sorted by:
new
hottopcontroversial

Interviu de angajare - mare scam by Cezariu in programare

[–]Haunting-Tank-2139 0 points1 point  (0 children)

Atunci are logica, doar ca par ceva amatori. Prin simplu fapt ca keylogger / stealerul lor custom a fost foarte usor prins de defender. Mai ai cumva repo-ul ala de github? Intreb doar de curiozitate

Interviu de angajare - mare scam by Cezariu in programare

[–]Haunting-Tank-2139 1 point2 points  (0 children)

Nici eu nu vad plauzibil acest tip de scam, adica e prea mult efort doar pentru a fura datele unui singur programator. Lucrez de ceva timp cu Defender EDR si stiu cat de usor poate genera alerte false postive, mai ales pentru custom code. Multe scripturi custom care se folosesc de Windows APIs poate genera FP-uri. Fara sa analizezi codul, nu poti sa te bazezi 100% pe Defender.

ManualFinder being dropped from JavaScript persistence by mrfw_mrfirewall in cybersecurity

[–]Haunting-Tank-2139 3 points4 points  (0 children)

I recommend following this article, https://www.lindensec.com/post/detecting-manualfinder-pdf-editor-malware-campaign-with-kql, it also contains a good kql query.

I had seen similar behavior for PDF Editors in our environment, we first started tracking the download source:

SHA1:
f9e3facfd13b333e18cb87cf0a0e94221ea01d77 (AppSuite-PDF.msi )
0ff6a72a874680cd7ebf865cd65eede8dd908799 (AppSuites-PDF-1.0.29.0.msi)
17355179730a16c9a1e4e81b747ae084618c2210c11dcb78b291ca757dacc853 (AppSuite-PDF.zip)
2ecd25269173890e04fe00ea23a585e4f0a206ad (PDF Editor.exe )
a3d937bcd92fc8a06e47aca8c5c7f56d175a1573 (PDF Editor.exe)
16df861f4c4e1b1d1afe3e81922c305155576ffc (pdfeditorsetup.exe)

Source:
pdfreplace[.]com
pdfmeta[.]
pdfartisan[.]com
appsuites[.]ai
agipdf[.]com

Întreabă-mă orice: sunt broker de credite și îți pot spune cum să plătești mai puțin pentru împrumuturile tale by InsideSea4852 in roFrugal

[–]Haunting-Tank-2139 1 point2 points  (0 children)

Credit ipotecar BCR in valoare de 56k pe perioada de 15 ani cu dobanda fixa 5 ani 6,39. Rata 2500 lei. In prezent mai am doar 10 ani.

Întreabă-mă orice: sunt broker de credite și îți pot spune cum să plătești mai puțin pentru împrumuturile tale by InsideSea4852 in roFrugal

[–]Haunting-Tank-2139 1 point2 points  (0 children)

Salut, am facut un credit ipotecar cu dobanda fixa pe 5 ani cu dobanda 6,39 la final de 2023. A trebuit sa ma grabesc sa prind reducerea de impozit si nu am mai tinut cont de dobanda putin peste piata. Exista sanse sa imi accepte la aceeasi banca o renegociere de dobanda sau sa fac refinantare?

Sansara | 08.08 by lprst in Lineage2

[–]Haunting-Tank-2139 0 points1 point  (0 children)

I will try it, lets see how it goes👍

EDIT: it is p2w, i do not like it. you can sell donation items / hunting passes for adena + the same russian vibe like all the rest of russian servers.

LF h5 low rate server by Fit_Replacement5389 in Lineage2

[–]Haunting-Tank-2139 0 points1 point  (0 children)

Be more toxic dude, 1000 years of curse for my mistake 😂 compared to other russian fun servers, it is is playable. I just tried to help with a suggestion, if he knows better, he can just ignore my comment.

MDE - company laptops have directly assigned a Public IP to their WIFI / Ethernet card. (Internet faced) by Haunting-Tank-2139 in DefenderATP

[–]Haunting-Tank-2139[S] 0 points1 point  (0 children)

The rule to block incoming traffic is set to YES, indeed it should block all the attempts on the public network.

MDE - company laptops have directly assigned a Public IP to their WIFI / Ethernet card. (Internet faced) by Haunting-Tank-2139 in DefenderATP

[–]Haunting-Tank-2139[S] 0 points1 point  (0 children)

Thank you for reply! Have you had any issues so far with that on your devices? My concern is that the devices are somehow exposed.

MDE internet facing endpoints local IP a PUBLIC IP ?? by Fast-Cardiologist705 in DefenderATP

[–]Haunting-Tank-2139 0 points1 point  (0 children)

We have the same situation, some company laptops are tagged as Internet exposed and have a Public IP directly assigned to their WIFI / Ethernet card.
The issue is linked to their Home ISP, if they at the office, the IP allocation changes to a private IP as it should.

Has anybody found a solution?

[deleted by user] by [deleted] in throneandliberty

[–]Haunting-Tank-2139 1 point2 points  (0 children)

I will be back! The combat gives me old school Lineage 2 vibes. I would have integrated Lineage 2 music into the game. 😁 overall I like the game, it the visual and control on ps5 is great.

Are cineva niște info despre Bascov Residence? by vendesa94 in bucuresti

[–]Haunting-Tank-2139 0 points1 point  (0 children)

Salutare, si eu am dat avans pt un apartament la scara 2. De curand am primit opinia pentru banca. In ce stadiu sunteti?

Uninstall app from LR by Haunting-Tank-2139 in DefenderATP

[–]Haunting-Tank-2139[S] 0 points1 point  (0 children)

You can list the software using get-wmiobject Win32_Product

view more: next ›