BC INTERNET
Saved by @Alex1Powell

Twas the night before Christmas and all over the ‘net,
Not a creature was stirring except a few cyber threats
The firewalls were configured at the egress with care,
But that wouldn’t stop us from being hit by ransomware. 1/

 The children were nestled all snug in their beds,
While attackers hit the web server and established a beachhead
Mama with her EDR and I with my IDS
Were ready to tackle this hot infosec mess. /2
Down in the SOC there arose such a clatter,
I logged into my dashboard to see what was the matter.
This thing had better work, it cost so much cash.
How in 2020 can this thing STILL require Flash?! 3/
The alerts lit up the dashboard, it produced such a glow
But it’s because the threshold for alerting was configured so low.
When what to my wondering eyes did appear,
But 300 false positive alarms. I thought “I’ll be here all year.” 4/
Then a little old DLL, signed by SolarWinds,
Was really the Russians, masters of supply chain break-ins.
We need some new vendors said the CISO, and the salespeople came. 5/
She shrugged, and she grunted, and she called them by name:
Now AlertDashboard, Now FaceDancer, Now PacketPrancer, and CyberOxen.
On DarkComet, On WebCupid, On DataDumpDonner, and BlinkenBoxen! 6/
With no DNS filtering and egress that was open to all,
The Russians said “why even bother to deploy a firewall!
The off-site DFIR team prepared here to fly,
But with no logging configured, things were going awry. 7/
Their OPSEC was bad and the attackers they knew,
So their rootkit crashed a critical server with a death screen of blue.
“It might not be Russia, the packets could be a spoof!”
“But attribution is nuanced, and you’ll never have proof” 8/
The analyst checked the logs, and then spun around,
Saying “there’s nothing we missed, supply chain attacks are profound”
The CEO was worried Russians wanted his secrets to loot,
But the CISO said “we told you that’s China, you’re not being astute.” 9/
A cluster of servers, secured in their locking rack,
Still fell victim to this insidious cyberattack.
The alarms on the dashboard – oh how they twinkled! This one’s gonna be hairy…
The CISO admitted “this one is bad, I’ve never seen malware so scary!” 10/
The boss said “get this incident done, wrapped up with a bow”
But the CISO said “this isn’t CSI:Cyber, it’s going to be slow”
The boss said “this was preventable but your skills are beneath”
The CISO responded “stop insulting my team or I’ll knock out your teeth” 11/
The CISO ruled with an iron fist, just like Machiavelli,
And said “follow the 3-2-1 rule so we aren’t all so smelly!”
The budget was plump, a sign of cybersecurity health,
Everything purchased had been installed – nothing bit-rotting on the shelf. 12/
A wink of her eye and a twist of her head,
Soon gave me to know infosec misogynists would be dead.
“Why?!” said the analyst, “we’re just having fun at work!”
She said “Stop being a Neanderthal, a dope, and a jerk!” 13/
As every incident responder most certainly knows,
Working incidents through the holidays absolutely blows
The IR team remediated the issue and one of them let out a whistle.
The team lead said “if you leak to the press, expect a dismissal.” 14/
Then I heard them exclaim as they drove out of sight – “Just stop clicking on stuff, we can’t do this again tonight!”

Happy whatever you celebrate from all of us at @RenditionSec to you and yours! /FIN
https://t.co/tdwkMSseJc

More from Internet

Markus Amalthea Magnuson \u2744\ufe0f
Markus Amalthea Magnus...
@scifiagenda
I did more research into the Parler dump. What probably happened was not so much a "hack", but this: When Twilio/Okta shut them down, they just disabled email/phone verification to create an account. This means anyone could directly create huge amounts of accounts via their API.

Someone also found out that fetching Parler posts could be done by enumerating IDs (e.g 1, 2, 3) instead of random IDs that can't be guessed. Unclear if this was via the ordinary API endpoint, or that they found a separate one by monitoring app network traffic.

So you combine these two things and you can create a script to scrape all the posts on the entire platform, using a lot of different accounts to avoid suspicion. Anyone could download and run this script to spread it out over many IP addresses as well.

What I'm still not sure about is whether deleted (meaning flagged as deleted, it's common that services never actually delete data) posts could be fetched without any special handling.

