Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us $3,400 per month for bandwidth bills alone, and since we don't believe in shoving popup ads to our registered users, we try to make the money back through forum registrations.
«268 »
  • Post
  • Reply
Mustache Ride
Sep 11, 2001



Pillbug

Schadenboner posted:

There's no need to use profanity, you could just say "MS Access project"*

*: I workshopped a way to make "MS Access" into the curse but couldn't quite make the line land so this is the response you guys get. Sorry.

I would have done something like "You don't need to call it lovely when it's Microsoft lovely Access project"

Adbot
ADBOT LOVES YOU

Schadenboner
Aug 15, 2011

I MEAN, TURN OFF YOURE MONITOR, MIGTH EXPLAIN YOUR BAD POSTS, HOPE THIS HELPS?!

Mustache Ride posted:

I would have done something like "You don't need to call it lovely when it's Microsoft lovely Access project"

Internet Explorer
Jun 1, 2005





Oven Wrangler

We have all sorts of infosec stuff. Everything Microsoft throws at you with O365/M365, Azure Sentinel, even Darktrace.

No one looks at it, it's no one's responsibility, and we've never met as a team to discuss an approach.

It's great. I love it.

Ynglaur
Oct 9, 2013



Mustache Ride posted:

It's probably a lovely MS Access project.

Please don't swear itt. Just say "lovely project."

Schadenboner
Aug 15, 2011

I MEAN, TURN OFF YOURE MONITOR, MIGTH EXPLAIN YOUR BAD POSTS, HOPE THIS HELPS?!

Ynglaur posted:

Please don't swear itt. Just say "lovely project."

See, this is what I should have gone with but I'm always worried the punchline won't land. I think I lack confidence in my jokes being sufficiently un-funny?

CyberPingu
Sep 15, 2013

Ready To Ruck!





Internet Explorer posted:

We have all sorts of infosec stuff. Everything Microsoft throws at you with O365/M365, Azure Sentinel, even Darktrace.

No one looks at it, it's no one's responsibility, and we've never met as a team to discuss an approach.

It's great. I love it.

Darktrace is the loving snake oil of the infosec world

It's what would happen if movie producers could make infosec tools.

Cup Runneth Over
Aug 8, 2009

She said life's
too short to worry
She said life's
too long to wait
It's too short not
to love everybody
Life's too long to hate





One of my first big projects at my new job was replacing an MS Access database on the network drive

Shuu
Aug 18, 2005

Wow!

CyberPingu posted:

Darktrace is the loving snake oil of the infosec world

It's what would happen if movie producers could make infosec tools.

I literally cannot tell what Darktrace is supposed to do from their website.

Not surprising though. I just left a job (thank god) doing research and detection development for another enterprise security software company, and there was a huge push for UEBA and ML and AI all the other sexy buzzwords. No one in product leadership could describe what features they actually wanted, and any proof of concept work or references to ML projects other companies were working on were met with "yeah but not like that". Never did figure it out.

Maneki Neko
Oct 27, 2000



Shuu posted:

I literally cannot tell what Darktrace is supposed to do from their website.

Not surprising though. I just left a job (thank god) doing research and detection development for another enterprise security software company, and there was a huge push for UEBA and ML and AI all the other sexy buzzwords. No one in product leadership could describe what features they actually wanted, and any proof of concept work or references to ML projects other companies were working on were met with "yeah but not like that". Never did figure it out.

IT LOOKS loving RAD ON THE BIG SCREEN IN THE SOC IS WHAT IT DOES.

I think they also had a sufficiently flashy booth at one of the last trade shows I attended in person, but I could be mis-remembering.

Ynglaur
Oct 9, 2013



Schadenboner posted:

See, this is what I should have gone with but I'm always worried the punchline won't land. I think I lack confidence in my jokes being sufficiently un-funny?



Internet Explorer
Jun 1, 2005





Oven Wrangler

CyberPingu posted:

Darktrace is the loving snake oil of the infosec world

It's what would happen if movie producers could make infosec tools.

It really is. I loving hate it. Of course the CIO types love it. They couldn't tell you what it does, but they love it.

