Inocul8r.net

"...Less repercussion, more discussion"
A Free Open Source Technology Discussion Forum For Everyone

Collaboration

Collaboration
Discussion
Status
Topics
Community
Comments
Views
Users
Date 

I briefly covered this topic before here https://inocul8r.net/session/community/in-the-news/wannacry-hero-sic-marcus-hutchins-loses-evidence-bid/#post-1938 but in the news recently is a statement that Marcus Hutchins has pleased guilty to the ransomware charges levied against him in the US. And here's the ironic part. People within the infosec community all seemed to jump onto the "innocent" bandwagon - mostly his parents, who may now just regret the below statement they madeMr Hutchins said:...... Read More

2
40
Mark Cutting
Mark Cutting
3 days ago
3 days ago
NEW

I went looking for specific information concerning one of the custom functions I'd written for this site, and somehow, landed up at Quora. In all honesty, the information was useless, so I quickly moved on. What I didn't realise is that because I'm using Chrome, my Google account is active (so that I have access to Google's other services etc). To my unpleasant surprise, after a few days, I received an email from Quora that looked like the below[attach]42[/attach]The absolute cheek of it. Not...... Read More

13
687
Rinat Kirimov
Rinat Kirimov
Apr 13
Apr 13

Hi,I would like to know what you guys use for central authentication services. I know mainly it would be Windows AD, Kerberos, LDAP. Are there good alternatives to those? Something not to complex to set up but also robust. There are existing employees that are permanent but also there are guests that come and go and need to authenticate to the system for various reasons/tasks. Thanks

4
93
Rinat Kirimov
Rinat Kirimov
Apr 13
Apr 13

Hello Community,Let me shake off some of the dust on my keyboard as I've been absent here for some time.The question I came across recently and got no solid answer was: How do you manage credentials within automation scripts? I have a number of python/bash scripts that interact with different systems via API. The account itself that is used to call API has permissions to pull, alter, delete records etc. Now, I wonder what are the best practices in doing so. I don't think putting...... Read More

0
66
Mark Cutting
Apr 12
Apr 12

Need to include code in your post ? Inocul8r now fully supports the addition of code. Insert the code you want to add, then select it Once selected, press the "code" icon as shown below[attach]41[/attach]Which means this<html><head><meta charset="utf-8" /><title>Making Quines Prettier</title><!-- The defer attribute is not necessary for autoloading, but is necessaryfor the script at the bottom to work as a Quine. --><script...... Read More

Logging levels
  Help & Advice
11
453
Mark Cutting
Mark Cutting
Apr 10
Apr 10

I'm currently in the process of migrating our firewall syslogs away from our current vendor, and need a minimum of one year retention to satisfy the regulatory requirement. My problem here is that if I leave the Fortinet firewalls "as is" with logging, each one is going to effectively be dumping up to 4Gb per day. Multiply that by 10 and it's going to get expensive .I don't need the "chatter" that logs typically generate but it seems difficult from the Fortinet perspective to tune the logs down...... Read More

So here goes...I used to be a big advocate for Elasticsearch. The more I use different tools for different things, the more I find that, while the tool might be brilliant on its own for certain things, it's not exactly great on its own for what I need.Data Science is hard. The good thing though is that you can use the same dataset for multiple different types of Data Science. For example; Marketing can use data from web servers to look at trends and promote or demote products based on...... Read More

0
81
Mark Cutting
Apr 10
Apr 10

Well, after a long weekend creating new code based on an idea for increasing engagement in discussions, it's finally here - threaded discussions. Yes, I can picture you rolling your eyes and thinking "it's been done before", but I assure you, it hasn't - at least, not in this sense. Discover and join a new community that tackles all issues - not just the popular ones - and won't treat you like something we've just stepped in. And in case you're wondering, Inocul8r really is, well, "sexy" 😊...... Read More

Robot callers
Tagged In
  Discussion
0
83
Mark Cutting
Apr 10
Apr 10

Getting a TON of these lately - 6 today in succession actually. Anyone else noticed a steep incline in robot recorded messages ? Typically, those pretending to be from the internet service provider.....[fill in the blanks].....please press 1 to call us back (and be charged an outrageous premium rate whilst we empty your bank account)... Seemingly, these are from mobile/cell numbers (in the UK at least) - any ISP worth their salt isn't going to call you from a mobile number 🙂

