malanalysis

@malanalysis@infosec.exchange

Geeky dad jokes related to dfir, malware, osint, infosec, iiot, incident response, law enforcement, empty nest, marriage, and gaming. (he/him)

This profile is from a federated server and may be incomplete. Browse more on the original instance.

malanalysis, to random
kevinrothrock, to random

seeking suggestions to fill this completely

malanalysis,

@kevinrothrock "The Ukraine" or "The Ukraine Territory" terms used

jerry, to random

I do think it is an important time of year to remind people that Tornados are attracked to plastic pink flamingos.

Just say no to them

malanalysis,

@jerry So when I was playing CP2077 and destroyed all those pink flamingos, I was actually help protect Rancho Coronado from tornados. I did not realize that.

GossiTheDog, (edited ) to random
@GossiTheDog@cyberplace.social avatar

The three million toothbrush botnet story isn’t true.

Here’s the original source of the story: https://archive.is/2024.01.30-203406/https://www.luzernerzeitung.ch/wirtschaft/kriminalitaet-die-zahnbuersten-greifen-an-das-sind-die-aktuellen-cybergefahren-und-so-koennen-sie-sich-schuetzen-ld.2569480

It’s simply a made up example. It doesn’t exist. It starts talking about NoName Ddosia, too, which also isn’t toothbrushes.

malanalysis,

@0x58 @GossiTheDog
The correct term is a Toothbrush Bristle.

nf3xn, to random
@nf3xn@mastodon.social avatar

deleted_by_author

    •
    malanalysis,

    @nf3xn
    I heard the PR statements "We found no evidence of any cybersecurity event having occurred." in my head when I read your toot.

    malanalysis, to random

    The TV show Happy Days came out in 1974 and was based on the time around 1956.

    If it was remade and released today, it would be set around 2006 with all the cast being Gen Z portraying millennials (the kids) and millennials portraying GenX (the parents).

    Intro to the show Happy Days with the case of characters being displayed in the center of an LP record spinning on a turntable.

    taylorlorenz, to random
    @taylorlorenz@mastodon.social avatar

    EXCLUSIVE: Grimes has partnered with a Silicon Valley AI toy startup to release an AI toy named Grok that can interact with your children and might one day teach them religion and values https://www.washingtonpost.com/technology/2023/12/14/grok-grimes-curio-toy/

    malanalysis,

    @taylorlorenz

    Woman display an intense grimace.

    malanalysis, to random

    General reminder that the word "Hackers" is not actually a synonym for the word "Criminals"

    I am looking at you, the folks that write headlines for online news articles!

    Woman saying, That is not the same thng.

    malanalysis, to Cybersecurity

    I still find it discouraging that every morning when I check new job postings, 90% of them are for Senior/Principal and the other 10% almost all still want experience. Where does the cybersecurity and community think this vast pool of seasoned professionals come from?

    One of the hardest tasks I get is to mentor someone into cybersecurity because we lack places to guild them where they can grow into those seasoned professionals.

    malanalysis,

    @Em0nM4stodon Yeah

    malanalysis, to infosec

    Dragos is looking for a Principal Penetration Tester for their USA team.
    https://careers.dragos.com/jobs/2027?lang=en-us

    Qualifications Minimum of 5 years of hands-on cybersecurity experience. Proven ability to perform penetration testing and threat emulation using known/expected tactics employed by nation states and other advanced threat actors. Extensive hands-on experience with common assessment and pen testing tools including Windows (LOTL), Kali, Python, C2 Platforms, Ansible, Docker, AWS, etc. Thorough understanding of cyber threats, common attack vectors, exploits, and adversary tactics, techniques, and procedures (TTP’s). Ability to calculate the operational or safety impact of exploited vulnerabilities and recommend mitigations or controls. Ability to collect and analyze network data in a cybersecurity context. Capable of establishing excellent rapport with customers across different levels, from practitioners to senior management, including the ability to facilitate training and present complex information to various audiences. Willingness to travel up to 30% (on average) for on-site customer engagements.
    Compensation Base Salary: $160,000 USD Base comp + Benefits + Equity = $340,000 USD Comprehensive benefits plan (medical, dental, vision, disability, life insurance, 401K with match) Equity at Dragos is quickly growing and the total compensation under-represents the future growth and refresh program. This will be discussed on the first call with the Dragos recruiter.

    neurovagrant, to random
    @neurovagrant@masto.deoan.org avatar

    deleted_by_author

    •
    malanalysis,

    @neurovagrant
    In a previous life, I heard this from leaders in law enforcement too.

    malanalysis,

    @neurovagrant
    In my reference it was leadership talking about the patrol officers.

    howelloneill, to random

    The plural of malware is malware. Not malwares. Please don't do this, it pains me.

    malanalysis,

    @howelloneill How many datas support this assertion?

    malanalysis, to random

    I just had a thought about Time's Person of the Year. Since we all won it in 2006. That means everyone since 2006 has been a repeat winner. But some day, someone born after 2006 will earn it and that will be the first time a new winner will have been selected since 2006.