CyberPingu
Sep 15, 2013

Ready To Ruck!





Shuu posted:

I literally cannot tell what Darktrace is supposed to do from their website.

.

Its aggregated attack logs with a shiny UI.

My favourite Dark Trace story was being at an InfoSec conference last year where DT were doing one of the keynotes

The guy before them was this ex GCHQ and current Interpol guy who was saying how we need to drop vendors selling us all these services and get back to doing the basics right.


Then DT stood up and tried to do a sales pitch.

CyberPingu fucked around with this message at 07:11 on Jul 30, 2020

geonetix
Mar 6, 2011




Shuu posted:

I literally cannot tell what Darktrace is supposed to do from their website.

Not surprising though. I just left a job (thank god) doing research and detection development for another enterprise security software company, and there was a huge push for UEBA and ML and AI all the other sexy buzzwords. No one in product leadership could describe what features they actually wanted, and any proof of concept work or references to ML projects other companies were working on were met with "yeah but not like that". Never did figure it out.

I think Darktrace's mission is to bother you as much as possible in the most aggressive way possible, while selling you absolutely nothing. It's the true shitstain of the industry.

Combat Pretzel
Jun 23, 2004

No, seriously... what kurds?!

Anything advertising self-learning AI is bullshit.

uniball
Oct 10, 2003



i do network security for a mid sized org in a complicated outsourced fashion. all that to say i own almost all network/infosec-related systems but not darktrace, that’s CIO’s eyes only. i have been asked to narrow down the source of exactly three “incidents” that darktrace detected in the three years i’ve been here: two coinminer.js “downloads” and a helpdesk guy installing the battle.net launcher

taqueso
Mar 8, 2004









Fun Shoe

Combat Pretzel posted:

Anything advertising self-learning AI is bullshit.

adaptive control doesn't sound cool at all

Internet Explorer
Jun 1, 2005





Oven Wrangler

uniball posted:

i do network security for a mid sized org in a complicated outsourced fashion. all that to say i own almost all network/infosec-related systems but not darktrace, that’s CIO’s eyes only. i have been asked to narrow down the source of exactly three “incidents” that darktrace detected in the three years i’ve been here: two coinminer.js “downloads” and a helpdesk guy installing the battle.net launcher

There are so many loving false positives that it's just an avalanche of garbage unless you put an absolute enormous amount of time into it.

CyberPingu
Sep 15, 2013

Ready To Ruck!





Internet Explorer posted:

There are so many loving false positives that it's just an avalanche of garbage unless you put an absolute enormous amount of time into it.

Tbf that sounds like a lot of AV solutions too.

Computer Serf
May 14, 2005


Buglord

Any griefs with Suricata?
...in as far as the "you get what you pay for" open sores tier

trashy owl
Aug 23, 2017



Computer Serf posted:

Any griefs with Suricata?
...in as far as the "you get what you pay for" open sores tier

If you're looking for Free, you might want to look into Security Onion.

spankmeister
Jun 15, 2008








Slippery Tilde

Internet Explorer posted:

There are so many loving false positives that it's just an avalanche of garbage unless you put an absolute enormous amount of time into it.

This is true for any security product tbh

Internet Explorer
Jun 1, 2005





Oven Wrangler

CyberPingu posted:

Tbf that sounds like a lot of AV solutions too.

spankmeister posted:

This is true for any security product tbh

It's on a totally different level.

CyberPingu
Sep 15, 2013

Ready To Ruck!





Internet Explorer posted:

It's on a totally different level.

Oh I know. DT is loving horrendous, but false positives feel like a by product of over sensitive security (or lack of a 1000hour configured safe list).

Arsenic Lupin
Apr 11, 2012

This particularly rapid unintelligible patter isn't generally heard, and if it is, it doesn't matter.





https://twitter.com/NMichaels013/st...873125627793409

D. Ebdrup
Mar 13, 2009



Combat Pretzel posted:

advertising is bullshit.

cr0y
Mar 24, 2005

IRONKNUCKLE PERMBANNED! READ HERE


https://twitter.com/campuscodi/stat...7318127617?s=19

Diva Cupcake
Aug 15, 2005



Garmin paid the ransom

https://twitter.com/BleepinComputer...641485873209344

Klyith
Aug 3, 2007

GBS Pledge Week



I didn't see that before:

quote:

A New York Times report that has yet to be confirmed by Twitter said that hackers breached employee Slack accounts and found credentials for the Twitter backend pinned inside a Slack channel.

