: I workshopped a way to make "MS Access" into the curse but couldn't quite make the line land so this is the response you guys get. Sorry.

I would have done something like "You don't need to call it lovely when it's Microsoft lovely Access project"

Adbot
ADBOT LOVES YOU

Schadenboner
Aug 15, 2011

by Shine

Mustache Ride posted:

I would have done something like "You don't need to call it lovely when it's Microsoft lovely Access project"

:hmmyes:

Internet Explorer
Jun 1, 2005





We have all sorts of infosec stuff. Everything Microsoft throws at you with O365/M365, Azure Sentinel, even Darktrace.

No one looks at it, it's no one's responsibility, and we've never met as a team to discuss an approach.

It's great. I love it.

Ynglaur
Oct 9, 2013

The Malta Conference, anyone?

Mustache Ride posted:

It's probably a lovely MS Access project.

Please don't swear itt. Just say "lovely project."

Schadenboner
Aug 15, 2011

by Shine

Ynglaur posted:

Please don't swear itt. Just say "lovely project."

See, this is what I should have gone with but I'm always worried the punchline won't land. I think I lack confidence in my jokes being sufficiently un-funny?

:sigh:

CyberPingu
Sep 15, 2013


If you're not striving to improve, you'll end up going backwards.

Internet Explorer posted:

We have all sorts of infosec stuff. Everything Microsoft throws at you with O365/M365, Azure Sentinel, even Darktrace.

No one looks at it, it's no one's responsibility, and we've never met as a team to discuss an approach.

It's great. I love it.

Darktrace is the loving snake oil of the infosec world

It's what would happen if movie producers could make infosec tools.

Cup Runneth Over
Aug 8, 2009

She said life's
Too short to worry
Life's too long to wait
It's too short
Not to love everybody
Life's too long to hate


One of my first big projects at my new job was replacing an MS Access database on the network drive

Shuu
Aug 19, 2005

Wow!

CyberPingu posted:

Darktrace is the loving snake oil of the infosec world

It's what would happen if movie producers could make infosec tools.

I literally cannot tell what Darktrace is supposed to do from their website.

Not surprising though. I just left a job (thank god) doing research and detection development for another enterprise security software company, and there was a huge push for UEBA and ML and AI all the other sexy buzzwords. No one in product leadership could describe what features they actually wanted, and any proof of concept work or references to ML projects other companies were working on were met with "yeah but not like that". Never did figure it out.

Maneki Neko
Oct 27, 2000

Shuu posted:

I literally cannot tell what Darktrace is supposed to do from their website.

Not surprising though. I just left a job (thank god) doing research and detection development for another enterprise security software company, and there was a huge push for UEBA and ML and AI all the other sexy buzzwords. No one in product leadership could describe what features they actually wanted, and any proof of concept work or references to ML projects other companies were working on were met with "yeah but not like that". Never did figure it out.

IT LOOKS loving RAD ON THE BIG SCREEN IN THE SOC IS WHAT IT DOES.

I think they also had a sufficiently flashy booth at one of the last trade shows I attended in person, but I could be mis-remembering.

Ynglaur
Oct 9, 2013

The Malta Conference, anyone?

Schadenboner posted:

See, this is what I should have gone with but I'm always worried the punchline won't land. I think I lack confidence in my jokes being sufficiently un-funny?

:sigh:

:justpost: :shobon:

Internet Explorer
Jun 1, 2005





CyberPingu posted:

Darktrace is the loving snake oil of the infosec world

It's what would happen if movie producers could make infosec tools.

It really is. I loving hate it. Of course the CIO types love it. They couldn't tell you what it does, but they love it.

CyberPingu
Sep 15, 2013


If you're not striving to improve, you'll end up going backwards.

Shuu posted:

I literally cannot tell what Darktrace is supposed to do from their website.

.

Its aggregated attack logs with a shiny UI.

My favourite Dark Trace story was being at an InfoSec conference last year where DT were doing one of the keynotes

The guy before them was this ex GCHQ and current Interpol guy who was saying how we need to drop vendors selling us all these services and get back to doing the basics right.


