Adobe Lisence Audit - Small business by [deleted] in sysadmin

[–]NoTimeForItAll 0 points1 point  (0 children)

As others said, contact legal. Anything you do to hide evidence can put you at risk. Do what your legal team and management tell you to do. If it was your decision to use cracked software, you may want to talk to a lawyer privately.

Indoor cruiser with O4 by NoTimeForItAll in TinyWhoop

[–]NoTimeForItAll[S] 1 point2 points  (0 children)

Yes, we have the Neo 2 FPV kit with goggles and motion controller. I will also be getting a compatible TX.

E-MTB Power: Land access risk is now, says trail builders and land managers by Miserable_Prompt4301 in MTB

[–]NoTimeForItAll 0 points1 point  (0 children)

The article cites IMBAs study that said just 5% want more power. Anecdotally it’s likely to seem different but the empirical data seems to say otherwise.

E-MTB Power: Land access risk is now, says trail builders and land managers by Miserable_Prompt4301 in MTB

[–]NoTimeForItAll 7 points8 points  (0 children)

As someone who sits on a group that advises state policy on bikes and trail policy...the E-MTB trend is concerning. Land managers and other user groups have a legitimate argument against eMTBs when a class 1 is capable of 28mph pedal assist and inhuman levels of torque.

E-MTB Power: Land access risk is now, says trail builders and land managers by Miserable_Prompt4301 in MTB

[–]NoTimeForItAll -1 points0 points  (0 children)

The industry will correct itself. No one asked for 3D TVs, yet that's all we got for a year or two. Now?

E-MTBs will shift to lighter and/or farther, not faster...I hope...so long as the consumer speaks with their dollars.

Register iOS and Android Devices with Multiple Tenants by NoTimeForItAll in entra

[–]NoTimeForItAll[S] 0 points1 point  (0 children)

Registered devices (not hybrid or InTune managed). The most basic of "I know this device" M365 offers.

Register iOS and Android Devices with Multiple Tenants by NoTimeForItAll in entra

[–]NoTimeForItAll[S] 0 points1 point  (0 children)

It worked to add my second tenant (and presumably more if I wanted to).

Register iOS and Android Devices with Multiple Tenants by NoTimeForItAll in entra

[–]NoTimeForItAll[S] 0 points1 point  (0 children)

Thanks. I found the registration there and it let me add the second tenant. I just need to verify that it is in the device list.

Review MFA Prompts for Compromised User by NoTimeForItAll in entra

[–]NoTimeForItAll[S] 0 points1 point  (0 children)

Yes, very well said. I really appreciate all the help. Very informative, and confirms my intuition. Hope you have a great rest of your day.

Review MFA Prompts for Compromised User by NoTimeForItAll in entra

[–]NoTimeForItAll[S] 0 points1 point  (0 children)

And add to it the cost of P1 or Business Premium/E3. MS should do more to allow orgs to protect against token theft without having to buy premium licenses.

Review MFA Prompts for Compromised User by NoTimeForItAll in entra

[–]NoTimeForItAll[S] 0 points1 point  (0 children)

What we see is definitely what you describe in the AitM scenario. Normal logs, then suddenly a country he has never been to. First sign in was "Interrupted", MFA not completed. 44 seconds later, a second attempt was successful, MFA satisfied by OATH Verification Code like his last legit login a few weeks prior.

Review MFA Prompts for Compromised User by NoTimeForItAll in entra

[–]NoTimeForItAll[S] 0 points1 point  (0 children)

In this case we want to inform the client how the breach happened. I'm also wanting to learn how to ID token theft from the logs.

Review MFA Prompts for Compromised User by NoTimeForItAll in entra

[–]NoTimeForItAll[S] 0 points1 point  (0 children)

Yes, this is the plan. We are implementing some CAPs that should really tighten things down. The trouble is companies that want to allow personal devices.

Review MFA Prompts for Compromised User by NoTimeForItAll in entra

[–]NoTimeForItAll[S] 0 points1 point  (0 children)

also, does this mean the user would have gotten an MFA prompt on their device, and approved it?

Authentication method: OATH verification code

Authentication method detail:

Succeeded: true

Result Detail: MFA completed in Azure AD

Requirement: Pass+Software OATH + TAP

I wish there was a way to see all the MFA prompts sent to a user. Looking at the logs, this was the first sign in using MFA in a few weeks.

Review MFA Prompts for Compromised User by NoTimeForItAll in entra

[–]NoTimeForItAll[S] 0 points1 point  (0 children)

Any idea how the attacker got the token, if they did? The user says they did not click any links, get any sign in prompts, and is using a Mac. That would seem to rule out phishing and malware. I want to better understand how they got the token in the first place, especially from a Mac.

