Can we just take a moment to remember that one company I worked for backed up their stuff on tapes religiously- all tapes sent to a warehouse nightly. Years later someone tested a tape... turns out nothing had been written... ever.
We had a (paid) warehouse full of empty tapes
| ̄ ̄ ̄ ̄ ̄ ̄|
| backup + |
| encrypt all |
| the things |
|______|
(\__/) ||
(•ㅅ•) ||
/ づ
| ̄ ̄ ̄ ̄ ̄ ̄|
| also test all |
| ur backups |
| so u don't |
| lose all ur |
| things |
|______|
(\__/) ||
(•ㅅ•) ||
/ づ
I don’t know why but people on slack, teams, etc at work who ping you with just a “hello” message and wait (or worse say nothing when you reply) need to get in the bin.
What is your problem?
How can I help you?
What do you need?
Just seen a talk given by someone who's well known in the industry. It gives bad, dangerous, and plain wrong advice. Calling them out though will get me yeeted into the sun for daring to disagree, but allowing that "advice" to spread is *super* dangerous.
How do we solve this?
Wife got into cyber last year. Means I get to outsource all the home server / networking jobs to her as “teachable moments”.
I’m drinking a beer watching a server being built and it’s BLISS.
So according to some trolls/incels the only way to get ahead in infosec is to “get your titties out”. Welp, this must mean I’m CEO of Microsoft now, right?
Hey you. Yes you. You're not an impostor. You belong. You're awesome. Keep doing awesome stuff, even when it feels like you're not quite as awesome. You are.
@sehurlburt
@SwiftOnSecurity
@richgel999
Adding in my horror story:
“Why do you lock your laptop when you leave your desk? Even to make a coffee or something mundane? I’d recommend you stop that... it looks suspicious”
Until 2019 I was the National Protect Lead with
@UKCSCV
. I left after finding out about practices that I personally, and professionally, wasn’t happy about.
This was easily the hardest thing I’ve ever written but the easiest choice to make
#whistleblowing
Vendors: don’t behave like this guy. 11 hours between first message and a “well clearly you’re not an expert” backhanded insult is not a good way to sell your product.
Guys, can we stop trying to come up with new terms for phishing/social engineering? Pharming, Twishing, Vishing, Smishing, Fashing... all it does is distract from the end goal of protecting the consumer and not confusing them. I call this "mishing"...
@RayRedacted
@hacks4pancakes
^ this. Apple have a different (proprietary, go figure) standard to regular mic/audio jacks. For the most part the audio will work, but the mic portion won’t.
Also, interestingly, some apple tech will ignore anything but it’s own standard when plugged in...
Bit disappointed with
@CybSafe
at
@IntCyberExpo
- went to their stand to grab some swag and maybe have a chat. Left feeling disappointed.
Swag isn’t for “other people” or only people with fancy job titles. Don’t judge people on how they look. Ever.
Leaving your computer unlocked is the IT equivalent of leaving your car running, with the keys in it, door open, on a busy street.
Leaving it? Lock it.
Windows key + L (windows)
Ctrl + Cmd + Q (Mac)
Douchebags like this have zero place in our industry. Zero. Don’t even defend them “oh they’re getting better!”, they’re angry little incels who get joy out of tormenting anyone that’s not a White dude in infosec.
Go forth my brethren and yeet this prick into the sun.
I’m curious to know why my partner got a different letter to me from
@willie_rennie
. Same address, totally different content.
Theirs? Anti Brexit (which is good)
Mine? Anti SNP 🤔 (which is confusing. Electing MEPs can’t stop a motion for Indyref).
Woke up, checked calendar, saw “interview @ bbc / be the discount
@JakeMooreUK
you always had to be”, fired up to the studio to find out… interview is on Thursday. Not Tuesday.
I’m 2 days early. But hey, at least I look pretty*. Send more coffee please.
*citation needed
@jessysaurusrex
10 years of daily backups and paying storage space, secure transportation, and the initial time spent configuring the “backups” wild.
Lucky it was spotted when it was and not after a catastrophe!
6hrs ago we left
@BSidesLeeds
to get back to Scotland. Massive thanks to all the speakers, crew, organisers, sponsors, and attendees. You all rock.
Except the three pictured in the car who constantly asked “are we there yet” and “y tho”
@MisutaaUrufu
@jessysaurusrex
Recovery test would take time away from employees dealing with other problems... it snowballed until all the employees were replaced and everyone assumed it worked fine. Assumption.
If you're running an event/conference/etc - don't share a big photo of the big bar tab as a way to say "hey we did it".
Share a few pictures of the day, congratulate speakers, and show why your event is special. Spending someone else's money to have a long receipt isn't special.
Pretty disappointed to see a sponsor (who was also keynoting) at a conference just pack up and leave after they’d done their bit.
I’ve spoken about this before being super arrogant but it still bugs me. Especially since people wanted to speak to them at lunch time.
