@sinvega does this website have a : show me all pages by this author page ?

@holdenweb @benroyce they are not stupid. They are lying.

Video: Amazingly brave woman stops several men presenting themselves as ICE agents from abducting someone at a car wash.

It is not clear if these are really ICE agents or just some guys posing as ICE agents. They back down once confronted.

The woman calls them bounty hunters. Is that really a thing? Are people kidnapping other people and turning them in to ICE? What is going on here?

h/t The Tennessee Hollar on Bluesky https://bsky.app/profile/did:plc:5o6k7jvowuyaquloafzn3cfw/post/3lsalddvahs2b

@IcooIey some good books in that lot.

THANK YOU

Via Sherrilyn Ifill

Note to media:

“Trump says” is not a story. He says A LOT. He lies a lot. Do some sifting, discerning, contextualizing. Otherwise it’s just stenography. And you’re embarrassing yourselves.

The Onion took out a full page ad in @nytimes and also delivered a physical copy to every lawmaker calling out Congress for their inaction.

The news is putting satirists like The Onion out of work and they’re fighting back.

Breaking: Despite Trump's bombing, Iran is still just weeks away from building a nuclear weapon--just like it has been for the past 30 years.

Oceania has always been at war with Eurasia.

I’m not American either. But, much as you are trying to persuade ppl to let Trump win, I am trying to persuade ppl to oppose Trump, even if that means voting Democrat. So yes, if the Democrats get back in and if they turn out to be worse than Trump, you may in some small measure blame me. @disisdeguey @Strandjunker @GLaDTheresCake

There were two choices. I guess you got the one you wanted. Congratulations, you won.
What now?
@disisdeguey @GLaDTheresCake @Strandjunker

There is no situation so bad that well meaning people cannot make it worse.

@disisdeguey Not on this scale they weren't. You hit that fastforward button, you got what everyone told you you'd get. You chose the greater evil. You won. Get over it.
@Strandjunker

@peter they’re not stupid. They’re just lying.

@disisdeguey @Strandjunker not like this they weren’t. Congratulations on your contribution to what’s happening, you must feel so proud of yourself.

I was chatting up the grocery store clerk and he (politely) asks “hey why do you still wear a mask?” and so I say “do you think the medical field cares about or for people who look like me?”

And since he was a Black man he thought a second, nodded his head and said “real”

It would be nice to think “it would be nice to have been wrong” a little less often.

I got spam that tries to convince me to apply for and accept multiple remote software development positions, with the company saying that they'll farm out the actual work while I get a cut of the action. Wow.

@waldo.net odds that this is actually North Korea?

@WarnerCrocker kaching !

My favorite way to hack in my ethical hacking is phone call based hacking with impersonation. Why? Because it has the highest success rate. This is what we're seeing in the wild right now, too.
Let's talk about how phone call attackers think and how to catch Scattered Spider style attacks for Insurance companies (that are heavily targeted right now, Aflac recently):
1. *Impersonating IT and Helpdesk for passwords and codes*
They pretend to be IT and HelpDesk over phone calls and text message to ask for passwords and MFA codes or credential harvest via a link
2. *Remote Access Tools as Helpdesk*
They convince teammates to run business remote access tools while pretending to be IT/HelpDesk
3. *MFA Fatigue*
They will send many repeated MFA prompt notifications until the employee presses Accept
4. *SIM Swap*
They call telco pretending to be your employee to take over their phone number and intercept codes for 2 factor authentication

Let's talk about the types of websites they register and how to train your team about them and block access to them.
Scattered Spider usually attempts to impersonate your HelpDesk or IT so they're going to use a believable looking website to trick folks.
Often times they register domains like this:
- victimcompanyname-sso[.]com
- victimcompanyname-servicedesk[.]com
- victimcompanyname-okta[.]com
Train your team to spot those specific attacker controlled look-alike domains and block them on your network.

What mitigations steps can you take to help your team spot and shut down these hacking attempts? Especially if you work in Retail or Insurance and are heavily targeted right now, focus on:
Human protocols:
- Start Be Politely Paranoid Protocol: start protocol with your team to verify identity using another method of communication before taking actions. For example, if they get a call from IT/HelpDesk to download remote access tool, use another method of communication like chat, email, initiating a call back to trusted number to thwart spoofing to verify authenticity before taking action. More than likely it's an attacker.
- Educate on the exact types of attacks that are popular right now in the wild (this above thread covers them).
Technical tool implementation:
- Set up application controls to prevent installation and execution of unauthorized remote access tools. If the remote access tools don't work during the attack, it's going to make the criminal's job harder and they may move on to another target.
- Set up MFA that is harder to phish such as FIDO solutions (YubiKey, etc). Educate that your IT / HelpDesk will not ask for passwords or MFA codes in the meantime.
- Set up password manager and require long, random, and unique passwords for each account, generated and stored in a password manager with MFA on.
- Require MFA on for all accounts work and personal accounts, move folks with admin access to FIDO MFA solution first, then move the rest of the team over to FIDO MFA.
- Keep devices and browsers up to date.

@WarnerCrocker they’re having another funding round?