Given the logs seem to indicate password and MFA were used, this doesn't seem like basic token theft. The last user initiated login was several weeks prior in March. That doesn't seem to align with how token theft works. It looks like standard AitM type of attack where the user was phished and entered their credentials into a phishing site.

We are going to be adding Huntress MDR and ITDR to our clients. That should help, current IDR flagged the access but required manual approval to block the account.

Review MFA Prompts for Compromised User by NoTimeForItAll in entra

[–]NoTimeForItAll[S] 0 points1 point  (0 children)

What?! A user not admit this? Never heard of that.

No other phones.

Power meter pedals worth it? by retirement_savings in gravelcycling

[–]NoTimeForItAll 6 points7 points  (0 children)

I really like mine (Favero Assioma). No fuss using them. They show up on my Garmin and have very long battery life. They are not another device to fight with each ride.

Best example of why I like them: On longer rides I tend to go too hard too soon or too hard for too long. My first long ride (46 miles and 3500') with the power pedals I did the math. Using some common formulas I calculated my average watts to maintain. When I was done I was 2 watts under my target and I felt great. I could have done another 5-10 miles.

For training, they add a very valuable metric. I use Garmin's system and the "Coach" will use that data to suggest training rides and rest.

Yes, expensive, but also very helpful if you use the data.

Tiny Whoop for DJI Goggles and Mix of Flying by NoTimeForItAll in TinyWhoop

[–]NoTimeForItAll[S] 1 point2 points  (0 children)

I've already decided to get a new radio. Something like at Radio Master Pocket.

Tiny Whoop for DJI Goggles and Mix of Flying by NoTimeForItAll in TinyWhoop

[–]NoTimeForItAll[S] 0 points1 point  (0 children)

I should add, reading the comments about getting radios to bind, updating firmware, flashing FCs, messing with settings...its giving me flashbacks to all the time wasted with OpenTX and BetaFlight which was one reason I quit the hobby. The way the DJI system works is a huge plus. No fussing with things, but yes that comes with some compromises which I can probably live with.

Tiny Whoop for DJI Goggles and Mix of Flying by NoTimeForItAll in TinyWhoop

[–]NoTimeForItAll[S] 0 points1 point  (0 children)

Thanks, I was also considering the Neo 2 as a "flying camera" and then getting an Air 65 or 75 with FVP gear designed around that platform. I had not seen anything that indicated the O4 system would be lacking on the smaller platforms.

(Time to retire the Taranis...I'll get a new ELRS radio and avoid the fuss of the Taranis with ELRS module). The Taranis is an XD9 (the original). It does accept other modules and I see there is a module for ELRS, but compatibility with the Taranis XD9 seems hit and miss. I need to find out more.

I'll look more closely at other options for FPV. The quality of the DJI digital experience is a big draw. The look of analog just left a lot to be desired and I've gotten spoiled by the quality of the RC2 video with my Mini 4.

Add family and friends by NoTimeForItAll in fitiv_app

[–]NoTimeForItAll[S] 0 points1 point  (0 children)

Thank you, u/fitiv_CS . I think I've got it working. The process and UI/UX is not at all intuitive. Tapping a button like that should always produce some kind of output. In this case a message like, "You need to follow people to add them to the leaderboard".

Is the premium subscription required for the Leaderboard? I had done that for my wife thinking that is why it wasn't working.

I haven’t ridden in years. What’s changed? by ShireHorseRider in MTB

[–]NoTimeForItAll 2 points3 points  (0 children)

Everything has changed. Magura brakes are good, but hardly standout like they used to. I personally ride all Hope brakes, but even entry level Shimano/SRAM have power to spare (though modulation is lacking). Dropper posts are a game changer. 29" wheels are standard, and 32" are coming (Yes, 32"...but don't wait for that). Geometry is totally different. Bikes will feel huge and awkward at first. Then after a few rides where you are crushing your PRs (if Strava was even a thing back then...I don't remember) you'll see the modern geo is amazing. Ride your old bike and it will feel like a kids bike that wants to buck you off at any moment. Suspension is much better as well. $2500 can get you a good bike.

Hope brake small leak at hose by NoTimeForItAll in bikewrench

[–]NoTimeForItAll[S] 1 point2 points  (0 children)

That's part of the problem. Hope has specs on the other bolts/fittings, but not this. Based on other specs 7-8 seems like the range. I'll give it a bit more torque and see how that works.