Back. Not going to kick of 2021 with negativity but let's all try and be a bit kinder to one another, remember the human, and try to strive for positivity over pitchforks.
Honeymoon? completed it mate.
Rome (& Vatican) —> Naples —> Taormina —> Cefalú —> Palermo.
Drove over 600km, ate hunners of pizza, drank loads of wine, popped loads of champagne, and visited the pope.
Ft
@ach_fooey
(obviously). 🤘🔥❤️
Always said this. SSO should be free/part of your basic plan. Security should *not* be a feature, and a premium one at that.
Enterprise customers might be able to swallow that bill… but SMEs can’t.
Spent loads of money on a cat bed. These two new additions to the family prefer the
@exabeam
beach towel. 🔥.
Spyro (tabby), Tomba (ginger/idiot) - meet the internet.
Literally a week from now I get to marry my partner in crime, hug my best pal, and dance with the person who beats me at Galaga.
They're not 3 separate people. It's just one amazing person. And I get to do it surrounded by some of the best pals I've ever had. Cannae wait
#pints
Three weeks tomorrow I get to marry my best friend in the whole world. Tonight we’re out at a gig (of someone who may be appearing) having fun, chatting shit, listening to good tunes, and drinking all the pints.
Everyone keeps asking if I’m nervous. I’m not. I’m just excited.
Today, Meta has chosen to rollout end-to-end-encryption on Facebook Messenger, which means they will no longer be able to keep children safe on their platform.
Today, our role in protecting children from sexual abuse just got harder.
Full statement here:
What a great day for me. Been asked to speak on the main stage of an international conference (details soon). Super excited and properly taken aback. This is awesome.
If anyone has positions available for SOC analysts and Security Engineers, hit me up - I have a bunch of awesome folks that need a good home/fresh start/chance.
I can vouch for each of them personally to be good humans, passionate and talented, that care.
This is why we have shadow IT in large organisations. There’s a divisive culture in these orgs between:
- help desk
- policy
- the users
Nobody cares to actually solve your problem and everyone gets annoyed and either just does the thing anyway or quits
Never thought this would explode as much as it did.
#infosechappyhour
keeps me sane during lockdown. Major props to
@SeanWrightSec
for setting it up and
@AppSecBloke
for trying to herd a bunch of (drunk) cats every Friday. We’ve all made new friends for life. Actually, family* ❤️
FWIW It doesn't matter *who* it is or specifically *what* it's about. This is more a conversation about what to do about misinformation spreading within the tech community (that often fights against it).
My
@Steel_Con
talk is live here if anyone wants to go and nosey. It’s about dumb shit criminals have done. Thanks again for those of you who came to my talk ❤️
Took my parents and
@ach_fooey
to Amsterdam for a few days. Best 7.99 (per person) I ever spent was picking the plane seats.
£31.96 it cost me to prove to my wife (and parents) that I’m indeed an asshole.
I might be an asshole, but I’m an asshole with 3 seats.
I asked this yesterday but got no reply so pitching it to everyone-
Yes QR code phishing is a valid risk, but does anyone have any actual stats on how widely this is used by attackers? Looking for facts, not speculation.
@maldr0id
I… well… never really considered grep as a tool. Even though I use it a fuckload. Guess that’s the mark of a great tool. It does thing well, simply, and without issue. So much so you forget it’s a tool.
I'm quite annoyed that someone can make a false statement about me, not back it up with proof, people get the wrong idea, then to top it off block me so I have no recourse, and the original poster can happily sit playing video games meanwhile I'm getting a crap load of hate.
@ClothoMoirai
@MisutaaUrufu
@jessysaurusrex
"Everything fails, and everything is hackable - plan for disaster recovery instead of disaster mitigation." became my motto after a year or so of hearing similar stories.
Despite fighting with StreamLabs earlier (props to
@DatedRhyme
for the help!) it looks like I'm not getting out of this. I'll be giving some basic OSINT tips this Thursday at 8:00pm BST over at .
Come join if you're around!
@MalwareTechBlog
Try going into the flat 1 floor above you that’s THE EXACT SAME layout, carpets, internal doors and your neighbour leaves their flat door unlocked…
Crawling into bed was fun….
Only took 18 months but nice to see Twitter finally dealing with trolls and bullies spreading slander and hate.
I reported this tweet (and others) in Dec 2020/Jan 2021. 18 months isn’t good enough for a result, but it’s welcome.
Call yesterday from a radio station (not the usual one) asking if I was free for an interview at 11am. Asked what the topic was. “Impact of the corona virus and the WHO statements”...
Turns out they searched “virus” in their db of commentators, and got a bit too excited.
To the scrote that vandalised the bus stop near the pub I’m in with *horrendous* graffiti (swastikas et al):
You don’t speak for me.
You don’t speak for my country.
You are the only person not welcome here.
You are the outcast.
You have a smol pee pee.
Can someone seriously justify to me why 20 people can go to a place of worship but I can't have more than 5 people (including myself) at my own fucking wedding?