 |
Post AsgK6CWUfQi3Ox37hY by [email protected] |
 |
More posts by [email protected] |
|
Post #AsgI0rfmYoOFNaioMa by [email protected] |
|
0 likes, 1 repeats |
|
|
|
The 2025 Sophos Active Adversary Report is out.I thread these every year as, pe… |
|
|
|
Post #AsgISRN7wLWHuv93h2 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Compromised credentials continue to drive a majority of incidents. Why? home P… |
|
|
|
Post #AsgIiXTh0RlXUHtOU4 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog we need to solve trying auth tokens to devices also, these infoste… |
|
|
|
Post #AsgK6CWUfQi3Ox37hY by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog One has to highlight that “home PC” here means Microsoft Windo… |
|
|
|
Post #AsgTn43WvHDTBG11hw by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Bruteforce and external remote access drives a significant portion of incidents… |
|
|
|
Post #AsgTyUKhZ9dJrXUjlg by [email protected] |
|
0 likes, 0 repeats |
|
|
|
If you have a way of being able to block or at least alert on software, yeet th… |
|
|
|
Post #AsgUCuaClXEXKVck3E by [email protected] |
|
0 likes, 0 repeats |
|
|
|
In 84% of cases - you know, almost all - attackers use RDP, aka Remote Desktop.… |
|
|
|
Post #AsgUTgfTkpOz625dey by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Notably, for the second year running (and same with all prior reports) (and the… |
|
|
|
Post #AsgUYvFqwt0rmfbGL2 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog I use most of these on the daily at work why would try to make my … |
|
|
|
Post #AsgUdb71GWGAlFhIpc by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Finally, if you want the raw incident data to analyse, Sophos has it, anonymize… |
|
|
|
Post #AsgV0K9uSom6qEt0SG by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog how long before stealers get combined with some kind of "resi… |
|
|
|
Post #AsgVD6lBajBX3CPxVw by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog advanced ip scanner? advanced port scanner? what the fuck is wrong… |
|
|
|
Post #AsgVG9VRpzteR7VYiu by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog That's really a crazy stat for a lot of reasons. It speaks to … |
|
|
|
Post #AsgXJbo7Gs3kzJ12tU by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog I wonder if I can get a talk accepted anywhere that is basically j… |
|
|
|
Post #AsgYLMJdwHUHTWA1i4 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog Rather put it behind a VPN like Fortinet, Ivanti or Palo Alto ... … |
|
|
|
Post #AsgZeq57avgJFSDlT6 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@Rairii @GossiTheDog must run on Windows and is simple enough for 1st level cli… |
|
|
|
Post #AsgZeqCZ9FdVcXhi4W by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@vampirdaddy @GossiTheDog nmap does run on windows, and if they can use mimi th… |
|
|
|
Post #AsgZeqIamqSNvEWWSu by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@Rairii @vampirdaddy @GossiTheDog nmap requires installing the npcap driver afa… |
|
|
|
Post #AsgZy9cr9cu1MiD6jg by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog Yeah, infostealer detection is much harder that it should be. That… |
|
|
|
Post #AsgaCk7cG8eGbtYRBg by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog We have a managed file transfer service that has been an excellent… |
|
|
|
Post #AsgaGWnBlAwQQanwTQ by [email protected] |
|
0 likes, 0 repeats |
|
|
|
I should also point out there's a lot of infosec people at trillion dollar … |
|
|
|
Post #AsgaJuy6KYRsHFWcdc by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog Centrally managed firewalls can help here. Guardicore has a neat a… |
|
|
|
Post #AsgaN7RiOZmjqQu4Ho by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog I'm a broken record internally, saying "the fundamentals … |
|
|
|
Post #AsgaV6oWd59SCWNm40 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog hey, Angry IP Scanner was great, and that's probably the last … |
|
|
|
Post #Asgcc5yaLHYRXQXyim by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog Ciaran Martin used to say "Deal with the low-hanging fruit&qu… |
|
|
|
Post #AsgfkOg0zvohiRVkoq by [email protected] |
|
0 likes, 0 repeats |
|
|
|
100% on this one, seen all the time on real world incidents. Problem: somebody … |
|
|
|
Post #Asgfqaqwdij3DXZuAS by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog @Walker so easy yet so seldom utilized… |
|
|
|
