Package theft; lighthearted vigilanteism Show more
A bait package that deploys a glitter bomb and fart spray when opened, and records the results:
The video gets pretty loud when it shows the recordings of the thieves (and their cars, and homes) getting glitterbombed, so watch out.
The fart spray is a fantastic way to make sure the phones have a good chance of being retrieved.
Related: What are *your* methods of keeping healthy (mentally, physically, etc) while in #infosec?
@jerry I'll give you a bold one. 2019 is the year the USA will get an omnibus federal privacy statute. It will inevitably include some #infosec-related provisions. It'll be fueled by the data companies that didn't get a chance to influence the CCPA. It will solve some problems (e.g. breach notification patchwork). It will create some new ones. It won't be anywhere near as bad as CCPA or GDPR.
Admins of Mastodon, I need some Apache help Show more
I have two instances of glitchsoc running on the same server, without docker, using Apache instead of Nginx. Both work great from the web interface.
The problem is that anything that uses websockets gets a 500 Internal Server Error. Examples of this include the 'stream' feature of Tootstream or the Reply feature of Lynnesbians' Ebooks Bots.
Apache says: AH01144: No protocol handler was valid for the URL /api/v1/streaming/user
I'm using the Apache conf from https://github.com/tootsuite/documentation/blob/master/Running-Mastodon/Alternatives.md#apache
Halp! I don't know where to go from here.
Jayson E. Street shares a familiar story from one of his #HackerAdventures, but also follows up with a not-well-known epilogue that has me in stitches!
The endpoint is the perimeter. regardless of where it resides. It's why endpoint agents to evaluate processes and detect and stop malicious activity is the only option. It's why I like Carbon Black, but there are plenty of other similar and good products.
Establish perimeter security, and Arm you endpoints.
Get SOC to the level of threathunting.
We all know it's all about the layers.
That said, the breaches will continue... regardless of what we do to prevent them...
humans are crafty, there will always be new exploits, and we will forever be diligently working to stop these evolving threats.
Opportunity in Adversity
@jerry I'll add to that:
- breaches will continue to be blamed on "hackers" instead of dismal state of IT security
- IoT and supply-chain attacks will spawn a bastard child of a problem when IoT vendors start providing (limited, incomplete) updates but fail to secure their infrastructure
- more regulation (some for the better, some for worse) is going to come after GDPR trailblazed and showed it can work.
Yes, #Ethical Hacker Kids. The holidays are coming up! Here John & Jordan cover the different games, tools and gifts we can give kids that help teach them the trade. There is nothing, nothing like sitting around with family picking locks, learning to code and helping kids through the latest Holiday Hack Challenge.