GaryM
Pattern Altitude
Thin bags of gasoline positioned so that when they break and flood the trunk they’ll leak down onto the hot muffler and maybe even forward onto the much-hotter catalytic converter
I can't even figure out what that is.
Thin bags of gasoline positioned so that when they break and flood the trunk they’ll leak down onto the hot muffler and maybe even forward onto the much-hotter catalytic converter
I can't even figure out what that is.
I can't even figure out what that is.
Urine samples
Well, at least he had safety in mind. I mean... the gloves, right?
Love watching a self-fulfilling prophecy come to life. Unfortunately, this disproportionally affects an awful lot of people that actually NEED the gas.
Not sure what self fulfilling prophecy you're referring to here.
https://www.charlotteobserver.com/news/local/article248632600.html
Colonial posted a job opening for a cybersecurity manager today. ROFL!
You would think the garmin attack and payout would've woken these companies up to the fact they are targets. It certainly showed the hackers that the strategy works...
Garmin. The bank's before them. The DC Police department. Other city agencies around the country. The OPM hack a few years ago. The list goes on and on. In many companies, if it's not revenue producing, it doesn't get the capital - although some have woken up to the reputational risk concerns.You would think the garmin attack and payout would've woken these companies up to the fact they are targets. It certainly showed the hackers that the strategy works...
"However on April 13, we sent out a test phishing email to [where I work] faculty & staff entitled Password Check Immediately Required. Many spotted it as phishing and reported it to the HelpDesk, but 159 users clicked on the embedded link included in the email and 31 actually shared their username and password in the phishing screen."
[About 500-600 total faculty / staff most faculty have PHDs...]
That would be something, wouldn’t it.That should be a continued employment test. Click on link, or enter password is a fireable offense.
Our org does phishing tests routinely. We have a plug-in that integrates with Outlook where you can click a Phish button and it will send the email to info-sec for analysis. The info-sec group offers up prizes to people who correctly identify phish emails. For those who click the phish-test-emails - First offense is you have to re-take the phishing web-based-training. Second offense is your manager gets a call. Third offense.... yeah, you get sent to HR and it becomes a performance issue.
There have been some tricky fake-phish-test emails that have gone out. One looked really close to an actual email requesting sign-up for the company picnic. Others look pretty darn close to emails from Microsoft and Apple.
What BS.
I’m surprised no one has begun sending all their emails to info-sec for analysis. “Here are yesterday’s 347 emails, folks. Please let me know which ones are safe. Thank you!”
I’m surprised no one has begun sending all their emails to info-sec for analysis
"iT Is a CosT CenTeR!!!"
Yep. Until it's not. I've worked in organizations where the ratio of IT to non-IT was completely out of whack. Like around 1:100 or so. That was a relatively large financial organization, too.
Would've been cheaper to maintain their IT infrastructure properly....
You know this because...are you the one pictured pumping gas?
Initial thoughts stand.
You would think the garmin attack and payout would've woken these companies up to the fact they are targets. It certainly showed the hackers that the strategy works...
Not necessarily. They’ll just pass long the cost either way.
I think the spam/phish filters do a pretty good job of getting rid of the vast majority of the irritating and malicious traffic. The phish button is there to provide a way for folks to send the ones that slip through to infosec for quarantine and analysis. I get what you are saying, but the number of these questionable emails that slip through is pretty low.
But yeah, I'm glad I'm not in infosec.
ah yes... privatize profits, socialize losses.
If the company is going to punish employees who are not infosec specialists for getting suckered occasionally, they should be punishing the infosec group for letting the crap through in the first place.
What they’re doing seems akin to punishing the victims of a mugging.
I am triggered.
May I ask why they use the same computers for e-mail/web browsing and controlling mission-critical objects, such a pipeline valves?