un_ax's recent activity
-
Comment on Phishing tests, the bane of work life, are getting meaner in ~tech
-
Comment on Phishing tests, the bane of work life, are getting meaner in ~tech
un_ax Link ParentI have a phishing training setup for on boarding and a yearly refresher, it's a course that's easily less than 30 mins and I have to work to get above 50% competition rate, even with email...I have a phishing training setup for on boarding and a yearly refresher, it's a course that's easily less than 30 mins and I have to work to get above 50% competition rate, even with email reminders and good ratings from people who have taken it. It would be nice to have someone who wanted to learn about phishing.
phished every day without any concern for privilege escalation
Getting access to one account lets you try that password in other places, sometimes which include remote access. Or if the phish was a malicious PDF you can get direct access. Endpoint protection isn't 100% reliable on picking up threats. From that PC you can maybe grab passwords of other users (admins) who have logged in or scan the network for spreading.
Even if you can only get to the email, that email can be used to send phishing emails to other employees, which is automatically more trustworthy because it's from an internal email address.
You ideally have several layers of protection since none of them are foolproof.
-
Comment on Phishing tests, the bane of work life, are getting meaner in ~tech
un_ax Link ParentTrue generally. But if you host a phish page on sharepoint, you might get a real login and then sent to a fake login (image) that says invalid password, which would fool a lot of people. I think...If it opens sharepoint.com and my password manager logs me in, the email might be legitimate
True generally. But if you host a phish page on sharepoint, you might get a real login and then sent to a fake login (image) that says invalid password, which would fool a lot of people. I think with SSO people are used to getting redirected a lot of times during a login.
If it was a phish then your email could be verified as someone who clicks on links which isn't great anyway.
Knowbe4 does have the option for a (customizable) landing page that has a login forum, but they have the option of so many different phishing approaches that they'd each need their own login page. To use that feature you need to narrow down the types of phishing that you're targeting users with. Clicks are easy to measure and apply to every phish type. It would be nice though to get more options there.
All the phishing links are long URLs at kb4.io
By default the phishing link domain is random. If you want to filter emails from knowbe4 you'll get more success by filtering on the default "X-PHISHTEST" header that might still be enabled, or the Reply-To domain which you have to change on the admin panel.
-
Comment on Linux mini computers in ~comp
un_ax Link ParentDocker would be a useful thing to get into once you figure out the basics of linux. To elaborate on why you'd want to try out docker, here is my setup. I have a NAS for storage, some (linux)...Docker would be a useful thing to get into once you figure out the basics of linux. To elaborate on why you'd want to try out docker, here is my setup.
I have a NAS for storage, some (linux) docker servers, and a series of services running using docker. Portainer is used to manage containers.
The docker services (using templates from linuxserver.io, but others work once you get used to docker). This way configuration and important files are all stored centrally on the NAS (through NFS), so there is only one storage you need to back up.These can all be on one machine, or split into multiple docker servers. If you want to host something lightweight like Heimdall (a dashboard webpage) you can put it on a low power PC or the NAS, but if you find something like Plex or Obico requires more power, you can run docker on your main PC (even Windows) and still connect it's storage to your NAS.
Doing this in docker keeps the running environments separate, so if something breaks or behaves badly, it's easy to reset or replace it and keep a clean base install. During the learning of linux you can create a lot of mess while trying things out, so being able to do a clean reset and still have remaining services running is a nice bonus.
Yeah autorun has been off by default for a while. You can still get to it with the right click menu or something.
But malicious USB drops these days can emulate a keyboard and run a macro to press Win+R then type in a powershell command to download and run more code, so autorun isn't needed to run code.