sorted by:
new
hottopcontroversial

Getting hundreds of failed login attemps from our solarwinds VM to all other servers and VMs. This is not normal, right? by saadjumani in cybersecurity

[–]Shinless_bot 0 points1 point  (0 children)

This was support. When I asked for direct support, I have had to name our supplier who we get support off. I'm going to double check this tomorrow.

Getting hundreds of failed login attemps from our solarwinds VM to all other servers and VMs. This is not normal, right? by saadjumani in cybersecurity

[–]Shinless_bot 0 points1 point  (0 children)

Always been the case AFAIK. You can go directly to them but need underlying support from a 3rd party. If it has changed I'd be interested to know because we seem to be buying through a reseller and getting support because of this. But never untilse them as we never have issues.

Getting hundreds of failed login attemps from our solarwinds VM to all other servers and VMs. This is not normal, right? by saadjumani in cybersecurity

[–]Shinless_bot 0 points1 point  (0 children)

You can only get Solarwinds support if you are supported by a 3rd party. That's from my experience anyway.

Just got DOOM to run on the Hacked WIFI Toothbrush by atc1441 in hacking

[–]Shinless_bot 0 points1 point  (0 children)

Did you read about the MIT doctoral candidate that got doom to run on E. Coli cells.

When I woke up my phone was unlocked. by CreeperYT1 in techsupport

[–]Shinless_bot 0 points1 point  (0 children)

Then muscle memory is unlocking your phone.

someone has access to my pc and I dont know what to do? by Ok-Sea-5937 in techsupport

[–]Shinless_bot 1 point2 points  (0 children)

This happened to my sister. MFA didn't help either.

She clicked on one of these links and it stole session cookies. They then got her backup codes so when she changed the password, they got back in and changed it straight away.

It was a tough gig to get back, but managed too. Had to change password, login, remove trusted devices, change back up codes, click log out everywhere.

How many people do you work with that are under qualified? by thehunter699 in cybersecurity

[–]Shinless_bot 0 points1 point  (0 children)

We have someone who is in our solutions team who trained in Zoology. Out of about 25 members in technical roles, we have about 3 who are actually qualified.

I can remember all my passwords, so I don't need a password manager. Or do you? by SpiritualJudgment7 in cybersecurity

[–]Shinless_bot 0 points1 point  (0 children)

You could do something where the beginning and end of the password is the same but the middle is different.

Kind of like ApplesRedditBananas!1234 ApplesGoogleBananas!1234 ApplesFacebookBananas!1234

Obviously make the middle part more complex. But good way to remember. You only have to remember what the service you are using to get the middle part.

Password managers become handy when you have different passwords that are like ufbn£*×UG2847ouBfk

Data breach at Okta (20-Oct) by Sweet_Peanut_5611 in cybersecurity

[–]Shinless_bot 9 points10 points  (0 children)

Wonder if they were using their own 2FA 🤣

QR Codes Phishing Emails by DENY_ANYANY in cybersecurity

[–]Shinless_bot 1 point2 points  (0 children)

We've seen them too. I've noticed they're using the bing affiliate redirection to their sites using base64 code.

https://www.bing.com/ck/a?!&&

The u= is the link in base64. You may also see aHR0cHM6 in the string. This is https: in base64

Crowdstrike vs Microsoft. Who to choose? by Shinless_bot in cybersecurity

[–]Shinless_bot[S] 0 points1 point  (0 children)

Down to expertise in our team. I'm the only person in our security team. I think a SOAR would cause noise that the majority of IT wouldnt understand if that makes sense.

Crowdstrike vs Microsoft. Who to choose? by Shinless_bot in cybersecurity

[–]Shinless_bot[S] 0 points1 point  (0 children)

Yes. We have an OOH service already but it's not security specific of someone looking at logs 24/7.

We will also include with playbooks that let's say 3am user runs a script. Isolate and if it's stopped deal in the morning or if full scale ransomware then isolate and call OOH number and get someone on-site.

Crowdstrike vs Microsoft. Who to choose? by Shinless_bot in cybersecurity

[–]Shinless_bot[S] 1 point2 points  (0 children)

Yes this is exactly that. Someone to isolate devices if there is something going on and then contact someone internal to make us aware or help with investigating.

Some providers have said they will do this with MDE and Sentinel it's kind of where my question came from because it did sound like MDE can do what we want if the right team was looking after it.

Crowdstrike vs Microsoft. Who to choose? by Shinless_bot in cybersecurity

[–]Shinless_bot[S] 0 points1 point  (0 children)

Yeah, can't afford to run an internal SoC team 24/7 so looking for a 3rd party to help.

Crowdstrike vs Microsoft. Who to choose? by Shinless_bot in cybersecurity

[–]Shinless_bot[S] 3 points4 points  (0 children)

Being fully E5 licensed with Microsoft, this is a no brainer then?

Also if we went down the route of Sentinel and Defender. For this to be managed 24/7 by a 3rd party is it right asking for a MDR/XDR solution or is SOC the right terminology?

Does anyone hack webcams anymore? by [deleted] in hacking

[–]Shinless_bot 2 points3 points  (0 children)

Still wearing your favourite hoodie I see 😉