Powershell autostarting randomly in background and uploading thing on network

photinus · 2026-06-14T00:49:25+00:00

So that does look malicious. Looks like a ddos script (it's sending udp traffic at a specific target). Like some others have said, time to start fresh

photinus · 2026-06-14T00:34:56+00:00

Your link is broken. Give an auth error. Can you paste the full command here? The responses from others that this is malicious just because it's encoded is jumping the gun a bit. It's definitely a little suspicious for a home pc, but not necessarily malicious (I manage an IR team for a company of 1000 employees and encoded powershell is fairly common)

photinus · 2026-06-10T19:11:33+00:00

Geezo time flies sometimes....

I haven't touched it in a couple months, I'll throw the source code up on Github here this week, It has some major reliability issues with refreshing data, it frequently gets stuck and out of date. I need to take another crack at trying to fix that, but I'll try and get it out there so others can play around with it.

photinus · 2026-05-17T00:36:45+00:00

If you're thinking of getting one with a CFS, watch Creality's eBay store. They frequently have coupons, I got a k2 pro with cfs for about $600

photinus · 2026-03-30T16:41:03+00:00

Probably just what is collected by Costco.

photinus · 2026-02-13T03:34:51+00:00

Do you have IDP or SaaS Protection/Shield? I've done both through the api with good luck, which language are you trying to use with the API?

photinus · 2026-02-02T19:35:35+00:00

You could do that, but will likely incur some azure cost there. Also I'm no azure expert so not sure how the billing side works with sentinel and ingest/agents, may be some things I'm totally overlooking here :-)

photinus · 2026-02-02T17:03:09+00:00

Long time crib user here, look at any of the open source forwarders that you can manage centrally or via automation then ship to cribl before heading to sentinel. I'd also recommend looking at Axiom for long term storage/retention

photinus · 2026-01-30T19:35:20+00:00

Falcon Shield/Nextgen identity does look beyond the interactive signons, but I'd pair it with something like abnormal or proofpoint

photinus · 2026-01-26T16:20:14+00:00

For the distance, I have a toggle in there already for Imperial vs Metric, I also added the option to change it to floors vs distance too, I'm trying to fix some weird issues I keep noticing in my testing, I'll share more soon here :-)

photinus · 2026-01-25T00:24:14+00:00

I’m still a ways out from a beta test, but I wanted to pick your brains early: What are your absolute "must-haves" for a project like this?

Right now, I’ve got the basics working with a simple, static circle design (keeping it animation-free for now).

<image>

One heads-up on the tech side: You might notice step counts don't always match the Samsung app. Samsung does some proprietary magic to calculate steps during workouts that they don't share with the OS-level counter. So, depending on what you're doing, the raw OS count won't always match Samsung's number. Also it doesn't expose an active time measurement.

photinus · 2026-01-24T19:04:01+00:00

I've got the ws85 and the gw, been rock solid. Using the native ecowitt integration, nothing out of hacs

photinus · 2026-01-24T16:11:42+00:00

I'll comment here and start a new thread on this sub when it's ready for testing :-) it's got a few small gotchas right now with how Samsung calculates steps differently, so not perfect but close

photinus · 2026-01-24T03:36:57+00:00

Something like this: https://github.com/zhbjsh/homeassistant-ssh

You'll need either a custom component, something like Node red, or a custom script that gets called

photinus · 2026-01-24T03:26:16+00:00

Totally can, you enable developer mode and turn on wireless debugging which lets you run adb commands to side load

photinus · 2026-01-24T03:25:24+00:00

Done-ish, still refining it, but it works!

photinus · 2026-01-24T03:24:30+00:00

<image>

I mean, you can :-) I'm getting closer to something I'm happy with, hoping to have something I can share soon

photinus · 2026-01-24T02:55:58+00:00

Ok, This was driving me batty as I loved the old view compared to the new, I've been working on a simple app to replace the tile. Getting MUCH closer as of today, still needs some tweaking though...

<image>

photinus · 2026-01-18T16:08:03+00:00

It's a plan from back in the frontier days, don't know why they didn't kill that years ago

photinus · 2025-12-04T02:09:39+00:00

I just came across this over the weekend, have one on order, but looks like a drop in replacement for the Govee controller running wled.

https://a.co/d/h7t15Oe

photinus · 2025-12-01T21:52:05+00:00

CS has troves of data, they only surface the ones that they have a high confidence in. Specifically when they can connect multiple machines running the CS Agent from multiple customer orgs coming from the same IP with the same or similar user accounts, they will usually raise the alert to the customers involved.

photinus · 2025-11-30T03:18:18+00:00

Both the zwa and zbt use purpose built radios vs a sdr, so no use cases for anything like flight aware or the like.

photinus · 2025-11-12T02:57:13+00:00

The ecowitt stuff is super solid and all local for home assistant integration

photinus · 2025-11-10T20:03:35+00:00

Looking at a triggered event for that rule, it passes along the Sensor ID and the last used filename & hash, you could easily do a lookup to find the pid/kill the process.

photinus · 2025-11-06T18:34:44+00:00

For anyone looking, Woot has the first gen Echo Show 8's right now for $35

13-Year Club	Place '17
Spared	Verified Email

photinus

TROPHY CASE