|
Soricidus posted:it’s security-related software so almost certainly everything Not gonna lie. I feel this in my bones
|
#
¿
Jun 1, 2019 13:45
|
|
|
|
| # ¿ Mar 25, 2023 05:20 |
|
|
Diva Cupcake posted:The ippsec videos for HackTheBox are still up but he’s been pushing people to his patreon to download the raw files. worth the $10 imo. Didnt even know he had one somehow. Ill have to check it out his stuff is enjoyable
|
|
#
¿
Jul 8, 2019 22:29
|
|
|
geonetix posted:I ran a snyk test on our companies repo once. panicked, closed the terminal, and went to find another job. HAHAHA HAHAHAHAHAHA HAHAHA *begins to have nam like flashback about container security* Its all red. All red.
|
|
#
¿
Sep 17, 2019 23:40
|
|
|
abigserve posted:1000% agree, and every time I've raised this with the relevant security stakeholders they look at you like a deer in the headlights Ensuring all data is encrypted at rest and in transit is a wonderful thing that for some reason everyone is terrified of and or clueless about implementing. I wonder if there are easy resources for implementing to just point people at and be like.. do that.
|
|
#
¿
Dec 2, 2019 03:43
|
|
|
cinci zoo sniper posted:another day, another s3 bucket. this time 700k birth certificate applications, not taken down after disclosure Goddamn people dont pay attention
|
|
#
¿
Dec 10, 2019 00:55
|
|
|
BangersInMyKnickers posted:I'm sick and tired of hearing about EDR and threat hunting when I don't even have the staffing to install the current poo poo on half the assets we own Fuuuck do i feel this. I feel this in my goddamn bones.
|
|
#
¿
Feb 6, 2020 02:02
|
|
|
Anyone using endgame on hosts?
|
|
#
¿
Feb 8, 2020 01:10
|
|
|
Doesnt pihole act as a local dns server or am i misremembering this
|
|
#
¿
Apr 2, 2020 23:59
|
|
|
Isnt the google 2fa now tied to the google account its "linked" to? I coulda sworn they added a migration feature. Seconding the microsoft 2fa being alright
|
|
#
¿
Apr 6, 2020 15:32
|
|
|
Thats fuckin amazin
|
|
#
¿
Apr 8, 2020 01:03
|
|
|
I havent watched westworld  so it was lost on me
|
|
#
¿
Apr 26, 2020 13:10
|
|
|
Rufus Ping posted:g13 government weed Brb moving
|
|
#
¿
Apr 27, 2020 02:52
|
|
|
Fuckin solarwinds
|
|
#
¿
Dec 14, 2020 01:16
|
|
|
DoomTrainPhD posted:"The TTP project" of course Recursive Acronyms should be a thing.
|
|
#
¿
Dec 14, 2020 19:49
|
|
|
Shame Boy posted:"theoretically capable of" and "actually required to" are pretty different This applies to every single enterprise security tool and scale btw Edit: this has nothing to do with current convo I'm just bitter at "enterprise" atm
|
|
#
¿
Apr 25, 2021 18:25
|
|
|
I keep having to explain how a cve from 1999 can show up on a recent host and how that doesn't mean that the host has been vulnerable SINCE 1999 and I want to die. Thanks in advance to whatever kind soul puts a loving bullet in me.
|
|
#
¿
Jun 15, 2021 00:15
|
|
|
infernal machines posted:lol. ms pushed an out-of-band patch for print nightmare. notably, the description for kb5004945 mentions printnightmare by name but doesn't include the word "resolves" anywhere The number of "critical" patches that in no way resolve the issue this year has been high.
|
|
#
¿
Jul 7, 2021 18:18
|
|
|
haveblue posted:the remote code execution was producing excessive log messages So we turned off logging.
|
|
#
¿
Jul 7, 2021 20:39
|
|
|
flakeloaf posted:gotta work hard to outdo the the mcd's hamburger builder fiasco That was fine art and I will hear no argument. That was legit one of the funniest things I've experienced and I still laugh thinking about it.
