GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    Bob Lord 🔐 :donor: (boblord@infosec.exchange)'s status on Friday, 29-Nov-2024 04:51:08 JST Bob Lord 🔐 :donor: Bob Lord 🔐 :donor:

    “𝗔𝗹𝗹 𝗶𝘁 𝘁𝗮𝗸𝗲𝘀 𝗶𝘀 𝗼𝗻𝗲 𝗰𝗹𝗶𝗰𝗸”. How many times have you heard someone say that? How often have 𝙮𝙤𝙪 said it?

    Take a step back and ask yourself if this is 𝘳𝘦𝘢𝘭𝘭𝘺 how the hacks happen in 2024. Just one click? Really? If that were true, we'd be asking these questions:

    In conversation Friday, 29-Nov-2024 04:51:08 JST from infosec.exchange permalink

    Attachments


    1. https://media.infosec.exchange/infosec.exchange/media_attachments/files/113/562/283/178/955/968/original/1d15c9f28967f746.png
    • Embed this notice
      Wendy Nather (wendynather@infosec.exchange)'s status on Friday, 29-Nov-2024 04:51:07 JST Wendy Nather Wendy Nather
      in reply to

      @boblord

      In conversation Friday, 29-Nov-2024 04:51:07 JST permalink

      Attachments


      1. https://media.infosec.exchange/infosec.exchange/media_attachments/files/113/562/301/807/682/779/original/5ee851dc799514df.jpeg
    • Embed this notice
      Bob Lord 🔐 :donor: (boblord@infosec.exchange)'s status on Friday, 29-Nov-2024 04:51:08 JST Bob Lord 🔐 :donor: Bob Lord 🔐 :donor:
      in reply to

      1️⃣ How was the enterprise laptop fleet misconfigured to make this possible?
      2️⃣ What products were so dangerous that a single click led to arbitrary code execution? (Think about the specific make/model of browser, mail client, OS, or other software.)

      Now, here’s the real question: Why are we training and blaming users for these failures if the true issues lie in 𝘀𝗼𝗳𝘁𝘄𝗮𝗿𝗲 𝘂𝗻𝘀𝗮𝗳𝗲𝘁𝘆 and 𝗽𝗼𝗼𝗿 𝗻𝗲𝘁𝘄𝗼𝗿𝗸 𝗮𝗿𝗰𝗵𝗶𝘁𝗲𝗰𝘁𝘂𝗿𝗲?

      In conversation Friday, 29-Nov-2024 04:51:08 JST permalink
    • Embed this notice
      Bob Lord 🔐 :donor: (boblord@infosec.exchange)'s status on Friday, 29-Nov-2024 04:51:08 JST Bob Lord 🔐 :donor: Bob Lord 🔐 :donor:
      in reply to

      Why is our plan to train users to avoid the built-in dangers of software and software deployments instead of 𝘀𝗵𝗶𝗳𝘁𝗶𝗻𝗴 𝘁𝗵𝗲 𝗯𝘂𝗿𝗱𝗲𝗻 𝗼𝗳 𝘀𝘁𝗮𝘆𝗶𝗻𝗴 𝗰𝘆𝗯𝗲𝗿 𝘀𝗮𝗳𝗲 to those who can best affect change?

      In conversation Friday, 29-Nov-2024 04:51:08 JST permalink

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.