7
168
Marcus Dempsey
Mark Cutting
Apr 10
Apr 10

Darkweb credential checking seems to be springing up all over the place at the moment. Has anyone used one of these services or do you just rely upon haveibeenpwned?I'd be interested to know people's thoughts if you think this is a worthwhile service, if so why you think this. Personally I'm not sure on them, I'm also in the opinion do I trust such scans? Although I haven't looked into it that much.If you do use them, which ones do you use?Marcus

I went to have a look at Facebook's policy pages, and hit the F12 button - as you do if you are a nosy [email protected] and a security geek. Here's what you get[attach]40[/attach]What sort of message does this convey to a would-be criminal ! 🙂

7
561
Alden Chevez
Mark Cutting
Apr 10
Apr 10

Hi all!I'll be posting here the different free online tools that I've found, and I'll try to update this post with the new ones I find, and the ones people share. That way we'll always have on top the updated list.NoVirusThanks, has a collection of free software to downloadhttps://www.novirusthanks.org/Website Reputation Checker:https://www.urlvoid.com/I also use Fortinet's FortiGuard service (palo alto has a similar service)https://fortiguard.com/learnmore#wfFree Playbooks from Incident...... Read More

[attach]39[/attach]The UK government has put forward proposals in order to regulate social media companies over harmful content. Once (if) passed, these regulations could include large fines and the ability to block services that refuse to remain complicit. There will be a consultation until the 1st of July in relation to plans for the creation of a legal "duty of care towards users", which overseen by an independent regulator.Presently, when dealing with graphic content, social media platforms...... Read More

0
158
Mark Cutting
Apr 02
Apr 02

Anyone working in the information and infrastructure security space will be more than familiar with the non-stop evolution that is vulnerability management. Seemingly on a daily basis, we see new attacks emerging, and those old mechanisms that you thought were well and truly dead resurface with “Frankenstein” like capabilities rendering your existing defences designed to combat that particular threat either inefficient, or in some cases, completely ineffective. All too often, we see...... Read More

I read this with a mix of amazement and disgust in the paper recently. Admittedly, it's The Sun, but it's all over the news - https://www.dailymail.co.uk/news/article-6754243/British-grandfather-67-fell-10m-phishing-scam-faces-life-Japanese-jail.html[attach]38[/attach]This guy is now in serious trouble having been caught acting as a mule for West African drug smugglers attempting to enter Japan customs carrying drugs with a "street value" of one million. This is a heinous crime on the part of...... Read More

Activity
  • WannaCry "hero" Marcus Hutchins pleads guilty to ransomware charges

    I briefly covered this topic before here but in the news recently is a statement that Marcus Hutchins has pleased guilty to the ransomware charges levied against him in the US. And here's the ironic part. People within the infosec community all seemed to...

    Last Response Mark Cutting, 9 hours ago

  • Quora is stalking you...

    Keep me posted. This really isn't right, and I think a complaint is in order here.

    Last Response Mark Cutting, 3 days ago

  • Centralized authentication service suggestions

    Thanks! I haven't been able to get back on track with it. I appreciate the suggestions! I will have to find time and get back to it.

    Last Response Rinat Kirimov, 1 week ago

  • Managing credentials within automation scripts

    Thanks for the suggestions! Someone else mentioned vault to me before. I'd need to take a look and see how it can be integrated. I had another tool I was looking at - credential manager - and they had a working example of a script to pull creds from serve...

    Last Response Rinat Kirimov, 1 week ago

  • Adding code to your posts

    Need to include code in your post ? Inocul8r now fully supports the addition of code. Insert the code you want to add, then select it  Once selected, press the "code" icon as shown below Which means this <html><head><meta charset="utf-8" /...

    Last Response Mark Cutting, 1 week ago

  • Logging levels

    @justincredible that's a great post. Thanks. Certainly ok to share 👍 Plenty for me to get stuck into there.

    Last Response Mark Cutting, 1 week ago

  • What's the sound of one hand clapping - only using ELK as your threat hunting strategy

    So here goes...I used to be a big advocate for Elasticsearch. The more I use different tools for different things, the more I find that, while the tool might be brilliant on its own for certain things, it's not exactly great on its own for what I need...

    Last Response Ken Gilmour, 1 week ago

  • Threaded discussions !

    Well, after a long weekend creating new code based on an idea for increasing engagement in discussions, it's finally here - threaded discussions. Yes, I can picture you rolling your eyes and thinking "it's been done before", but I assure you, it hasn't - ...

    Last Response Mark Cutting, 1 week ago

inocul8r.net

Less repercussion more discussion

A Free Open Source Technology Discussion Platform For Everyone

More Like This Login Register