Then DT stood up and tried to do a sales pitch.

CyberPingu fucked around with this message at 08:11 on Jul 30, 2020

geonetix
Mar 6, 2011


Shuu posted:

I literally cannot tell what Darktrace is supposed to do from their website.

Not surprising though. I just left a job (thank god) doing research and detection development for another enterprise security software company, and there was a huge push for UEBA and ML and AI all the other sexy buzzwords. No one in product leadership could describe what features they actually wanted, and any proof of concept work or references to ML projects other companies were working on were met with "yeah but not like that". Never did figure it out.

I think Darktrace's mission is to bother you as much as possible in the most aggressive way possible, while selling you absolutely nothing. It's the true shitstain of the industry.

Combat Pretzel
Jun 23, 2004

No, seriously... what kurds?!
Anything advertising self-learning AI is bullshit.

uniball
Oct 10, 2003

i do network security for a mid sized org in a complicated outsourced fashion. all that to say i own almost all network/infosec-related systems but not darktrace, that’s CIO’s eyes only. i have been asked to narrow down the source of exactly three “incidents” that darktrace detected in the three years i’ve been here: two coinminer.js “downloads” and a helpdesk guy installing the battle.net launcher

taqueso
Mar 8, 2004


:911:
:wookie: :thermidor: :wookie:
:dehumanize:

:pirate::hf::tinfoil:

Combat Pretzel posted:

Anything advertising self-learning AI is bullshit.

adaptive control doesn't sound cool at all

Internet Explorer
Jun 1, 2005





uniball posted:

i do network security for a mid sized org in a complicated outsourced fashion. all that to say i own almost all network/infosec-related systems but not darktrace, that’s CIO’s eyes only. i have been asked to narrow down the source of exactly three “incidents” that darktrace detected in the three years i’ve been here: two coinminer.js “downloads” and a helpdesk guy installing the battle.net launcher

There are so many loving false positives that it's just an avalanche of garbage unless you put an absolute enormous amount of time into it.

CyberPingu
Sep 15, 2013


If you're not striving to improve, you'll end up going backwards.

Internet Explorer posted:

There are so many loving false positives that it's just an avalanche of garbage unless you put an absolute enormous amount of time into it.

Tbf that sounds like a lot of AV solutions too.

Computer Serf
May 14, 2005
Buglord
Any griefs with Suricata?
...in as far as the "you get what you pay for" open sores tier

trashy owl
Aug 23, 2017

Computer Serf posted:

Any griefs with Suricata?
...in as far as the "you get what you pay for" open sores tier

If you're looking for Free, you might want to look into Security Onion.

spankmeister
Jun 15, 2008






Internet Explorer posted:

There are so many loving false positives that it's just an avalanche of garbage unless you put an absolute enormous amount of time into it.

This is true for any security product tbh

Internet Explorer
Jun 1, 2005





CyberPingu posted:

Tbf that sounds like a lot of AV solutions too.

spankmeister posted:

This is true for any security product tbh

It's on a totally different level.

CyberPingu
Sep 15, 2013


If you're not striving to improve, you'll end up going backwards.

Internet Explorer posted:

It's on a totally different level.

Oh I know. DT is loving horrendous, but false positives feel like a by product of over sensitive security (or lack of a 1000hour configured safe list).

Arsenic Lupin
Apr 12, 2012

This particularly rapid💨 unintelligible 😖patter💁 isn't generally heard🧏‍♂️, and if it is🤔, it doesn't matter💁.


https://twitter.com/NMichaels013/status/1288873125627793409

BlankSystemDaemon
Mar 13, 2009



Combat Pretzel posted:

advertising is bullshit.
:hmmyes:

cr0y
Mar 24, 2005



https://twitter.com/campuscodi/status/1289280517318127617?s=19

Diva Cupcake
Aug 15, 2005

Garmin paid the ransom

https://twitter.com/BleepinComputer/status/1289641485873209344

Klyith
Aug 3, 2007

GBS Pledge Week

:lol: I didn't see that before:

quote:

A New York Times report that has yet to be confirmed by Twitter said that hackers breached employee Slack accounts and found credentials for the Twitter backend pinned inside a Slack channel.