Post #Asgg3VWlkbWkSvIbQW by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog Clients always want it to be the highly sophisticated, state spons… |
|
|
|
Post #AsggesuHn23jgp7bGK by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog phishing only 2.6% is shocker. |
|
|
|
Post #AsghYUMqDK31nZzZpo by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog 1. We're talking about big orgs with zillion-dollar budgets. T… |
|
|
|
Post #Asgi11sZDBXBqFRONs by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog Wait, what? I wasn't under the impression that small orgs even… |
|
|
|
Post #AsgisXVEMmMhGi2bfE by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog good security isn't sexy. And sexy security isn't good. I … |
|
|
|
Post #Asgj8XknCWF4gEx2e0 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog You mean the policy that's been deprecated? |
|
|
|
Post #AsglTwVEZzLtQa0PUO by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog Always enjoyed digging around in these reports back at ZD. The … |
|
|
|
Post #AsgnsbwuKn4IpUq9lQ by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog we continue to have this problem at my work and it drives me mad t… |
|
|
|
Post #AsgntU5d2a88kBKsr2 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog 100%. I'm at a client who, in 2025, is running as domain admin… |
|
|
|
Post #Asgo2F3GJzsWi5PA3M by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@TindrasGrove @GossiTheDog The resistance I've always met in the "MFA … |
|
|
|
Post #Asgo2F9dwGyz1sOG00 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@darfplatypus @GossiTheDog when I was still in uniform and got to ask questions… |
|
|
|
Post #AsgoBILlQZ0xXvNMHI by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog wait why winrar? |
|
|
|
Post #AsgoGusPc7uCTxKLTs by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@[email protected] why do hard thing when simple thing make me 10 b… |
|
|
|
Post #AsgoHmVwBu0uptE9wm by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@argv_minus_one @GossiTheDog I genuinely think that #Passkeys may be the first … |
|
|
|
Post #AsgoU6uqADtBaMkppg by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@Rairii @GossiTheDog CLI is for hackers, that's what's wrong. |
|
|
|
Post #AsgoVvNm11a6OX9WTo by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog and yet it's hard to have people focus on the basics because t… |
|
|
|
Post #Asgoe1heOplEJYJU9o by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@zaicurity @vampirdaddy @GossiTheDog it doesn't, but some things don't … |
|
|
|
Post #Asgoq8hcCYxnUv4Yro by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@nopatience > Smart cards has never, imho, been a realistic solution to almo… |
|
|
|
Post #AsgvcF4CRT6erRxNA0 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@argv_minus_oneImpractical, expensive, not especially user friendly. Sure they … |
|
|
|
Post #AsgvcFAE53vXA8mBYO by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@nopatience Waving a card at a scanner isn't practical and user friendly? �… |
|
|
|
Post #AsgvcFGFiekPSpazwm by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@argv_minus_one You're correct, waiving a card in front of a scanner is use… |
|
|
|
Post #AsgvpGIz9HRGT054kK by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@nopatience @argv_minus_one @GossiTheDog Agreed. There are very robust defensiv… |
|
|
|
Post #AsgvpGPikEpIntESFE by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@johnshier Which controls? MFA? The sum of two weak authentication methods does… |
|
|
|
Post #AsgvyfVYoYuFEpRqmu by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog |
|
|
|
Post #AshOBRuFUiIXXAsXIG by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@sawaba @GossiTheDog Using conditional access policies to require client certs … |
|
|
|
Post #AshOBS0d6zOzqxrdEu by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@chetwisniewski @GossiTheDog is there a way to use this without SSO integration… |
|
|
|
Post #AsiEt6uY6twSmE9xUu by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog if you sync with any account in Chrome it will sync all the accoun… |
|
|
|
Post #At1WYn3FjD7iZOvgZ6 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog Was at a conference and one of the questions was "How can we … |
|
|
|
Post #AtSiBFA80QOhWRbNgm by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@sawaba @GossiTheDog I think it would be tough without an IdP. Even at my hous… |
