An old school tech head trying to keep up as the world goes mad! Into reading, retrogaming and coding automations to make my life easier!
So, unfortunately, for the water companies, the UK Supreme Court has ruled that owners of assets & properties can seek redress for the dumping of sewage into their water courses (in a case brought by Manchester Ship Canal & supported by @goodlawproject). Previously the water firms had argued only the regulator could bring such actions!
So, the water sector could be about to find itself mired in a torrent of legal actions resulting from unregulated sewage discharges.
Good!
h/t FT
Two impressive #OSINT tools ๐ ๏ธ #FOSS
1. Domains https://www.lopseg.com.br/osint
2. Strings https://swanandx.github.io/lemmeknow-frontend/
@futurebird maybe slightly different as I am in the UK but fully behind this! Education should be free, trying to educate yourself and train for a career that will help GDP / the economy of [insert country name] should not begin with at least 30k of debt, and that's not including the rent for somewhere to stay, bills and food, that's just tuition fees.
I, as an older fella well above 35, feel so sorry for any kids today (I call my mid 20s children kids still!) trying to make something of themselves.
It was hard enough when I was a kid, I wouldn't want to swap places nowadays.
I hope they all understand that not all us older buggers are anti-youngsters, we are here to help and to listen. Shame governments don't try that now and again and sort the education systems out where ever you may be.
Still messing with #stealer #malware logs, seeing what I can do with them, finding actors behind the infections, trying to connect people and groups and having fun although not getting anywhere fast.
Apart from Telegram, does anyone else know where I can download the logs to make my sample sets bigger to test across?
Have a good weekend people!
@leyrer Totally agree but I am a tech in charge of other techs. We live all over the UK and have only 2 full time sysadmins in the office, and that's only because the analysts side if the company are in there.
We also have to remember some people like to be in an office with others, the social side of things effects people in different ways and constant noise, the walking round and catching up in the coffee pod is important to people.
However, totally agree that people being forced into the office is bad. We have actually downsized office space due to the number of people working better at home. Give employees the choice, but you start forcing people.and the kickback will be unpleasant for those forcing people's hands!
I have installed #NodeRed for a new #OctopusAgile #HomeAssistant intergration. It has been a bit of struggle, but with some great help, got there in the end. Node Red looks very interesting.
@homeassistant@a.gup.pe @homeassistant@chirp.social @homeassistant@fosstodon.org
Almost got scammed selling some stuff online. ๐ค
Had a person send me their number as an interested buyer and told me to text them. I did (first mistake), and we arranged a meetup time. Then they asked if, for their safety, they could send me a six digit code (some of you already know where this is going) that I could repeat back to them to verify myself.
I said, "absolutely!" And sure enough, I got a Google Voice verification number. lol
If you're not familiar with the scam, shady people will take your phone number and try to create a Google Voice account with it. If you provide them with the 6-digit code that Google sends you, they can "verify" that they are you, and then basically use your phone number to run scams, commit fraud, etc. It's nasty business.
I called them out, blocked them, then reported them to the marketplace website and to the FTC--though, almost certainly, they were using the phone number of another poor soul to carry this out.
I used to work as a social engineer, running phishing campaigns (ethically, with consent lol), against Fortune 1000 companies to assess their level of vulnerability. Luckily for me, I was super familiar with this, but most of the people I told about it have said, "Oh, I probably would have fallen for that...", and even I set myself up for it.
So that is why I'm posting this. Please be aware of sketchy shit like this. If someone is asking you for a verification code over SMS or email, tread with EXTREME caution. Also, it's usually pretty shady if a stranger you're already chatting with wants to move to a new platform. Not always, but if someone emails or messages you on Facebook to ask you to text them, that's a little weird. I'd had legitimate buyers/sellers do that, so it's not unheard of, but it should put you on guard.
If you buy/sell/trade online frequently, it's a good idea to use a dedicated MySudo number, VOIP number, and/or a burner phone for that.
Stay safe out there, kids.