The verdict: The people who wrote Parler are fucking amateurs.
INTERNET
Alberto Gimeno \U0001f3f3\ufe0f\u200d\U0001f308\U0001f1ea\U0001f1f8\U0001f49c\U0001f90e
Alberto Gimeno 🏳️‍🌈🇪🇸💜...
@gimenete
I'm going to tell you a little bit how we work on features at GitHub. It's simple, but very powerful in my opinion. At GitHub we have a high performance culture.

We are deploying changes almost all the time while keeping the service running and the deployment failure ratio needs to be super low! We are constantly working on new medium/big features, we have frequent deploys and required peer reviews.

How do we know that big features are not conflicting with each other in functionality and in version control. How do we merge the work done in these non-trivial features? How do we do prevent peer reviews slow down our productivity?

With basically two things: split the work in small batches and feature flags. We don't have long-lived feature branches. We do very small changes all the time and deploy them.

We could split a feature in tens or hundreds of PRs, but until it is beta or GA, we don't expose it to users by using feature flags.
INTERNET
Advertisement
Elaine Hayes MCCT #MIEExpert \u2618
Elaine Hayes MCCT #MIE...
@e_hayes12
A thread on teaching live lessons using @MicrosoftTeams Meet Now function where students follow their normal timetable except online - will go into more detail on every point in a blog post later. Have used Teams for live teaching have supported over 100 live lessons since March

1. If you are using the desktop app, check you have the latest version of Teams so that you should have Breakout rooms enabled. Check by clicking your profile picture, then About - I have version 1.3.00.28779. If you have 1.2..., click on check for updates to get the latest


2. Set your entry routine. I get my students to enter with their microphone muted - you can also not allow attendees to unmute by opening the participants list, clicking the ellipsis and selecting that option.


3. Make sure students arrive as attendees - some organisations have this set up to automatically happen that only meeting organizer is the presenter and others are attendees. Can change this in the manage permissions menu to only me if not already set (opens in a web browser).


4. Classroom routine and expectations - first lesson I share my screen and show the students the raise hand function for when they want to ask questions, how to access the chat function and how to react to questions as opposed to typing answers
INTERNET
Eric Schumacher
Eric Schumacher
@emschumacher
I first joined Facebook in 2007 to report a Facebook group called "Find Dirt on the New Pastor at Northbrook: Because Everyone Has Secrets," which began within about 7-8 months of me arriving.

It has maybe 450+ members, some of which were children of church members (and maybe some on the membership roles).
It contained pictures of me (one altered to add 666 to my necktie) and my family (one implying that I abused my youngest child).

I reported it to FB, after which the administrators dropped off it. So I contacted FB again, saying if they didn't remove it ithey would hear from my attorney about defamation of character. It was soon removed (though I may still have printouts of all group pages).

(Around the same time there was another Facebook group called "Take Back the Northbrook Youth Group," for which the cover pic was a former youth group member brandishing a handgun. Removed much more quickly when his mother learned of it!)

What I'm saying is this:

1. This is (one of several reasons) why I don't tolerate people misrepresenting me, making unwarranted accusations, or making threats...especially when they are "Christians."

2. Not much has changed on Facebook in 15 years.
INTERNET
Fran\xe7ois Chollet
François Chollet
@fchollet
Here's an overview of key adoption metrics for deep learning frameworks over 2020: downloads, developer surveys, job posts, scientific publications, Colab usage, Kaggle notebooks usage, GitHub data.

TensorFlow/Keras = #1 deep learning solution.


Note that we benchmark adoption vs Facebook's PyTorch because it is the only TF alternative that registers on the scale. Another option would have been sklearn, which has massive adoption, but it isn't really a TF alternative. In the future, I hope we can add JAX.

TensorFlow has seen 115M downloads in 2020, which nearly doubles its lifetime downloads. Note that this does *not* include downloads for all TF-adjacent packages, like tf-nightly, the old tensorflow-gpu, etc.


Also note that most of these downloads aren't from humans, but are automated downloads from CI systems (but none are from Google's systems, as Google doesn't use PyPI).

In a way, this metric reflects usage in production.

