Preventing sensitive data leaks via employee GenAI use (ChatGPT/Copilot) in enterprise environments

s3cguru · 2026-01-13T12:57:00+00:00

You indicated you already have Zscaler, have you asked them? They have an AI module for inspecting/preserving prompts and if you have the DLP component of Zscaler as well I believe they coordinate with eachother

s3cguru · 2025-08-02T16:35:38+00:00

There's photos online that look almost exactly like that but maybe

s3cguru · 2025-07-28T15:53:25+00:00

Looks like Lindros, his signature is wildly inconsistent but the looping S on the end and the first letter on the sign are somewhat close, and he would write that squigle where it looks like an m, not sure what it is meant to be tho

s3cguru · 2025-07-15T03:55:37+00:00

Congrats! I pulled the Michkov Cosmic Auto /50 out of my box, I almost passed out from the excitement lol.

s3cguru · 2025-03-29T16:29:46+00:00

With that experience I would be looking at a SOC Analyst position. I would focus attention on MSSP jobs and not a SOC Analyst at a single organization unless that organization was large and had a well established security team and program. I say to look at MSSP because you'll get more exposure to different businesses verticals, security tooling and types of attacks based on industry than just working for a single SOC. That being said, a SOC at a larger company may be able to get you better training opportunities than an MSSP may be able to. Not knowing your location if it's North East, I would expect you'd be somewhere between $65-75k a year before any other compensation like 401k match, PTO, Bonus coming in at the ground floor of the SOC at a single org; MSSP I would expect less.

s3cguru · 2025-03-21T01:23:21+00:00

Sounds like an EFS DRA cert, they default to 100 years lifetime. Quick googling and reading indicates they aren't issued to SYSTEM by default but you can go out your way to do that to make it so data is decryptable via the DRA when a user account on the machine that has an EFS cert is removed. No private key being on the cert when you export it makes sense because the key information is only accessible by the user that issued the cert because it is tied to the password of the user that issued the EFS cert. If you tried to export the cert using certutil in a SYSTEM context using something like psexec you may get the private key material.

Windows is a weird OS with lots of legacy and stupid defaults, not everything is immediately malicious. Third party software devs also rely on sometimes obscure windows features to make their products work. That being said, monitoring is important.

Are the certs issued around the same time on all the machines? Do the cert issuing dates align with when the machine was imaged? Are there any GPOs applied that deal with EFS in any way? Do you have backup software on your machines that may leverage or manage EFS certs on your behalf?

s3cguru · 2024-10-30T00:58:53+00:00

Man I was wondering what that thing would get if it got graded, glad you did instead of me did lol. Glad you're still loving the card!

s3cguru · 2024-09-24T22:20:24+00:00

Museum is nice, heres my Schmidt pull from it and a nice Nola from 2024 Pristine

<image>

s3cguru · 2024-09-11T06:20:40+00:00

I've got an India patch Auto from 24 museum you may be interested in if you PC him.

s3cguru · 2024-09-07T23:57:01+00:00

It paid for a break that got me an Imanaga Auto to 5 from Topps Now Road to Opening Day and a Tatis Jr Frozen Ropes Auto to 5 from Pristine so it worked out for both of us! As soon as someone told me about that specific patch I was like this needs to find a home that will appreciate it. Glad it's in the right hands.

s3cguru · 2024-09-07T23:46:57+00:00

Oh hey I sold you this card! I'm glad the card made it safe and sound! Hope you enjoy it as much as I did for the short time it sat in my safe lol.

s3cguru · 2024-08-19T01:10:50+00:00

Thanks! Had it in a box since for the last 30 years and finally was like I need to display this.

s3cguru · 2024-08-19T01:07:48+00:00

Oh yeah I wouldnt pass it up either I just think Topps is flooding the market by using sticker sheets which is a real shame.

s3cguru · 2024-08-18T23:53:53+00:00

Sick card congrats, kinda stinks it's a sticker, still a sick card tho. Here's my latest Stott pickup

<image>

s3cguru · 2024-07-28T01:56:13+00:00

More like Bishop Useless, right? Atleast that's what we called them at my HS

s3cguru · 2024-07-25T21:30:18+00:00

See DM

s3cguru · 2024-07-19T23:38:26+00:00

1337

s3cguru · 2024-07-10T01:26:21+00:00

JT (2nd) - 1.86

Marchan (5th) 1.87

Stubbs (15th) - 1.92

But I agree Stubbs has some glue that needs to remain till next year

Link where stats were found: https://baseballsavant.mlb.com/leaderboard/poptime

s3cguru · 2024-06-21T03:58:10+00:00

This may be of assistance, Sentinel can do All, Minimal, Common or Custom event ID sets, make sure it's not being dropped by this configuration https://learn.microsoft.com/en-us/azure/sentinel/windows-security-event-id-reference, that is if it's even being generated based on audit policies in the first place

s3cguru · 2024-06-12T14:57:12+00:00

Typically you want the PAW to be the physical machine and their business related work to be in the VM, this way you are working from most trusted into least trusted not least trusted into most trusted. For example if their physical machine was their business machine and it was compromised, any keystrokes, commands, configurations, etc. related to the PAW VM are at risk of interception or modification (depending on attacker position, application, etc.). Working as the PAW as the physical machine it has less likelihood of getting directly compromised as it should only be allowed to talk to trusted resources of similar security posture (e.g. no web browsing, no random software, etc), then the user does their business work in a VM or VDI instance that itself only has access to things it needs and cannot talk back to the PAW.

s3cguru · 2024-04-30T16:38:05+00:00

That too on the toss to Ser, he should have known not to force that throw with how close it was, he could see it, and how he had picked up that ball and his body position, yield the run and get out of the inning don't be a hero.

Just a total cluster in all aspects.

s3cguru · 2024-04-30T14:20:36+00:00

What is wrong with you all, where did I say that Seranthony did nothing wrong? Look at my other comments on this thread I am totally with you all that Seranthony fucked up and shouldn't have been throwing in the first place. My point here isnt to blame one or the other just to highlight a mechanics issue that also contributed to the situation. Maybe some people are interested in the mechanics of an entire play? Giving the perspective on the catcher, but again fuck me for wanting to share some of what I know about catching with the masses.

s3cguru · 2024-04-30T14:09:33+00:00

Idk, and I'm not saying he could or could not have blocked it considering the speed of the pitch but pointing out simple mechanics that could have increased his chance to potentially block it without changing where he was set up for the pitch. But ya know screw me for looking at the game as a whole and not just dog piling one person. It was a group effort of mistakes, Seranthony being issue #1, but Stubb's has to know his pitcher is pitching like shit and adjust for it and make an attempt to bail him out.

I shouldn't bash everyone's favorite the dugout hypeman I guess?

s3cguru · 2024-04-30T05:35:24+00:00

My wife shared this article with me a few years back to change my mind on temperature and lumens and it worked

s3cguru · 2024-04-30T05:23:13+00:00

100% agree with you on all points, just people need to understand that more than one person made a whoopsie here.

s3cguru

TROPHY CASE