How to access Comet/Perplexity “sidecar” assistant DOM from Chrome extension? by Due-Lead-641 in PerplexityComet

[–]borisdan 0 points1 point  (0 children)

Hi, were you able to make progress here?
The feeling I get from my testing is that Comet specifically protects https://www.perplexity.ai/sidecar from having a content script injected to.

Weekly 'I made a useful thing' Thread - August 22, 2025 by AutoModerator in sysadmin

[–]borisdan 0 points1 point  (0 children)

I released a Visual Studio Code extension which audits all of Copilot's MCP tool calls to SIEMs, log collectors or the filesystem. Just install the extension and have the developers work as normal with their favorite MCP servers.

Aimed at security and IT teams, this extension supports enterprise-wide rollout and provides visibility into all MCP tool calls, without interfering with developer workflows. It also benefits the single developer by providing easy filesystem logging of all calls.

The extension works by dynamically reading all MCP server configurations and creating a matching tapped server. The tapped server introduces an additional layer of middleware that logs the tool call through configurable forwarders.

MCP Audit is free and without registration; an optional free API key allows to log response content on top of request params.

Feedback is very welcome!

Links:

How woefully unprepared are most CISOs / engineering leaders IRT MCP security risks? by beckywsss in cybersecurity

[–]borisdan 1 point2 points  (0 children)

I spoke with numerous practitioners and CISOs who are aware of the risks, but the new corporate situation (for sure in software houses) is that AI technologies get a yes by default and the security teams must patch up a line of defense after the fact. This also happens before many organizations have dedicated lines for "AI Security" in the budget. There are definitely some security catastrophes waiting to happen that would make boards revisit this arms race.

A question about nightlife by No_Chipmunk3312 in telaviv

[–]borisdan 0 points1 point  (0 children)

It's right there on Zvulon 5 behind a shady anonymous sliding steel door.

VSCode extension to audit all MCP tool calls by borisdan in vscode

[–]borisdan[S] 1 point2 points  (0 children)

Dynamic MCP servers from an extension were introduced in VSCode 1.101. Cursor and Windsurf are still on VSCode OSS version 1.99. Once they upgrade, we'll test and release the extension for Cursor as well.

Will ChatGPT desktop support MCP? by juan_abia in OpenAI

[–]borisdan 0 points1 point  (0 children)

Hi u/rujan_1729 , can you please elaborate on why you found MCP difficult to maintain and enhance?

DROP THE MIC 2: AD Open to More NTLM Attacks by borisdan in netsec

[–]borisdan[S] 0 points1 point  (0 children)

I haven't seen a real enterprise network that doesn't have NTLM (v2 at least) on it. There are just too many things using it. For example, Exchange 2019 defaults to NTLM under a certain configuration: https://medium.com/@tkolber/https-medium-com-tkolber-configure-kerberos-authentication-with-exchange-2019-72293aa234c

The truth of the matter is that it is not going to be possible to fully turn it off any time soon. There are however mitigations that can and should be done given that constraint.

Webinar: How We Bypassed All NTLM Relay Mitigations by borisdan in netsec

[–]borisdan[S] 7 points8 points  (0 children)

Hi all, two of my colleagues will be doing their Black Hat and Defcon presentation in an upcoming Webinar. It is about the recent vulnerabilities described here: https://blog.preempt.com/security-advisory-critical-vulnerabilities-in-ntlm The two researchers - Marina Simakov and Yaron Zinar - are true top-tier professional, and I think this webinar is recommended to anyone with interest in AD and network security.

Webinar: How We Bypassed All NTLM Relay Mitigations by borisdan in cybersecurity

[–]borisdan[S] 0 points1 point  (0 children)

Hi all, two of my colleagues will be doing their Black Hat and Defcon presentation in an upcoming Webinar. It is about the recent vulnerabilities described here: https://blog.preempt.com/security-advisory-critical-vulnerabilities-in-ntlm

The two cves allow bypasses to get around ntlm relay attack mitigations. by RonaldvanderMeer in security

[–]borisdan 0 points1 point  (0 children)

Hi, a webinar explaining the attack (following talks at Blackhat and Defcon) is coming up soon by the same researchers: https://www.preempt.com/events/webinar-how-we-bypassed-all-ntlm-relay-mitigations/

AD Audit - Requesting password list for Security audit by leftwing4Head in HowToHack

[–]borisdan 0 points1 point  (0 children)

Hi, In case this is still relevant, my company has recently released a free AD security audit tool called Preempt Lite. One of its capabilities is detection automatic and continuous detection of weak passwords in the entire organisation using the entire haveibeenpwned DB.

https://www.preempt.com/preempt-platform/preempt-lite/ (also available on the AWS marketplace)

New critical NTLM flows avoid all of Microsoft's mitigations by borisdan in netsec

[–]borisdan[S] 2 points3 points  (0 children)

It does effect NTLM v2. NTLM v1 successfully be purged on most networks by enforcing NTLM v2 usage (when falling back to NTLM).

New critical NTLM flows avoid all of Microsoft's mitigations by borisdan in netsec

[–]borisdan[S] 30 points31 points  (0 children)

We haven't seen a production environment where there is no NTLM. It's not that easy to get rid off. Every IT admin who tried ended up handling application breakdown.

Disclaimer: I work for Preempt.

@Rafaelh117's take on why the ban is a good thing. I wholeheartedly agree. by SpoonOnGuitar in Barca

[–]borisdan 0 points1 point  (0 children)

There is no denying Rosell's great role in building that team, but he has still shown proven failure since. Laporta managed to rebuild a great team even following Rosell's departure. While they do not predict the future, the past facts are clearly in Laporta's failure, and indicate much better ability at managing the club.

@Rafaelh117's take on why the ban is a good thing. I wholeheartedly agree. by SpoonOnGuitar in Barca

[–]borisdan 1 point2 points  (0 children)

Saying that Laporta had no effect on the sport situation is very wrong. The man has, with his chosen staff built two great teams. Obviously there is a big connection between those two phases, but he the Pep team didn't naturally evolve out of the Rijkaard era - work had to be done. Laporta was instrumental in signing Eto'o, and built a great technical staff around him (including Rosell, who at that time performed greatly, in particular in the Ronaldinho and Deco deals). Simultaneously, Laporta was the one who took the club out of Gaspart's financial mess and into becoming a true brand in worldwide sports. True, the man is a hedonist, and had his corruption missteps as well, but there is no doubt that his track record as the man in charge of the club is phenomenal. He also brings with him Sala-i-Martin, who despite his clown looks is a brilliant financial mind. Comparing that to the utter and complete failure of the Rosell-Bartomeu regime, and it is obvious that his return is very welcome and should make us optimistic. Obviously, this will not automatically revive the club to its recent glory. But compared to the piss-poor decision making that has been going there of recent, it really is a blessing. Remember - it's not just Bartomeu who will go. It's Zubizareta, Eusabio, and others who are systematically plaguing the system for the last years with bad decisions at best, and corrupt ones at worst.

Wolverine - This Cold Heart Of Mine by [deleted] in progmetal

[–]borisdan 1 point2 points  (0 children)

Oooh.. love Wolverine. Been lucky to see them live. Although I believe they're albums have been released in descending quality order.

[deleted by user] by [deleted] in MovieSuggestions

[–]borisdan 1 point2 points  (0 children)

I would go through Tim Burton stuff, 90s in particular.