There were two worldwide developer surveys in 2020 that measured adoption of various frameworks: the one from StackOverflow, targeting all developers, and the one from Kaggle.
INTERNET

You May Also Like

The Light - Truthpaper
The Light - Truthpaper
@LightTruthpaper
Latest update from @TheBernician

1/19

Hancock, Whitty, Vallance & Ferguson Stand Accused of Pandemic Fraud.

After yet more damning evidence arose last week, further additions had to be made to the court papers, which we are now aiming to lay in the coming week.

2/19

The four defendants will be Matt Hancock, Chris Whitty, Patrick Vallance and Neil Ferguson, each of whom has inextricable and ultimately incriminating connections with Bill Gates and Big Pharma.

3/19

As well as three counts of fraud by false representation and seven counts of fraud by non-disclosure, under sections 2 and 3 of the Fraud Act 2006, we can now also prove that the entire worldwide scamdemic originated on these shores.

4/19

In fact, we can show that, without the dishonest statements and non-disclosures of the four defendants we are initially proceeding against, COVID-1984 would not have transpired.

5/19

Furthermore, the 1st defendant, Matt Hancock, cannot rely upon the defence of Parliamentary Privilege, on the ground that none of the evidence relied upon by the prosecution is capable of preventing parliamentarians from carrying out their lawful business in Parliament.
CULTURE
Elizabeth May
Elizabeth May
@_ElizabethMay
This is NONSENSE. The people who take photos with their books on instagram are known to be voracious readers who graciously take time to review books and recommend them to their followers. Part of their medium is to take elaborate, beautiful photos of books. Die mad, Guardian.


THEY DO READ THEM, YOU JUDGY, RACOON-PICKED TRASH BIN


If you come for Bookstagram, i will fight you.

In appreciation, here are some of my favourite bookstagrams of my books: (photos by lit_nerd37, mybookacademy, bookswrotemystory, and scorpio_books)
FUN
Advertisement
Tinker \u274e
Tinker ❎
@TinkerSec
Singing the Blues:
Taking Down an Insider Threat

"I had all of the advantages. I was already inside the network. No one suspected me. But they found my hack, kicked me off the network...

...and physically hunted me down."


Many pentests start from the outside, wanting to see how the perimeter might be breached.

This pentest started from the inside. My client wanted to assume they had already been breached, and, if breached, how far could an attacker go.

Could they stop me once I was inside?

So they snuck me in. Disguised me as a new employee. Gave me a work computer, an ID badge, an account in their system... hell, I even had a cubicle w/my assumed name on it.

The only person who knew who I really was was their CISO. Everyone else thought I was Jeremy in Marketing.

During most of the first morning, I completed onboarding, made introductions, and completed menial tasks.

But I had to act quick. I only had a week onsite. I had to hack their network while not raising suspicion.

So I set about it.

You have to understand... most "Internal Pentests" are straight forward. The hard part is breaching the network, but once you're inside, it's a target rich environment. End of Life computers, default passwords, everyone a Local Administrator...
TECH
Nyck de Vries
Nyck de Vries
@nyckdevries
Lately there have been various rumours in the media about myself and Jumbo in relation to Williams. To clarify things, Jumbo is not and will not invest any money in my career. 1/2

Of course we’re collectively looking at career opportunities, however this is certainly not our philosophy and strategy. I hope to announce my future plans soon, be patient 😉 2/2
SPORT
dan spaceman
dan spaceman
@ohlaika
ugh i wanted to do a thread about the wars in Star Wars and how the two outlying wars (the clone wars in the prequels and the cold war/civil war in the sequels) are really weird but i don't feel like it any more.

my first argument is that the Clone Wars were a really complex morally gray moment in Star Wars canon in like, 5 different directions and I'd kind of like to know why Lucas did that.

especially with the direct line that's drawn in the OT with the allegory of WW2 and Vietnam with the rebels being the Vietnamese and the Empire being America. That...doesn't exist in the Clone Wars.

for starters: it's weird it's called the Clone Wars. I get why, because that's what Kenobi calls it in STAR WARS, but the clones are a small facet in the larger story of the war.

the clones basically only exist as a macguffin in AOTC that is...extremely confusing ultimately. Because if you accept that Sidious has this grand master plan to use this war to destabilize the Republic and form an Empire...it's way too complex.
CULTURE