    malanalysis, to infosec

    Role: Senior Professional Services Engineer
    Location: United States

    https://careers.dragos.com/jobs/2015?lang=en-us

    Qualifications 6+ years of experience in the industry (i.e. controls engineer) or InfoSec (ICS cybersecurity experience) Networking experience – have an excellent understanding of IP networks, OSI model, Purdue model, ICS protocols Experience with Linux (command line), CENTOS, scripting languages (python, shell, etc), and SIEMs Experience in on-premise and cloud software solutions for Enterprise Intermediate Knowledge of Kibana, Elasticsearch, and Logstash with the ability to troubleshoot issues Eagerness to do geek stuff while wearing hardhats Willingness to travel 25%
    Compensation Salary: $140,000 Base + Benefits + Equity = $244,000 Comprehensive benefits plan (medical, dental, vision, disability, life insurance, 401K with match) Equity at Dragos is quickly growing, and the total compensation under-represents the future growth and refresh program. This will be discussed on the first call with the Dragos recruiter.

    charlotteclymer, to random
    @charlotteclymer@mastodon.social avatar

    Sorry, let me see if I understand this: the Supreme Court announced it will hold itself accountable with new ethics rules written by itself, but it hasn’t said how those rules will be enforced by the Supreme Court against violations by Supreme Court justices. Did I get all that?

    malanalysis,

    @charlotteclymer
    quis custodiet ipsos custodes

    GossiTheDog, to random
    @GossiTheDog@cyberplace.social avatar

    deleted_by_author

    •
    malanalysis,

    @GossiTheDog I am a 57 year old white guy that wears cargo shorts and New Balance sneakers, I figure that counts as cosplay too.

    Tweetfiction, to random

    I hope you vote today folks. ESPECIALLY if you live in Ohio or Virginia, but wherever you live! It's harm reduction at worst, and sometimes can do some real good!

    !

    malanalysis,

    @Tweetfiction
    VA: Ended up voting early because I thought I might have to last minute travel.

    Also remember to look at the sample ballots, you can even take them with you into the booth to make sure you vote for the person you intended.

    malanalysis,

    @Tweetfiction
    If someone wants to vote party line or maybe against one party line, the parties are not denoted on the ballots for local elections. I know I don't always remember every name I looked up earlier and wanted to vote for so I really think looking at a sample ballot and taking it will you will helps avoid the situation of not remembering who you wanted to vote for some local election.

    malanalysis, to random

    As a person I hate Daylight Saving Time for work reasons, but today I am looking outside wondering why it is going to be dark before I end work.

    Man asking, "Where is the Sun?"

    Mrfunkedude, to random
    @Mrfunkedude@mastodon.social avatar

    Good morning Fediphiles!

    No wait... Fedizens!

    No no no... Fedists!

    I give up. Just have a good day will you?

    malanalysis,

    @Mrfunkedude Fedishist?

    spaf, to random
    @spaf@mstdn.social avatar

    Microsoft has announced a new security initiative that will make use of more AI.

    Great. Now, when all our machines are compromised, they can shrug their shoulders and claim it was the fault of an AI and not their responsibility.

    AI is definitely going to transform cybersecurity....

    malanalysis,

    @spaf I won't believe AI is at human levels of cyber security until it starts classifying real incidents as a "software anomalies" while also complaining about the false positive rate.

    eric_capuano, (edited ) to random

    Shame on you, @arstechnica ... You clearly worded the title of this clickbait article to make it seem as if Okta was breached again, when in fact that isn't true at all here.

    The BS title: "Okta hit by another breach, this one stealing employee data from 3rd-party vendor"

    Titling it "Okta hit by another breach..." is misleading, when the reality is Rightway was the one "hit by a breach"... Okta was indirectly impacted by the breach, and in a way that affects nobody but their employees.

    You knew this wasn't appropriate wording for the title, but you chose to capitalize on current events for clicks.

    Okta wasn't even the only Rightway customer affected by the breach, so where's your article for every other company "hit by a breach" they had nothing to do with?

    Throwing shade, you wrote:

    Okta learned of the compromise and data theft on October 12 and didn’t disclose it until Thursday, exactly three weeks later.
    This 3rd party breach only affected Okta employees -- who else do they owe a disclosure to? This only affects them! IMHO, the only one that owes anyone a disclosure here is Rightway.

    I am as big a critic of Okta's breach history as anyone, but needlessly kicking them while they're down feels unethical. Do better.

    Edited: to reflect the entire title, which is only 50% clickbait BS.

    https://arstechnica.com/security/2023/11/okta-hit-by-another-breach-this-one-stealing-employee-data-from-3rd-party-vendor/

    malanalysis,

    @mttaggart @eric_capuano @dangoodin @arstechnica

    The reporting was good, the title was annoying click bait that preyed on a victim's notoriety to drive engagement.

    malanalysis, to random

    General elder person (USA) reminder that writing your congress person, senators, and president about opinions you express online is actually cathartic and does influence in aggregate.

    malanalysis,

    @neurovagrant There is a great new app for calling too, if you would rather call.

    https://5calls.org/

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • InstantRegret
  • mdbf
  • ethstaker
  • magazineikmin
  • cubers
  • rosin
  • thenastyranch
  • Youngstown
  • osvaldo12
  • slotface
  • khanakhh
  • kavyap
  • DreamBathrooms
  • provamag3
  • Durango
  • everett
  • tacticalgear
  • modclub
  • anitta
  • cisconetworking
  • tester
  • ngwrru68w68
  • GTA5RPClips
  • normalnudes
  • megavids
  • Leos
  • lostlight
  • All magazines
    •