Mastodawn

Dave Merkel Jan 27, 2023

SwiftOnSecurity Jan 27, 2023

I'm bringing shitposting to Mastodon buckle up

Dave Merkel Dec 29, 2022

David W Dec 28, 2022

Do you make a product that relies on the user being able to tell if a single LED is red or green? Please stop.

Dave Merkel Dec 21, 2022

Chris Merkel 🐀👨🏼‍🍳Dec 21, 2022

Should your organization freak out and roll IR because #okta got their source nicked?

Rather than say yes or no, ask yourself what your organization can meaningfully do. Odds are not much. Consider the need to do performative work to keep your executives calm, which sucks but infosec theater pays the bills and keeps auditors happy. Keep in mind that the Windows OS source has been in the hands of threat actors over and over for years and no new sploits came from that so far.

Make sure you're pulling Okta logs into your SEIM and have alerting in place for things like:

admin membership changes
abnormal amounts of password changes
password changes followed by MFA changes
configuration changes to key components, such as MFA or logon restrictions.

Dave Merkel Dec 18, 2022

Chuck Norris: <walks into bar>

#JohnMastodon sitting at bar: <sips drink>

Chuck Norris: <exits>

Dave Merkel Nov 21, 2022

Show thread

Lesley Carhart

Nov 21, 2022

It drives me crazy how poorly a lot of US companies treat their people and how we are so desensitized to it that just suggesting doing things differently shocks people.

Dave Merkel Nov 14, 2022

I hate tweeting...but I guess tooting is OK. h/t to @jerry for #mondog.

Fun fact: blueberries do indeed cure eye crusties. Minute has the receipts...and also does appear to like blueberries.