I am taking a required online training on "internet security" at my new university.
-
The latest argument in favor of "those who can, do; those who can't, teach."
I'm an ex teacher, BTW/
And the final part:
Those who cannot teach administrate[1].
[1] or alternately: "teach teachers".
-
I am taking a required online training on "internet security" at my new university. In order to get the course to run properly, I was advised to enable all cookies and pop-ups and relax several other security settings in my browser. Good times.
@actualham They prolly also strongly advised to use google chrome because, well, the internet loves it. Good times for good people.
-
I am taking a required online training on "internet security" at my new university. In order to get the course to run properly, I was advised to enable all cookies and pop-ups and relax several other security settings in my browser. Good times.
-
I am taking a required online training on "internet security" at my new university. In order to get the course to run properly, I was advised to enable all cookies and pop-ups and relax several other security settings in my browser. Good times.
@actualham After doing all that one should just come to a website saying "you failed the class"
-
Same as it ever was. Same as it ever was.
As part of #infosec, I weep when I see stuff like this and the training class.
The unauthenticated emails from 3rd party platforms that HR uses to inform employees of legit business stuff, the surveys, all of it.
And they wonder why BEC (business email compromise) keeps happening when the bad guys send a legit looking "We changed our bank account, please update this routing number" email to Accounts Payable.
i worked at a company that did 3rd party phishing mandatory training, with "click on this link" to start the video.
HR forgot to tell anyone that the email would be coming from a 3rd party or what domain name it should be for the link.
our VP of engineering was pretty proud that over 70% of the engineering part of the company reporting the email as a suspicious phishing attempt. sadly, we still had to watch the video, which was pretty useless...
-
The latest argument in favor of "those who can, do; those who can't, teach."
I'm an ex teacher, BTW/
@rgulick note that my excellent uni has world-renowned experts on cybersecurity, and highly skilled instructional designers. But all of this was farmed out to a third party, which is why it could hardly run inside our canvas without everything breaking. Another example of how we hire consultants to sell us what we could do better ourselves but think we can’t “afford” to support internally.
-
I am taking a required online training on "internet security" at my new university. In order to get the course to run properly, I was advised to enable all cookies and pop-ups and relax several other security settings in my browser. Good times.
@actualham As someone who develops and supports e-learning, I can tell you that ALL the software available to produce and then host it is terrible. In ours, depending on which software was used to create the SCORM you either must use Edge for some and Chrome for others. It’s a total nightmare.
-
@actualham As someone who develops and supports e-learning, I can tell you that ALL the software available to produce and then host it is terrible. In ours, depending on which software was used to create the SCORM you either must use Edge for some and Chrome for others. It’s a total nightmare.
@ZS SCORM was a new term for me and it was at the root of the whole fiasco I have learned
-
@actualham They prolly also strongly advised to use google chrome because, well, the internet loves it. Good times for good people.
@softproof yes. I always use a lot of hand sanitizer after I have to whip out Chrome 🤮
-
@ZS SCORM was a new term for me and it was at the root of the whole fiasco I have learned
@actualham The struggle is real. 2 years in the e-learning team broke me, just waiting a transfer to a different department to get away from it.
-
I am taking a required online training on "internet security" at my new university. In order to get the course to run properly, I was advised to enable all cookies and pop-ups and relax several other security settings in my browser. Good times.
@actualham Hmmm. Sounds counterproductive to me and kind of risky.
-
I am taking a required online training on "internet security" at my new university. In order to get the course to run properly, I was advised to enable all cookies and pop-ups and relax several other security settings in my browser. Good times.
@actualham That seems a work computer thing.
-
I am taking a required online training on "internet security" at my new university. In order to get the course to run properly, I was advised to enable all cookies and pop-ups and relax several other security settings in my browser. Good times.
@actualham And when you say "no", I bet they don't give you a pass…
-
I am taking a required online training on "internet security" at my new university. In order to get the course to run properly, I was advised to enable all cookies and pop-ups and relax several other security settings in my browser. Good times.
@actualham how else are they going to train you to know how you’ve been breached if you haven’t been breached? Windows and macOS both have a bunch of new features to breach, so it’s important to know what it looks like when they are breached.
-
I am taking a required online training on "internet security" at my new university. In order to get the course to run properly, I was advised to enable all cookies and pop-ups and relax several other security settings in my browser. Good times.
-
I am taking a required online training on "internet security" at my new university. In order to get the course to run properly, I was advised to enable all cookies and pop-ups and relax several other security settings in my browser. Good times.
@actualham Admiral Akbar.gif alt text "It's a Trap!"
-
i worked at a company that did 3rd party phishing mandatory training, with "click on this link" to start the video.
HR forgot to tell anyone that the email would be coming from a 3rd party or what domain name it should be for the link.
our VP of engineering was pretty proud that over 70% of the engineering part of the company reporting the email as a suspicious phishing attempt. sadly, we still had to watch the video, which was pretty useless...
@paul_ipv6 @pseudonym @actualham I've heard the head of IT tell off multiple people for not doing the mandatory training...and they all tell him they thought the emails were malicious. Nothing has changed.
-
@actualham As someone who develops and supports e-learning, I can tell you that ALL the software available to produce and then host it is terrible. In ours, depending on which software was used to create the SCORM you either must use Edge for some and Chrome for others. It’s a total nightmare.
@ZS @actualham some of us have a VM with Windows and Edge and Chrome specifically for times like that. The VM gets reset after every event. No reason.
Also, please provide the link to the training in the form of a QR code in a PDF that takes users to a URL obfuscator before redirecting to the actual training.
-
Same as it ever was. Same as it ever was.
As part of #infosec, I weep when I see stuff like this and the training class.
The unauthenticated emails from 3rd party platforms that HR uses to inform employees of legit business stuff, the surveys, all of it.
And they wonder why BEC (business email compromise) keeps happening when the bad guys send a legit looking "We changed our bank account, please update this routing number" email to Accounts Payable.
@pseudonym @paul_ipv6 @actualham for a while I had a mortgage with a bank that primarily communicated via a generic bulk email provider that obfuscated links in emails.
So I'd get "Important notice about your loan" from nsw6252.salesmail-au.com and every URL was to ...cliktrak.org
They could not understand how this was problematic. "just click the link"
-
@anarchademic @rgulick probably legal and the back end of IT
🤮
🫤