Good news! I dont need to pester a team at team about finally getting a copy of their security benchmarking scripts!Bad news! Its because they, as well as API keys for publishing them can be found on an open share!
Sometimes I just enjoy a good, functional process.Your retractable card holder at works starts to break? Walk to any reception, say "I need this replaced", they trade yours for a new one, done. No request, no name check, no nothing.
More Subtooting, but: An action being legally required doesn't make it ethical.Please dont misconstrue this as me saying "fuck Proton" - I dont know if Proton should go fuck themselves over this, I dont know this case.All I want to vent about is this "what were they supposed to do, there is nothing they could do!" argument. This mindset will not work with the current resurgence of fascist state power.
til that Sophos' endpoint agent has a super-secret stealth mode that makes it impossible to detect when you check if it's actually installed on all the systems, as the MSP promised...
Alert Name: Suspicious IP protocolAlert ID: [redacted]Severity: MediumSource: XDR Analytics BIOCCategory: Defense EvasionAction: DetectedDescription: The process has attempted to send an a packet with a 128bit IP address. This can only mean there is an integer overflow in an IPv4 address & is commonly used by attackers to circumvent your beautifully crafted IPv4 firewall ruleset.Host: [redacted]
N
