Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
The Something Awful Forums > Discussion > Serious Hardware/Software Crap > YOSPOS > Security Fuckup Megathread - v16.2 - /home/land/security/theatre
 
  • Locked thread
SeaborneClink
Aug 27, 2010

MAWP... MAWP!
:allears: itt shaggar discovers Canadian telcos :allears:

* # ¿ May 7, 2018 21:01
  • Quote
Adbot
ADBOT LOVES YOU

# ¿ May 2, 2024 03:00
  • Quote
SeaborneClink
Aug 27, 2010

MAWP... MAWP!
Submit this form to discover the one weird DNS hijack trick Postmasters hate!

SeaborneClink fucked around with this message at 06:18 on May 11, 2018

* # ¿ May 11, 2018 06:15
  • Quote
SeaborneClink
Aug 27, 2010

MAWP... MAWP!

pctD posted:

lol supermicro

https://peterkleissner.com/2018/05/27/reverse-engineering-supermicro-ipmi/

Owns FantasticallyLarge

* # ¿ Jun 2, 2018 00:52
  • Quote
SeaborneClink
Aug 27, 2010

MAWP... MAWP!
I'm the radio buttons for the acceptance of both T&C

* # ¿ Jun 11, 2018 16:55
  • Quote
SeaborneClink
Aug 27, 2010

MAWP... MAWP!

Jabor posted:

has there been any stuff that "exfils" data to a location that they are totally unaffiliated with, then picks it up via a passive mitm to try and dodge attribution?
Target

* # ¿ Jul 7, 2018 03:58
  • Quote
SeaborneClink
Aug 27, 2010

MAWP... MAWP!
https://twitter.com/SandboxEscaper/status/1035482250828283905

Here's a thought... Maybe don't.

* # ¿ Aug 31, 2018 14:30
  • Quote
SeaborneClink
Aug 27, 2010

MAWP... MAWP!
my_crimes.twt

* # ¿ Aug 31, 2018 15:11
  • Quote
SeaborneClink
Aug 27, 2010

MAWP... MAWP!

sadus posted:

Has anyone actually worked under a CSO who actually did anything besides writing press releases / get quoted in articles and occasionally attend conferences? Maybe I've just had bad luck but that seems to be their main job description.

no, n/a, n/a, n/a

Had one that believed in whitelisting ip address ranges for incoming traffic when ACCEPT 0.0.0.0/0, ALLOW 0.0.0.0/0 is a core feature the product. Strangely enough also seems to think running a WAF in log only mode and shipping the logs to a server that hadn't been online in probably 3+ years was GOOD SECURITY.

Probably still makes 10x what I make. How are these people still trusted to breathe?

Edit: Try suggesting we drop malformed request traffic say.. lacking a host header in a HTTP request (per RFC spec an invalid request) NO WE CAN'T DO THAT WE MIGHT BE LOSING LEGITIMATE TRAFFIC. :fuckoff:

SeaborneClink fucked around with this message at 06:23 on Oct 3, 2018

* # ¿ Oct 3, 2018 06:18
  • Quote
SeaborneClink
Aug 27, 2010

MAWP... MAWP!
https://twitter.com/NECN/status/1068475136834191360

A sufficient fuckup

https://krebsonsecurity.com/2018/11/marriott-data-on-500-million-guests-stolen-in-4-year-breach/

SeaborneClink fucked around with this message at 17:14 on Nov 30, 2018

* # ¿ Nov 30, 2018 17:09
  • Quote
SeaborneClink
Aug 27, 2010

MAWP... MAWP!

Volmarias posted:

It's your fault for using twitch
* # ¿ Dec 24, 2018 22:52
  • Quote
Adbot
ADBOT LOVES YOU

# ¿ May 2, 2024 03:00
  • Quote
SeaborneClink
Aug 27, 2010

MAWP... MAWP!
Turn off you're twitch

* # ¿ Dec 24, 2018 23:03
  • Quote
  • Locked thread
The Something Awful Forums > Discussion > Serious Hardware/Software Crap > YOSPOS > Security Fuckup Megathread - v16.2 - /home/land/security/theatre