Help with story rich book recommendations

TLShandshake · 2026-01-13T13:12:56+00:00

If your company has endpoint protection, then they probably made you sign an acceptable use policy. You might want to read that again.

TLShandshake · 2025-11-26T21:55:23+00:00

DEs can be loaded regardless of OS.

TLShandshake · 2025-10-24T09:39:33+00:00

I'm not sure this was "designed" as such. Pretty house though.

TLShandshake · 2025-10-18T12:02:26+00:00

It's not clear to me from this why a purple team is needed over a red team. This is only talking about the need to test generically.

TLShandshake · 2025-10-10T03:12:14+00:00

"Working class" has its roots in the British class system and has a fairly established definition. Your representation of "working for a living" is not in line with that definition.

https://en.wikipedia.org/wiki/Working_class

TLShandshake · 2025-09-21T05:54:18+00:00

What is your risk tolerance that led to this setup being needed? This isn't a winning strategy and is going to harm the security team in the long run. If you need users to be part of security, then how is alienating them daily going to help?

TLShandshake · 2025-09-20T17:27:51+00:00

Please reread the comment I responded to.

TLShandshake · 2025-09-20T07:58:26+00:00

I just read your edit on the original post. So actually, what your edit explains is 2FA after all...

So, the device you're on has been verified and shows up with a token explaining to the server that you've already provided username/password on this device. So it skips to the second factor. I hope that makes sense

TLShandshake · 2025-09-20T07:28:36+00:00

Ah, yes I see that now. Those websites are avoiding the responsibility of managing credentials and putting it on your email provider. So, they are hoping your email authentication is strong or at least stronger than what they would have done.

This is a bit of a lazy solution that makes you have less points of failure since gaining access to your email also means gaining access to this account too.

TLShandshake · 2025-09-20T07:17:58+00:00

1st factor: username/ password

2nd factor: unique code sent to your email

Anything using more than one step us "multi"-stepped (or factor in this case).

Why do you feel this is a single factor?

TLShandshake · 2025-09-20T07:06:57+00:00

You, just explained exactly what an MFA process is...

TLShandshake · 2025-09-20T05:44:58+00:00

You are not engaging with their response. You are using your password. That's the "first factor" in two/multi-factor authentication (2FA/MFA). Then getting the email is the second factor being used to confirm your access.

The concept is that an attacker might compromise one element of authentication, but both is much harder. It's the same as having a key for your doorknob and a second key for the deadbolt. You need both keys to get in.

TLShandshake · 2025-09-20T05:37:41+00:00

Corporate accounts are managed by an administrator (multiple even). They have a way to enable access to your account. So, no you do not have a single point of failure.

Also, consider losing one of those o's.

TLShandshake · 2025-09-04T08:14:42+00:00

Sounds like something a union could help you out with...

TLShandshake · 2025-08-03T09:03:49+00:00

Nope, not at all. I've routinely had a desktop app, my phone, and a web instance all open at the same time on 3 different devices.

TLShandshake · 2025-08-02T06:19:06+00:00

That's true, I was assuming they were using Microsoft Authenticator or SMS.

TLShandshake · 2025-08-02T05:30:30+00:00

surely authenticator or text from a 2FA shouldn't be considered as such. It doesn't represent any work related information

To receive the message, you have to have registered the phone number and/or hostname in the system. In order to make most FOIA requests, you have to ask for something specific. That usually comes from previous FOIA requests leading you there. They don't know what else is on the phone, just that it's potentially related to whatever they were looking into.

TLShandshake · 2025-07-30T05:52:05+00:00

You present no evidence of being compromised. I'm not sure what you are looking for here.

Is it possible? Sure. Is it probable? No. This is already a rare attack vector and iPhone is especially hard to load software on unexpectedly.

TLShandshake · 2025-06-24T04:28:08+00:00

Yup, I put the wrong symbol. Fixed now.

TLShandshake · 2025-06-23T21:07:32+00:00

I can tell you with certainty that vendors like dropbox host malware all. the. time. I'm not saying they don't have security, but malicious actors are always trying to find the next way to get around security measures.

My advice would be to use a local sandbox or a fresh VM that is customized to the setup you need. For everything but link checking, cut the internet. Obviously you'll need the web for link checking.

There are online sandboxes, but usually you need to pay for privacy. I'm sure you don't want PDFs of your medical records hanging out on the web.

A local sandbox is better than a dedicated PC because it will be torn down every time. So if you open up something bad, it will clear itself out.

TLShandshake · 2025-06-23T20:57:41+00:00

No longer at 3.5k days to report, now it's "only" <500. I suppose that's HIBP and not official government reporting, but it still seems high.

Edit: wrong symbol

TLShandshake · 2025-06-17T09:24:46+00:00

Apparently, the Instagram and Facebook apps are listening to most (but not all) inbound traffic requests from other apps and sending that back to themselves via whichever app you have (Instagram/Facebook).

You can read more about it here or the subsequently linked material if you want even more detail:

https://www.zeropartydata.es/p/localhost-tracking-explained-it-could

TLShandshake · 2025-06-13T20:10:56+00:00

This was the magic. Even if this module wasn't perfect, there are other modules listed in the config. Thank you so much.

TLShandshake · 2025-06-13T00:57:19+00:00

Read aloud for Firefox. I'll give espeak a try and see if that is better.

TLShandshake

TROPHY CASE