#Privacy #Security #Scams #Craigslist #FacebookMarketplace #eBay
Been a strange week and I think, only think, that I am being targeted with the end game being getting access into the company I co-own.
Beginning of the week started with random phishing for O365 creds via a few methods, voice mail recording, outlook phishing site and pdf 'log in to get the pdf' approach. We all get them right....majority of these got caught in mail filters anyway.
Midweek, employees at the company started to receive emails "from me" asking for their phone number so I can jump on WhatsApp for a quick chat about something.
Yesterday it stepped up with someone who knew my name and non-work phone number (just switched to work phones so the old number is out there), contacting me to ask to partner with their HR company. I went along for a bit, got a name and company domain if who they were supposed to be - first cock up, the company they were impersonating had been purchased by a new company and the old domain didn't auto forward and the SSL was out of date.
They asked for a video chat with a "trainer" to chat through duties and pay. At this point I probed on the inconsistent details given and asked why they wanted video of me. Messages being read but no answers.
Assuming they wanted video of me to try to deep fake video to call people who know me, get my voice to use maybe, who knows.
Be careful out there - I guess I should be happy getting the attention, perhaps the company is treading in someone's toes, who knows but we are not a big company so can only guess how much of this people in household name companies get.
We are in threat intel arena, perhaps we are being bundled in the approaches being made to that community?
Maybe I am over dramatising it.... interesting week though.
@wolfram_roesler @nixCraft oh that was a mind jolter. Blank tape in the boom box listening to the top 40 on the radio, fingers poised over start / stop / record to tape that's weeks hits whilst missing out the DJ intros etc!!
Sometimes I miss them days!
@funes well, I guess that's my weekend sorted then. Thanks for taking the time to comment, appreciated, don't get much of that on here unless you are a 'known name'!!
@funes Exactly - I plan on looking at filepaths, filenames and format etc. Just wondered if this had already been done that was all ๐
Some of the dumped logs give it away in the main filename, quite a lot don't.
Probably of no value to anyone tbh, but I like messing with stuff like this anyway!!
@funes my apologies - not system logs, the logs from infostealer malware. The malware on someone's machine is 'harvested' for creds out of browsers, cookies and other things depending on the infostealer used.
Sometimes called cloudlogs for some reason as well.
@funes Love the way people are suspicious and then remember 99.9999999% of people don't know me and how my grey matter sort of works, or doesn't!
I look at infostealer logs that get dumped to the internet and just wondered if there was a way of looking at a log file and say it was output from a particular strain of infostealer. There are a lot of stealers, there are differences in the output and that's where my thinking is....how to tie a particular log output to an infostealer.
I have a couple of ideas but wanted to see if others had wondered the same or was it just me having too much time on my hands again!!
Looking for people interested in #malware and #infostealer. I am trying to find a way of tying log files that are regularly dumped online to a particular infostealer. I know the majority will be redline, but also seeing a lot of new stealers being created / sold in forums and marketplaces.
Anyone doing work like this that I can try to help out with before I bite the bullet and start from scratch.
Have a good weekend!
Is it wrong to still not know what you want to do when you grow up aged 51?
@Br3nda well that just saved me bothering to sign up to see what it's like, thank you!
Most defo never been a cool kid...or teen...or adult!
In a difficult situation, my wife once told me: โPeople tell me Iโm tough because they donโt see me cry but believe me, if Iโd think itโd help, Iโd throw myself to the floor and cry all day and night.โ Most people only leave the house on their good days. Itโs not easy to know how people are really doing. At the same time, telling people about a hardship sometimes reveals a dozen of people in similar situations. Itโs weird. Like a whole underground of hardship beneath the veneer. If youโre not doing well, I hope your situation improves and that you can find the people you need to talk to. Because life can be hard.
Can we please just STOP chopping down ancient woodland?
#woodland #WoodlandTrust #ecology
https://campaigns.woodlandtrust.org.uk/page/130168/action/1?locale=en-GB
@nixCraft about the same age and do the same!
Also slap in print("in function xxxxx") in Def's / functions to see when I get in and out of them ๐
