O.G. πŸ‡ΊπŸ‡¦πŸŒ»

@[email protected]
266 Followers
200 Following
14 Posts
Recovering threat hunter.
Birdsite@0x4f47
Bluesky@0x4f47.bsky.social
O.G. πŸ‡ΊπŸ‡¦πŸŒ»Jun 14, 2023
The thing about great quotes by great people is that most of them were already great by the time they made those quotes. A lot of great quotes by unknown people have probably gone unnoticed.
O.G. πŸ‡ΊπŸ‡¦πŸŒ»May 18, 2023
O.G. πŸ‡ΊπŸ‡¦πŸŒ»Apr 13, 2023
No, I am not that OG.
O.G. πŸ‡ΊπŸ‡¦πŸŒ»Jan 28, 2023
NIST SP 800-63B-1: Change your password every 90 days.
...
NIST SP 800-63B-3: No periodic password change requirements.
...
NIST SP 800-63B-5: Change your password every LastPass breach.
O.G. πŸ‡ΊπŸ‡¦πŸŒ»Dec 23, 2022
I have unfounded fears about using escalators, but I am taking steps to avoid them.
O.G. πŸ‡ΊπŸ‡¦πŸŒ»Dec 22, 2022
Welp, I guess I know what I'm doing this holiday season. Going through all of my online accounts and changing all the passwords and recovery codes, because I don't remember if I did all of them when I ditched #LastPass and they're not making it very clear what exactly got stolen β€‹ https://infosec.exchange/@og/109441555092278405
O.G. πŸ‡ΊπŸ‡¦πŸŒ» (@[email protected])

Since #LastPass bashing is all the rage right now, I want to share something - I stopped using LastPass. But it had nothing to do with their security issues. I think their transparency and handling of having a constant target on their back has been above board. I switched myself and all of the extended family members away from their services last year... because of the way LastPass handled monetization. Tricking users into "free" accounts, then breaking the device sync functionality and demanding a payment to restore it was just shady. A lot of those users were not technical, and moving to LastPass for credential management was a first (and rather challenging) investment of time and effort for them. Breaking core functionality for a payment, causing confusion, loss of trust (and, in some cases, resistance to keep using a password manager) did not sit right with me. We pay the premium subscriptions to other services now.

Infosec Exchange
O.G. πŸ‡ΊπŸ‡¦πŸŒ»Dec 22, 2022
  • We were breached, but don't worry, your data was not stolen.
  • Ok, we were breached, and your data was stolen, but don't worry, it was encrypted.
  • Actually, we were breached, and your data was stolen, and some of it was not encrypted, but don't worry, the rest of it was definitely encrypted.
  • You know what, were breached, and your data was stolen, and...
O.G. πŸ‡ΊπŸ‡¦πŸŒ»Dec 22, 2022
If you are always "experiencing higher than usual call volumes" then they aren't higher than usual.
O.G. πŸ‡ΊπŸ‡¦πŸŒ»Dec 9, 2022
#threathunting
Show threadO.G. πŸ‡ΊπŸ‡¦πŸŒ»Nov 22, 2022
@SwiftOnSecurity if you're in InfoSec, message your team "looks like it's going to be a quiet one" on a Friday afternoon.