Passwords on a post-it stuck to your monitor (2020 version): still undisputed king of security vulnerabilities

Cup Runneth Over
Aug 8, 2009

She said life's
too short to worry
She said life's
too long to wait
It's too short not
to love everybody
Life's too long to hate





Klyith posted:

I didn't see that before:


Passwords on a post-it stuck to your monitor (2020 version): still undisputed king of security vulnerabilities

what else am I supposed to put on the post-it I cover my webcam with???

Martytoof
Feb 25, 2003

 
 



Ah, you know, we meant to test our backups but you know we had that production freeze, and then john went on vacation, and .. well all’s well that ends well right?

evil_bunnY
Apr 2, 2003



Klyith posted:

Passwords on a post-it stuck to your monitor (2020 version): still undisputed king of security vulnerabilities
That's the thing, your monitor isn't a company-wide available asset. Write down your loving password if you must.

Also, state attorneys bragging about bagging teenage crackers while ransomware gangs go unchecked is very 2020

Volmarias
Dec 31, 2002


I know what August is going to be. I've started getting the car warranty spam phone calls again. August is going to be the Summer of Spam.

Klyith
Aug 3, 2007

GBS Pledge Week


evil_bunnY posted:

Also, state attorneys bragging about bagging teenage crackers while ransomware gangs go unchecked is very 2020

Idiot teens that discuss federal crimes on loving discord and use bitcoin addresses traceable to their identity are very very easy to catch.

International ransomware gangs, sometimes with state-sponsored involvement, are hard to catch and near-impossible to extradite.

CommieGIR
Aug 22, 2006

If Godzilla can do it, you know I can deliver!

Pillbug

Martytoof posted:

Ah, you know, we meant to test our backups but you know we had that production freeze, and then john went on vacation, and .. well all’s well that ends well right?

Pretty much what I expected

CyberPingu
Sep 15, 2013

Ready To Ruck!





evil_bunnY posted:

That's the thing, your monitor isn't a company-wide available asset. Write down your loving password if you must.

Also, state attorneys bragging about bagging teenage crackers while ransomware gangs go unchecked is very 2020

While everyone is working from home. Writing down a password on a post it note isn't the worst tbh, as long as its out of webcam view


But yeah, teenage crackers are low hanging fruit that boosts their "got em" numbers. Which makes them look better. Getting the high end organised guys takes time and money, and doesn't produce instant results

evil_bunnY
Apr 2, 2003



Klyith posted:

Idiot teens that discuss federal crimes on loving discord and use bitcoin addresses traceable to their identity are very very easy to catch.
And when you read their press releases they make it sound like it was a collaborative work of genius to bring them in. ACAB.

Klyith
Aug 3, 2007

GBS Pledge Week



If I was on the jury I'd say not guilty to wire fraud, on the grounds that bitcoins have no value.

Harry Potter on Ice
Nov 4, 2006
Someone on the internet doesn't like me





Klyith posted:

If I was on the jury I'd say not guilty to wire fraud, on the grounds that bitcoins have no value.

Interesting version of jury nullification

PBS
Sep 21, 2015


Anyone else having trouble with users getting cert validity too long errors from their browser? I can't figure out why some users are getting it and some aren't.

As far as I've been able to tell from research,

  • This shouldn't impact private trust, just public.
  • This shouldn't impact certificates issued before September 20th 2020 (which we haven't reached yet)

So what gives? Why are only some users (on the same chrome & safari versions, accessing the same sites, receiving the same certificates, on managed endpoints) seeing the errors?

Adbot
ADBOT LOVES YOU

Jabor
Jul 16, 2010

#1 Loser at SpaceChem

Validity being too long absolutely affects certs issued before September. The thing happening in September is that the maximum validity period is getting shorter.

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply
«268 »