One day, editors will catch their mistakes before posting. Or I'll RTFM and see if the mistake is in the source. But that day is not today. Well done, editors!
Since powershell can run in executionpolicy bypass, don't call that a security mechanism. Unless you can have the admin block any powershell that attempts to run a command or run in bypass. I guess its pretty good though, should stop some of the powershell stuff...
Doesn't solve powershell because you can get exploited without any files being created. And of course, since powershell can run in executionpolicy bypass, don't call that a security mechanism either.
I am working to get Fiber rolled out city wide. According to what i've read and heard, City Council cannot enact a Tax or Fee on all residents in the city unless it is to benefit all residents of the city. What tangible benefit can I combat this law with? Or, what else could be done to get a "special tax" rolled out city wide to get us cookin? Many on the city council want to do it, but I'm not sure where to go from here.
What about dns that uses a web of trust? For both DNS and ssl validation actually. All you need is a way to seed your cert / dns info and let it get picked up by a few parties. I'm just throwing stuff out here, but is there any way that that could be useful to us in avoiding problems like we have from malicious CA's? I'm looking at you symantec, china, etc.
I only care about doing games at work, so I sent out an email Friday morning letting everyone know that Friday was our observed April Fool's day.
I made wifi access points flash their LED's in some parts of the building. People who discovered which ones were flashing got a prize*
I put a scrambled word on everyone's desktops and told them to unscramble it and describe how it related to our company (we are in finance, so they were finance related words) to get a prize*
I used some fish line and ran it through the dropped ceiling. One end attached to a random object on a co-workers desk. The other end down in my cude so that I can easily and discreetly pull up his desk toy to the ceiling. I prefer to get someone with this prank while they are on the phone, but never caught him talking on the phone Friday. Next time...:)
Where I am, IT manager is not king. If I see something out of place, I can go directly to the CEO. I create the audits and then the CIO will audit it. We do this quarterly. We compare all users to a list of current employees from HR to verify that we don't have any "accidental" users not disabled / deleted.
Perhaps we are unique that we actually do try to take security seriously.
Didn't they already try that and you have to "Unblock" downloaded files before you can run them? Even wrote a command to save you time cause you hate having them blocked (Unblock-File).
My question is whether a malicious PNG opening on debian can cause the system to let it load a bash shell that downloads an exploit from a random IP to get in and deliver the payload. If not, then its better than powershell from that standpoint.
Which is pretty crazy since in windows, you just have to look for the admin SID (easy to do) and then you have its name. I guess renaming the admin account is better than nothing, but it is almost literally nothing...
This is good advice... but totally wrong for this topic.
The ransomware is running by being embedded in the actual picture file. It will usually have a downloaded embedded so that AV stuff doesn't actually flag the image for ransomware. so.... if your browser randomly downloads a picture file that you didn't opt to receive, you should probably stop browsing on Facebook and go double check your backups.
Wife's work had Anyconnect VPN stop working and turns out they just needed to update the profile on the anyconnect server gateway to allow in an extra port or two. Now they are at least at able to access file shares on WinX. Too bad it took their IT like 2 weeks to finally figure it out.
Slashdot Mirror
What about the year?
One day, editors will catch their mistakes before posting. Or I'll RTFM and see if the mistake is in the source. But that day is not today. Well done, editors!
Would it be feasible/desirable in any situation to store and pump water up somewhere and let that run a generator during the night?
Since powershell can run in executionpolicy bypass, don't call that a security mechanism. Unless you can have the admin block any powershell that attempts to run a command or run in bypass. I guess its pretty good though, should stop some of the powershell stuff...
Doesn't solve powershell because you can get exploited without any files being created. And of course, since powershell can run in executionpolicy bypass, don't call that a security mechanism either.
hmmmmmmm
well, i'm not yet in that 28-34 bracket, but I do recall when MIB came out and the music video thereafter. Close enough to the Willenium?
I'll bite.
I am working to get Fiber rolled out city wide. According to what i've read and heard, City Council cannot enact a Tax or Fee on all residents in the city unless it is to benefit all residents of the city. What tangible benefit can I combat this law with? Or, what else could be done to get a "special tax" rolled out city wide to get us cookin? Many on the city council want to do it, but I'm not sure where to go from here.
I absolutely agree with you, but I'm stuck....
Ugh, I was too lazy to login, but I guess I should or something.
What about dns that uses a web of trust? For both DNS and ssl validation actually. All you need is a way to seed your cert / dns info and let it get picked up by a few parties. I'm just throwing stuff out here, but is there any way that that could be useful to us in avoiding problems like we have from malicious CA's? I'm looking at you symantec, china, etc.
I only care about doing games at work, so I sent out an email Friday morning letting everyone know that Friday was our observed April Fool's day.
I made wifi access points flash their LED's in some parts of the building. People who discovered which ones were flashing got a prize*
I put a scrambled word on everyone's desktops and told them to unscramble it and describe how it related to our company (we are in finance, so they were finance related words) to get a prize*
I used some fish line and ran it through the dropped ceiling. One end attached to a random object on a co-workers desk. The other end down in my cude so that I can easily and discreetly pull up his desk toy to the ceiling. I prefer to get someone with this prank while they are on the phone, but never caught him talking on the phone Friday. Next time... :)
Where I am, IT manager is not king. If I see something out of place, I can go directly to the CEO. I create the audits and then the CIO will audit it. We do this quarterly. We compare all users to a list of current employees from HR to verify that we don't have any "accidental" users not disabled / deleted.
Perhaps we are unique that we actually do try to take security seriously.
This is what regular ad account audits are for. If you don't trust, then reset service accounts password after you remove his admin access.
Actually, it will suck less than it does now...
Oh that I had my points today...
This comment is my thoughts exactly.
Disagree. Utopia 250Mbps symmetical is $35 (though, I often get much closer to 300). I'd rather have the $5!
What if the DHS hacks your Hypervisor? Maybe people will pay a premium to have a more protected VM IaaS setup.
Didn't they already try that and you have to "Unblock" downloaded files before you can run them? Even wrote a command to save you time cause you hate having them blocked (Unblock-File).
My question is whether a malicious PNG opening on debian can cause the system to let it load a bash shell that downloads an exploit from a random IP to get in and deliver the payload. If not, then its better than powershell from that standpoint.
Which is pretty crazy since in windows, you just have to look for the admin SID (easy to do) and then you have its name. I guess renaming the admin account is better than nothing, but it is almost literally nothing...
mmmm, summaries are too hard... Thanks
This is good advice... but totally wrong for this topic.
The ransomware is running by being embedded in the actual picture file. It will usually have a downloaded embedded so that AV stuff doesn't actually flag the image for ransomware. so.... if your browser randomly downloads a picture file that you didn't opt to receive, you should probably stop browsing on Facebook and go double check your backups.
what if people have been playing it for a year but it is still in Beta because the dev wants it to be REALLY good once released?
Example? Factorio. It's a really fun game! Still pre-release though.
Wife's work had Anyconnect VPN stop working and turns out they just needed to update the profile on the anyconnect server gateway to allow in an extra port or two. Now they are at least at able to access file shares on WinX. Too bad it took their IT like 2 weeks to finally figure it out.
Based upon this post alone I am scared of those phones: http://forum.xda-developers.co...
But I really don't have enough knowledge to know.
Yes, but the real question is whether or not I should hold out for story 3141592 or 3141593...