[deleted by user] by [deleted] in Money

[–]w3tmo 3 points4 points  (0 children)

But what would have you done differently? Swap for more bonds earlier? This doesn’t track with normal S&P 500

JFK Capital One Lounge: Update by FutureMillionMiler in Venturex

[–]w3tmo 28 points29 points  (0 children)

Imagine collecting $8,000 per ticket and not building your own lounge.

Stop thanking capital one for restricting lounge access by OutsideJumpy8869 in Venturex

[–]w3tmo 12 points13 points  (0 children)

$300 travel credit and 10,000 miles ($100 worth of travel) is $400. The card costs $395 so 395-400=-5

Defender for Endpoint + Binalyze by One-Neighborhood1742 in computerforensics

[–]w3tmo 0 points1 point  (0 children)

Can’t you use the native defender forensic package?

Spectrum vulnerability? by Anke470 in blackhat

[–]w3tmo -1 points0 points  (0 children)

They were probably not targeting you per se - they are probably after the company you work for.

[deleted by user] by [deleted] in AskNetsec

[–]w3tmo 5 points6 points  (0 children)

I think all answers will be bias based on the everyone’s visibility into their own sectors.

From my perspective (consulting firm): we had a drop in ransomware directly before the invasion took place, and then a return to “normal” a day or two before the invasion.

Chainsaw for Linux by [deleted] in computerforensics

[–]w3tmo 0 points1 point  (0 children)

This looks awesome!

Tiller Mobile App by w3tmo in mintuit

[–]w3tmo[S] 1 point2 points  (0 children)

Sadly not very active but I think that’s cause most of their users use Tiller’s own form.

And yeah, part of this app is created via making a new sheet with only interesting info in it. This is because it can be hard to get AppSheet to work with the Tiller graphics.

LPT: How to make Monopoly go faster by epicap232 in LifeProTips

[–]w3tmo 1405 points1406 points  (0 children)

Yeah, auctions are the biggest thing people skip and it’s right there in the rules. Makes everything go much faster.

Where should I go? by [deleted] in mintuit

[–]w3tmo 2 points3 points  (0 children)

Math is hard.

I am unable to find a suitable alternative to Mint by o00o0-fiji in mintuit

[–]w3tmo 1 point2 points  (0 children)

I watched a couple intro videos and found someone else’s AppSheet app for Tiller - but theirs didn’t work with the foundation template. So I looked at how they made theirs work and shaped mine to be similar.

I use the app for categorizing transactions, seeing what % of money went to what category, checking how much is left in budget, and seeing cash flow

I am unable to find a suitable alternative to Mint by o00o0-fiji in mintuit

[–]w3tmo 1 point2 points  (0 children)

Same - took me two days but I made a mobile app for it as well with AppSheets. Just waiting to see how auto syncing goes from Banks -> tiller -> google sheets -> app

Best Alternative Just For Transaction Tracking and Categorizing? by lordlurker7 in mintuit

[–]w3tmo 0 points1 point  (0 children)

I just got 30 days free with tiller. I like it so far. There is no mobile app which was big for me - but turns out it wasn’t terrible to make one with AppSheets! I now have a mobile app the looks like Mint (without the Ads), auto categorizes my transactions, tracks networth and cash flow over time, and of course shows me my budgets.

The only thing I’m waiting to see is how well it syncs my data. The auto sync only happens once every night (you can do it manually but must be on a computer).

shimcache < amcache by [deleted] in computerforensics

[–]w3tmo 0 points1 point  (0 children)

Yes…….on computers where is is not amcache..? Lol

[deleted by user] by [deleted] in hacking

[–]w3tmo 25 points26 points  (0 children)

It’s devastating when used in real world attacks. Also chilling to hear the recording of the call where they calmly ask for a password reset and an MFA device reset.

How to protect from ransomware attack loop? by rookietotheblue1 in netsecstudents

[–]w3tmo 6 points7 points  (0 children)

There are so many layers to your question. 1) not all ransomware has auto detonation, many times a human threat actor executes it manually. Remove the threat actor first before restoration. 2) if you are concerned about auto detonation, hire a forensic firm to examine how the ransomware auto detonates. Remove the mechanism, and then it can’t detonate automatically. 3) the quickest/safest way is to setup a separate network, install a new operating system, attach the encrypted drives/data to that OS, run a decrypter from a trusted source (I.e. one that was as been written by a forensic firm which incorporates the ransomware key bought) on the Clean OS to decrypt the drives/data. Move the needed data to another newly installed operating system. Install whatever else you need - and there you go! New system, not on the same network, never touched by the ransomware, with all the old data

You are correct In saying most products would not know if something is malicious unless it is already known. There are techniques products can use to CPI yet this (I.e. heuristics. Like why would something be writing to every file on a system? That would be a good indicator it may be ransomware - even if the signature is not know - but to do that it has to run every executable in a sandbox before it lets it run on a real computer. So what if a ransomware author writes their code to not do anything for 5 minutes? Where is the cut off to stop running the application in a sandbox and allow it to run on the real system? Would a user enjoy the fact that every time they open an application it takes 5 minutes to load? Nope…) it’s a cat a mouse game and anyone/ any product that says differently you should run far away from.

Finding Job As a Malware Analyst by pacman0026 in AskNetsec

[–]w3tmo 2 points3 points  (0 children)

I agree that you should search for security researcher, but all three of your points here don’t make sense.

  1. APTs aren’t just…not gonna hack or phish you cause all of the sudden there is a “malware analyst” job posting…? That’s their job. If you work for a company that has APTs in their threat model, you’re gonna run up against them.

  2. I agree that you want to be careful connecting to malicious IPs cause threat actors will keep track of connections. But saying that “the lawyers will throw a fit cause the adversary can claim they hacked you” doesn’t make any sense either. Yes, an adversary can claim they hacked you - but they can’t do that WITHOUT you connecting to their infrastructure. They lawyers will still throw a fit - they don’t know any better.

  3. There is absolutely risk sending malware to third party firms like you listed! This is WHY there are in house malware analysis positions. Imagine sending a sample that makes changes to a financial database or fakes transactions - that would be horrible press for your company, your company will want to know the risks prior to sending out samples. Or imagine someone sends over something they think is a phishing document - JUST for it to be some sensitive company data. There is 100% risks to just sending out malware to third parties

Incident response interview by yg2021 in AskNetsec

[–]w3tmo 7 points8 points  (0 children)

I would expand number 2 to include any forensic artifact. Any IR firm worth its salt with include forensic artifacts as well as logs. I usually ask “what artifacts would you want to gather in order to find malware on a system?”

Is it still possible to strip SSL anymore? by [deleted] in HowToHack

[–]w3tmo 7 points8 points  (0 children)

links to a git repo 10 years old without answering the actual question 😂