thekileen
@thekileen.bsky.social
IT Security in Higher Ed (no that’s not quite a contradictory statement), Electronics, Woodworking, BBQ (low & slow is the way), Dad, follower of Jesus (order changes at will). Opinions are my own.
That’s assuming your browsers are Chrome (which is highly likely considering the market share).
January 3, 2025 at 2:05 AM
That’s assuming your browsers are Chrome (which is highly likely considering the market share).
So is the cheese if you count the cow’s diet.
December 30, 2024 at 2:08 AM
So is the cheese if you count the cow’s diet.
If the university is providing the AutoCAD license, I’d check if they’d support installing it on MacOS. Most if not all support Windows & definitely not Linux. I tried running it through wine and that didn’t end well. www.autodesk.com/support/tech...
December 27, 2024 at 8:54 PM
If the university is providing the AutoCAD license, I’d check if they’d support installing it on MacOS. Most if not all support Windows & definitely not Linux. I tried running it through wine and that didn’t end well. www.autodesk.com/support/tech...
Not ironic at all. I have an appreciation for how the Tesla EV pushes the boundaries of the auto industry. I am not a fan of how they’re manufactured & do wonder what an economic impact report would look like for what it takes to generate a Tesla Model 3. Not to mention how ppl are treated at TSLA.
industry
industry.am
December 10, 2024 at 2:19 AM
Not ironic at all. I have an appreciation for how the Tesla EV pushes the boundaries of the auto industry. I am not a fan of how they’re manufactured & do wonder what an economic impact report would look like for what it takes to generate a Tesla Model 3. Not to mention how ppl are treated at TSLA.
Would it be possible for other endpoints with Defender installed within the same vlan or subnet to be able to tell you more about what’s happening, like if the system is online and connected? I do realize this is hyperbole and is more like a Juniper Mist network-sensor system. I’ll read the docs.
December 7, 2024 at 2:45 AM
Would it be possible for other endpoints with Defender installed within the same vlan or subnet to be able to tell you more about what’s happening, like if the system is online and connected? I do realize this is hyperbole and is more like a Juniper Mist network-sensor system. I’ll read the docs.
I’m just thinking about cases where something is side-loaded into memory and doesn’t hit disk. The only solution I know of that actively protects against that type of attack is a well-known EDR vendor *not* listed in EDRSilencer’s code.
December 7, 2024 at 2:41 AM
I’m just thinking about cases where something is side-loaded into memory and doesn’t hit disk. The only solution I know of that actively protects against that type of attack is a well-known EDR vendor *not* listed in EDRSilencer’s code.
And if you can be alerted, I’m assuming you should be able to proactively block this tool from blinding Defender.
December 7, 2024 at 2:10 AM
And if you can be alerted, I’m assuming you should be able to proactively block this tool from blinding Defender.
Can you be alerted in Defender before something like EDRSilencer is used on an endpoint to blind Defender?
Tool link: github.com/netero1010/E...
Context around how I became aware of it: www.trendmicro.com/en_us/resear...
Tool link: github.com/netero1010/E...
Context around how I became aware of it: www.trendmicro.com/en_us/resear...
GitHub - netero1010/EDRSilencer: A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server. - netero1010/EDRSilencer
github.com
December 7, 2024 at 2:09 AM
Can you be alerted in Defender before something like EDRSilencer is used on an endpoint to blind Defender?
Tool link: github.com/netero1010/E...
Context around how I became aware of it: www.trendmicro.com/en_us/resear...
Tool link: github.com/netero1010/E...
Context around how I became aware of it: www.trendmicro.com/en_us/resear...
So your only other choice is to stop using the service. It's a rough situation.
December 6, 2024 at 3:02 AM
So your only other choice is to stop using the service. It's a rough situation.
But the reality is most companies that care about security added non sms options 5+ years ago. The only other choice is to stop using the service. Some of these sites are govt and Healthcare & that just isn't an option most of the time. It's a rough situation.
December 6, 2024 at 3:01 AM
But the reality is most companies that care about security added non sms options 5+ years ago. The only other choice is to stop using the service. Some of these sites are govt and Healthcare & that just isn't an option most of the time. It's a rough situation.
You can also use a password manager like Bitwarden to manage your mfa and that would be a big step up from sms. If you only have the option for sms? There's not a lot to be done. You can bug customer service about it, maybe they can get word higher up the chain to get them to start caring…
December 6, 2024 at 2:57 AM
You can also use a password manager like Bitwarden to manage your mfa and that would be a big step up from sms. If you only have the option for sms? There's not a lot to be done. You can bug customer service about it, maybe they can get word higher up the chain to get them to start caring…
There's now confirmation of man-in-the-middle happening. What can I do about this? The answer is "it depends. If you have the option to use something other than SMS mfa, you should use it now. Entra Auth is a great phone authenticator, and of course a hardware token would be best like a Yubikey.
December 6, 2024 at 2:55 AM
There's now confirmation of man-in-the-middle happening. What can I do about this? The answer is "it depends. If you have the option to use something other than SMS mfa, you should use it now. Entra Auth is a great phone authenticator, and of course a hardware token would be best like a Yubikey.