Posts by FlyingLawyer@infosec.exchange
(DIR) Post #836136 by FlyingLawyer@infosec.exchange
2018-10-29T03:04:55Z
0 likes, 1 repeats
Probably a long shot, but if anybody is a Little (TK show) and in D.C. on Tuesday let me know. Thinking about Chatter for breakfast. #LaCheeserie
(DIR) Post #1102341 by FlyingLawyer@infosec.exchange
2018-11-10T16:04:00Z
0 likes, 2 repeats
I'm doing a lot more #databreach work. One specific issue I'm regularly encountering is whether a particular ransomware agent is likely to have exfiltrated data prior to encryption (or been part of a broader package that would have exfiltrated it using some other program). If you know of a good resource that would break down known traits like that for popular malware variants in a readable, usable way, I'm all ears. #infosec
(DIR) Post #1152005 by FlyingLawyer@infosec.exchange
2018-11-12T17:52:57Z
0 likes, 1 repeats
@profoundlynerdy Thanks for the response (you too @jerry). We typically pass that kind of analytical work along to a #DFIR team, and they figure it out. What I was originally after was something I could use earlier in the response chain to gauge the likelihood that the team would find that kind of thing. I suppose that would mean some kind of database that would show whether particular ransomware agents have been associated with exfiltration in the past (or not). That may not exist. #infosec
(DIR) Post #1581219 by FlyingLawyer@infosec.exchange
2018-11-28T23:14:09Z
0 likes, 0 repeats
Seriously? #infosec
(DIR) Post #2038228 by FlyingLawyer@infosec.exchange
2018-12-16T22:37:36Z
0 likes, 1 repeats
@jerry I'll give you a bold one. 2019 is the year the USA will get an omnibus federal privacy statute. It will inevitably include some #infosec-related provisions. It'll be fueled by the data companies that didn't get a chance to influence the CCPA. It will solve some problems (e.g. breach notification patchwork). It will create some new ones. It won't be anywhere near as bad as CCPA or GDPR.
(DIR) Post #2082599 by FlyingLawyer@infosec.exchange
2018-12-18T18:46:38Z
0 likes, 0 repeats
@jerry I doubt the last one. With you on the rest.
(DIR) Post #2086223 by FlyingLawyer@infosec.exchange
2018-12-18T21:44:13Z
0 likes, 0 repeats
@jerry That's possible, but I think legislators that shopped the idea around with their constituents would be surprised by the backlash. There are other important voices that I think would pretty strongly oppose it, like academia and tech companies (not in their capacity to lobby formally, but in their capacity to influence their fan bases' opinions).
(DIR) Post #2315519 by FlyingLawyer@infosec.exchange
2018-12-26T19:36:39Z
0 likes, 1 repeats
If @jerry has taught us anything, it's that the status quo in #infosec isn't good enough. Changing it is on all of us, but that doesn't make it fun.
(DIR) Post #2315545 by FlyingLawyer@infosec.exchange
2018-12-26T19:37:25Z
0 likes, 0 repeats
@jerry Yes, even the lawyers.Vendors, disputing some (totally basic, routine, rudimentary) control in an information security agreement: "We've never been asked to do that for any other customer."Me:
(DIR) Post #2315546 by FlyingLawyer@infosec.exchange
2018-12-26T19:41:28Z
1 likes, 1 repeats
@jerry As you look around your company, your country, or even your home in the mirror of a year gone by, it's easy to just resign to the notion that security sucks and play "crystal ball" with 2019. Don't stop there. Decide what you're going to change about it. We can do this.
(DIR) Post #2597228 by FlyingLawyer@infosec.exchange
2019-01-03T14:20:33Z
0 likes, 0 repeats
@jerry It might be a little easier to implement if you flip it around: announce at the beginning of the year that the company is putting some of the "bonus" money for 2019 (say $XX,XXX) into a "phishing pool." Report = 2 points, don't click = 1 point, click = you go back to zero. At the end of the year every employee gets $XX,XXX*(their points/everybody's points).
(DIR) Post #2604641 by FlyingLawyer@infosec.exchange
2019-01-03T18:12:30Z
0 likes, 0 repeats
@jerry I like that hybrid.
(DIR) Post #3341554 by FlyingLawyer@infosec.exchange
2019-01-24T23:35:01Z
0 likes, 0 repeats
@jerry Got a TV with a built-in Roku. Recently switched ISPs. New ISP (which manages router) seems to boot it from the network after long periods of "inactivity" (which are almost certainly not inactive).
(DIR) Post #3380519 by FlyingLawyer@infosec.exchange
2019-01-25T20:33:19Z
0 likes, 1 repeats
Not strictly #infosec related, but this is a very big deal. The main hurdle facing the plaintiffs' bar on these suits was this standing/injury issue. If your company has been playing fast and loose with #biometric data...you may want to get on top of that. https://capitolfax.com/2019/01/25/supreme-court-rules-against-six-flags-on-state-biometric-law/
(DIR) Post #9gubIxKhFysH30N2zA by FlyingLawyer@infosec.exchange
2019-03-18T22:37:58Z
0 likes, 0 repeats
Paging @jerry . . .Fall Out Boy reportedly sued over life-size llama puppets: https://www.altpress.com/news/fall-out-boy-sued-llama-puppets/
(DIR) Post #9kBo4BaMB3wh2XJGBU by FlyingLawyer@infosec.exchange
2019-06-24T15:21:44Z
0 likes, 0 repeats
I'm a #RaspberryPi novice. I picked up a 3B+ earlier this year, set up a PiHole, etc., but was a little disappointed by its performance for day-to-day web browsing and other general computing stuff (esp. anytime video was involved). Is the 4 as big a jump in performance as it seems?
(DIR) Post #9kBo4C0abWvgLtaD4a by FlyingLawyer@infosec.exchange
2019-06-24T19:41:37Z
0 likes, 0 repeats
@whonose123 No issues with the Pi-Hole functionality. I just meant that I *also* tried to use it at home for day-to-day computing stuff and have found it too slow/unreliable for that purpose. I'm wondering if these upgrades might change that.
(DIR) Post #9kBo4CdaGY7aIppLqy by FlyingLawyer@infosec.exchange
2019-06-24T20:16:39Z
0 likes, 0 repeats
@whonose123 Yeah. I had a lot of trouble trying to run both OpenVPN and PiHole on a single box, but that seemed to be more of a code issue than a performance issue. I eventually gave up and chose PiHole.
(DIR) Post #9kY8ByXaFD5ScYqwvA by FlyingLawyer@infosec.exchange
2019-07-05T19:41:06Z
0 likes, 0 repeats
@jerry @whonose123 Well...we're waiting...
(DIR) Post #9kzD1PYQSdZiOAg3Xc by FlyingLawyer@infosec.exchange
2019-07-18T21:12:26Z
0 likes, 0 repeats
@R10T i have an identical case for my 3+. (Almost) can't overheat it.