Passwords on a post-it stuck to your monitor (2020 version): still undisputed king of security vulnerabilities

Cup Runneth Over
Aug 8, 2009

She said life's
Too short to worry
Life's too long to wait
It's too short
Not to love everybody
Life's too long to hate


Klyith posted:

:lol: I didn't see that before:


Passwords on a post-it stuck to your monitor (2020 version): still undisputed king of security vulnerabilities

what else am I supposed to put on the post-it I cover my webcam with???

some kinda jackal
Feb 25, 2003

 
 

Ah, you know, we meant to test our backups but you know we had that production freeze, and then john went on vacation, and .. well all’s well that ends well right? :D

evil_bunnY
Apr 2, 2003

Klyith posted:

Passwords on a post-it stuck to your monitor (2020 version): still undisputed king of security vulnerabilities
That's the thing, your monitor isn't a company-wide available asset. Write down your loving password if you must.

Also, state attorneys bragging about bagging teenage crackers while ransomware gangs go unchecked is very 2020

Volmarias
Dec 31, 2002

EMAIL... THE INTERNET... SEARCH ENGINES...
I know what August is going to be. I've started getting the car warranty spam phone calls again. August is going to be the Summer of Spam.

Klyith
Aug 3, 2007

GBS Pledge Week

evil_bunnY posted:

Also, state attorneys bragging about bagging teenage crackers while ransomware gangs go unchecked is very 2020

Idiot teens that discuss federal crimes on loving discord and use bitcoin addresses traceable to their identity are very very easy to catch.

International ransomware gangs, sometimes with state-sponsored involvement, are hard to catch and near-impossible to extradite.

CommieGIR
Aug 22, 2006

The blue glow is a feature, not a bug


Pillbug

Martytoof posted:

Ah, you know, we meant to test our backups but you know we had that production freeze, and then john went on vacation, and .. well all’s well that ends well right? :D

Pretty much what I expected

CyberPingu
Sep 15, 2013


If you're not striving to improve, you'll end up going backwards.

evil_bunnY posted:

That's the thing, your monitor isn't a company-wide available asset. Write down your loving password if you must.

Also, state attorneys bragging about bagging teenage crackers while ransomware gangs go unchecked is very 2020

While everyone is working from home. Writing down a password on a post it note isn't the worst tbh, as long as its out of webcam view


But yeah, teenage crackers are low hanging fruit that boosts their "got em" numbers. Which makes them look better. Getting the high end organised guys takes time and money, and doesn't produce instant results

evil_bunnY
Apr 2, 2003

Klyith posted:

Idiot teens that discuss federal crimes on loving discord and use bitcoin addresses traceable to their identity are very very easy to catch.
And when you read their press releases they make it sound like it was a collaborative work of genius to bring them in. ACAB.

Klyith
Aug 3, 2007

GBS Pledge Week

If I was on the jury I'd say not guilty to wire fraud, on the grounds that bitcoins have no value.

Harry Potter on Ice
Nov 4, 2006


IF IM NOT BITCHING ABOUT HOW SHITTY MY LIFE IS, REPORT ME FOR MY ACCOUNT HAS BEEN HIJACKED

Klyith posted:

If I was on the jury I'd say not guilty to wire fraud, on the grounds that bitcoins have no value.

Interesting version of jury nullification :laugh:

PBS
Sep 21, 2015
Anyone else having trouble with users getting cert validity too long errors from their browser? I can't figure out why some users are getting it and some aren't.

As far as I've been able to tell from research,

  • This shouldn't impact private trust, just public.
  • This shouldn't impact certificates issued before September 20th 2020 (which we haven't reached yet)

So what gives? Why are only some users (on the same chrome & safari versions, accessing the same sites, receiving the same certificates, on managed endpoints) seeing the errors?

Adbot
ADBOT LOVES YOU

Jabor
Jul 16, 2010

#1 Loser at SpaceChem
Validity being too long absolutely affects certs issued before September. The thing happening in September is that the maximum validity period is getting shorter.

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply