This is what giving zero fux looks like

#Caturday

Pip for my mum who literally couldn't use her right hand side but to drag it along with her, and who survived a man who beat her for 17 years (and folk wondered why her skeleton had so many historic fractures they mistakenly thought her brittle bones had been going on for decades) pip meant shopping delivered to her home in packaging she could open with one hand (they tried to argue that meant she was self sufficient for 2 years - she was not) and ultimately in meals on wheels which also came with a friendly face while she ate. Those nights I got some sleep with a fraction less guilt.

Think about your elderly and where it might end up. Personal independence matters even in old age. Now imagine being absent that dignity during your working life and suddenly you're unable to keep that job further afield because now your income has dropped £400 a month which you used for a mobility vehicle.

Email your mp before next weeks vote

#WelfareCuts

My favorite way to hack in my ethical hacking is phone call based hacking with impersonation. Why? Because it has the highest success rate. This is what we're seeing in the wild right now, too.
Let's talk about how phone call attackers think and how to catch Scattered Spider style attacks for Insurance companies (that are heavily targeted right now, Aflac recently):
1. *Impersonating IT and Helpdesk for passwords and codes*
They pretend to be IT and HelpDesk over phone calls and text message to ask for passwords and MFA codes or credential harvest via a link
2. *Remote Access Tools as Helpdesk*
They convince teammates to run business remote access tools while pretending to be IT/HelpDesk
3. *MFA Fatigue*
They will send many repeated MFA prompt notifications until the employee presses Accept
4. *SIM Swap*
They call telco pretending to be your employee to take over their phone number and intercept codes for 2 factor authentication

Let's talk about the types of websites they register and how to train your team about them and block access to them.
Scattered Spider usually attempts to impersonate your HelpDesk or IT so they're going to use a believable looking website to trick folks.
Often times they register domains like this:
- victimcompanyname-sso[.]com
- victimcompanyname-servicedesk[.]com
- victimcompanyname-okta[.]com
Train your team to spot those specific attacker controlled look-alike domains and block them on your network.

What mitigations steps can you take to help your team spot and shut down these hacking attempts? Especially if you work in Retail or Insurance and are heavily targeted right now, focus on:
Human protocols:
- Start Be Politely Paranoid Protocol: start protocol with your team to verify identity using another method of communication before taking actions. For example, if they get a call from IT/HelpDesk to download remote access tool, use another method of communication like chat, email, initiating a call back to trusted number to thwart spoofing to verify authenticity before taking action. More than likely it's an attacker.
- Educate on the exact types of attacks that are popular right now in the wild (this above thread covers them).
Technical tool implementation:
- Set up application controls to prevent installation and execution of unauthorized remote access tools. If the remote access tools don't work during the attack, it's going to make the criminal's job harder and they may move on to another target.
- Set up MFA that is harder to phish such as FIDO solutions (YubiKey, etc). Educate that your IT / HelpDesk will not ask for passwords or MFA codes in the meantime.
- Set up password manager and require long, random, and unique passwords for each account, generated and stored in a password manager with MFA on.
- Require MFA on for all accounts work and personal accounts, move folks with admin access to FIDO MFA solution first, then move the rest of the team over to FIDO MFA.
- Keep devices and browsers up to date.

This web page is basically a guided tour of my misspent youth

https://www.webdesignmuseum.org/software