I was up late trying to figure out a stupid issue I was having with the Crowdstrike API so I didn't stream on twitch last night, hoping to do a stream tonight. I think they took a feature out my team was actually using which would allow me to contain a device and make a note that could be viewed in the dashboard.
Just facilitated @DomainTools Neurodivergent Employee Resource Group meeting, which we've been doing now for over a year!
Really interesting dynamic today, and in addition to checking in, we talked about caffeine & stimulation, and then folks spent a while talking about raising ND kids.
Why is it important to welcome and nurture neurodiversity in cybersecurity?
I'll leave it to those touchy-feely goofs over at RAND, whose study on neurodiversity and national security found many benefits, but beyond those a necessity due to:
“missions that are too important and too difficult to be left to those who use their brains only in typical ways.”
If you're using GNU/Linux. Please use opensnitch, it's criminally underrated. It notifies you of network requests made in real time, and you can choose to allow them or not (it comes with a lot of filtering options as well): https://github.com/evilsocket/opensnitch
I like how there's so many products and so much money spent on endpoint defense,
malware detection, incident response, scanning of files, behavioral changes and signals
and all that shit...
but then companies end up losing millions to a simple phishing attack.
I'm doing the SC-200 by Microsoft, and I barely see things that talk about this
I'm looking to borrow (it's $200 and I'm not buying it) a copy of an extremely niche book from a law school library for a week or so. It's called "Cybersecurity and the Courthouse: Safeguarding the Judicial Process".
I love the kind of #infosec research as demonstrated in the TunnelVision paper: someone took time to recheck DHCP, a protocol that has been looked at hundreds of times, found an obscure DHCP option from 2002 (!) that is rarely used for anything useful, but it’s still implemented by most operating systems (!) and concluded it effectively introduces a backdoor that allows VPN snooping on a local network 🤷 On high level, it’s just yet another reason to abandon IPv4 with its rather ancient client configuration mechanism and move on to IPv6 which has much more consistent and better designed SLAAC, NDP, SEND etc.