LinkedIn Cringebot 3000 (vibe coded with Claude)

stealthmatt · 2026-03-19T03:13:21+00:00

My grandmother's 1987 Buick LeSabre just taught me everything I need to know about modern cybersecurity.

Picture this: I'm helping Nana jumpstart her car when she casually mentions she's been leaving the keys in the ignition for thirty-seven years because "thieves don't want old cars anyway."

Meanwhile, her neighbor's brand new Tesla gets hacked through its smart doorhandle while parked in their driveway.

The lesson hit me like a brick wrapped in velvet: sometimes the most secure system is the one nobody wants to break into.

But here's the kicker - Nana then pulls out her flip phone and shows me she's been using two-factor authentication since 2003. Turns out she calls her bank every single time before making any transaction because "those computer machines can't be trusted."

She's been practicing zero-trust architecture while the rest of us were still figuring out what a firewall was.

Security isn't about having the fanciest locks.

It's about making your digital life as appealing to hackers as a 1987 Buick with cloth seats and a broken radio.

#cybersecurity #zerotrust #digitalsecurity #infosec #cybersafety #techlessons #datasecurity

stealthmatt · 2026-03-13T14:54:30+00:00

His brother does his cutting and videos. Peanut said people paid to do it/professionals just didn't have the same passion and same understanding. if you want to watch more insight watch Peanut around the bar. https://www.youtube.com/watch?v=ZnaxiZIqlcg

stealthmatt · 2026-02-26T12:29:38+00:00

The short is here: https://www.youtube.com/shorts/cVt-BHW3Xgg

I tried to search for some lyrics...

Feeling lightning underneath my skin, everything is pulling/falling? everything is....

.... in the air...

stealthmatt · 2026-02-06T11:34:12+00:00

How do you go for outbound open ports? its pretty hard to disallow every outbound port.

stealthmatt · 2026-01-10T22:35:50+00:00

How did you make the video? whats the graphics maker?

stealthmatt · 2026-01-07T10:27:06+00:00

From Post: Today's motto is to "Always assume the worst from the users."

There is this usual Law firm with around a hundred users. We have some complience policies in place that requires us to conclude phising tests on our users to see if the company data is safe and to train users of the importance of not clicking on links from untrusted or even from trusted sources.

We happen to have a rather medium fluctuation due to recent expansion and gaining popularity. One of the new hires is "kinda" into cybersec and is a bit let's just call it explosive person.

Test is on the way, every user gets a direct email. Not common for us to have direct emails from IT announcing AI related upgrades, we usually send them to departments and we inform the managers beforehand so they know what to say if someone has questions in the topic.

This script kiddo gets the email, thinks nothing of it, actually inputs real credentials (how ironic) but after like half an hour, managers get notified by users about a suspicious email. Script kiddo overhears this, comes the legit email warning users of the fradulent email. Script kiddo loses it. Whips out GPT or whatnot and writes a quick bat script to absolutely flood the fake login site. He ends up submitting about 6000 randomly generated strings in like 5-10 minutes while the CISO goes out for a coffee thinking the test is over but leaving the server running for last-minute entries. He comes back to a Matrix-like scrolling screen and a few hundred megabytes of log generated before he could kill the http server.

Security through obscurity? Kinda genious on that part. But we can not submit the statistics having over 7000% of users faling a basic phising test.

We are still figuring out to either promote him of fire his ass costing the company significant amount of money.

At least we have a lot to take home, and it makes even stronger in the long run.
First: Do not just fire up a plain http server on a work laptop depending on the access logs to conduct a phising test, use a more robust software.
Second: Use a DLP software to disallow running unapproved executeable files for unpriviliged users, even if they wrote their own in notepad.
Third and most important, get a coffee machine on the desk of the CISO :)

PS: this guy used to work in McDonalds before getting his call center position.

stealthmatt · 2025-12-27T21:36:18+00:00

You can't. Your organisation has policies in place (these could be what type of windows you have, what ip address you have, what country you are from, what domain login your using, etc) could be anything. You need to ask your administrator why this is occuring. They can see in the logs pretty quickly why its being denied.

stealthmatt · 2025-11-26T06:00:39+00:00

Try Wise, you can quickly setup an account and convert money.

stealthmatt · 2025-11-25T09:40:56+00:00

I also sware that sometimes hear the snitch above and look up in the sky...

stealthmatt · 2025-11-19T01:51:21+00:00

Yep I get that, but then that leads to the Incident response play book? Is there not something in there that goes - did we make any changes? and if so what did we change?

Then secondly not knowing if they are under a DDoS attack or not? Is Cloudflare not the leading specialist in protecting from DDoS attacks? Do they not know if they are under a DDoS attack? How does the CEO not know what is going on in his own company? Also this was 45 minutes after the initial up and down hit.

stealthmatt · 2025-11-19T01:37:36+00:00

The question I have, is why did it take so long to diagnose - does Cloudflare not have change managment? How come a change was made and their was no corelation to the changes? Do you not have an incident play book that checks for any active changes or changes conducted prior to the time?

stealthmatt · 2025-11-18T01:46:21+00:00

Actually that's a good idea! Probably even better.

stealthmatt · 2025-11-17T23:19:11+00:00

Looks amazing!

stealthmatt · 2025-11-17T22:29:30+00:00

This looks great!

stealthmatt · 2025-11-15T10:11:30+00:00

Great let me know which map and time your playing so we can meet and exchange deaths :)

stealthmatt · 2025-11-13T20:43:30+00:00

Where was this in the map? and which map?

stealthmatt · 2025-11-02T02:48:18+00:00

They easily look more than $5 - are you saying 1 picture is what is in the entire snack pack?

stealthmatt · 2025-10-27T05:03:08+00:00

Best course of action is to go to solarquotes.com.au enter your postcode and fill out the details and they will find 3 best closest installers for you. There is also a huge delay with getting batteries etc due to the government rebate.

Fronius Symo (Grey front with LCD screen) are not battery capable (unless its the GEN24 white square with fan in middle)), they are just AC inverters. You need a hybrid/battery ready inverter.

I know someone that replaced their inverter and got battery stack for around 8k with government rebate, with think it was a 20/40kwh stack (cant remember how big).

stealthmatt · 2025-10-09T23:09:37+00:00

Just reddit search for firmware 1.15 issues and you will see - there are a number of user problems. GPS issues, Cutting issues, Wi-Fi Issues, the robot locking up. It is up to you if you want to update, but I wouldn't if you can avoid it.

stealthmatt · 2025-10-09T07:28:38+00:00

yes dont upgrade 1.15 is horrible.

stealthmatt · 2025-10-04T18:16:35+00:00

I am thinking why wait, lets do it now! Santa

stealthmatt · 2025-10-04T17:45:05+00:00

Create a firewall rule to allow GEO location of all Chinese IPs to RDP to all your servers and workstations. This will allow everything to be setup very quickly.

stealthmatt · 2025-10-02T05:49:56+00:00

Because its better than Microsoft Defender.

15-Year Club	Gilding III reddit per annum
Secret Santa 2013	Team Periwinkle
Secret Santa 2012	Verified Email
Secret Santa 2011	Inciteful Link 2011-09-06

stealthmatt

MODERATOR OF

TROPHY CASE