|
|
#
¿
Jul 8, 2021 14:57
|
|
|
Now I'm wondering if I remember this or another similar one. All I remember is a desultory glob of ketchup being presented as a burger and just absolutely losing it.
|
|
#
¿
Jul 9, 2021 00:07
|
|
|
Better than actual vuln releases though
|
|
#
¿
Jul 22, 2021 17:17
|
|
|
I feel like cloudflare should make that a marketing slogan its so good
|
|
#
¿
Aug 21, 2021 19:10
|
|
|
Shaggar posted:only a unix greybeard could be dumb enough to think case sensitive userids are a good idea. Having SAML flashbacks now
|
|
#
¿
Aug 27, 2021 21:33
|
|
|
Shame Boy posted:i transposed those letters and was very confused why a website would want to profile whistleblowers SAME.
|
|
#
¿
Sep 3, 2021 20:18
|
|
|
RFC2324 posted:I started my current job jan 4, and one of the first things I got to see was people having to talk someone down who thought making an offer to parler was a good idea for a fedramp company What the gently caress
|
|
#
¿
Oct 1, 2021 19:42
|
|
|
I dont know a lot. But one thing I do know is to treat shaggar posts like foam floating by in an otherwise pristine creek. Feel free to look at it as it goes by but never engage.
|
|
#
¿
Oct 15, 2021 00:23
|
|
|
I dont mean to bring up the low hanging fruit / old news. But was that missouri thing literally as dumb as it sounds. No way the SSNs were just in the html right?
|
|
#
¿
Oct 19, 2021 15:19
|
|
|
Thank you for both those very appropriate posts. *ahem* 
|
|
#
¿
Oct 19, 2021 17:06
|
|
|
The "you wouldnt steal a car" ad except now it reads "view a webpage"
|
|
#
¿
Oct 21, 2021 23:56
|
|
|
spankmeister posted:Welcome to OT networks. Everytime i interact with OT im stunned with how loving low effort every thing in that space is. I get that a lot of it needs a light footprint but the poo poo used to manage the stuff is also straight outta 2005.
|
|
#
¿
Nov 5, 2021 15:43
|
|
|
Hed posted:I mean SSL is obviously more robust security it's at what, 3.0? Why would you trust version 1.3 software. I laughed and then frowned because this has been said to me before without irony.
|
|
#
¿
Nov 15, 2021 03:22
|
|
|
Crime on a Dime posted:https://www.theonion.com/my-computer-totally-hates-me-vs-god-do-i-hate-that-b-1819594270/amp Not throwing stones at you but yikes that writing hasnt aged well.
|
|
#
¿
Nov 26, 2021 22:21
|
|
|
Has anyone said log4shit yet.
|
|
#
¿
Dec 10, 2021 16:16
|
|
|
People keep giving me looks when i say assume you are vulnerable, act like you are about to be popped. Patch now. Like im the ITsec equivalent of the end of times sandwhich board man. But i feel like thats a reasonable stance. Check your poo poo. Patch it if you can. Get your walls up.
|
|
#
¿
Dec 13, 2021 22:55
|
|
|
They shoot horses dont they?
|
|
#
¿
Dec 14, 2021 05:06
|
|
|
Welp the first patch didnt take. HIT IT AGAIN BOYS.
|
|
#
¿
Dec 14, 2021 22:57
|
|
|
haveblue posted:the lack of payments will continue until security improves This is very good.
|
|
#
¿
Dec 15, 2021 18:58
|
|
|
I have a real love / hate relationship with regex at this point
|
|
#
¿
Dec 18, 2021 23:00
|
|
|
The sheer amount of parallel 'unused' log4j 1x installed next to log4j 2x that i have seen during this really validates my views on vendor's attention to detail
|
|
#
¿
Dec 24, 2021 13:55
|
|
|
|
| # ¿ Mar 25, 2023 05:20 |
|
|
Oh holy poo poo please no
|
|
#
¿
Dec 28, 2021 16:58
|
|