cybersecurity

4596 readers

34 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 2 years ago

MODERATORS

[email protected]

What are You Working on Wednesday (infosec.pub)

submitted 7 months ago by [email protected] to c/[email protected]

5 comments fedilink hide all child comments

Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.

all 7 comments

sorted by: hot top controversial new old

[+] [email protected] 4 points 7 months ago* (last edited 2 months ago) (1 children)

[removed by mod]

[–] [email protected] 1 points 7 months ago

Your post doesn't indicate your level of opsec, the country you live in, or your abuser's technical understanding of computing machinery and security. Something important to be aware of (if you're not already) is depending on where you're posting from and what your abuser has access to, a post like yours--or following any of the links below--without taking appropriate precautions could put you in (further) danger.

The first thing that should be established (if you don't already have one) is a threat model--consider things like: what are your abuser's capabilities? (what do they know?, what can they access?, etc); what do you want to keep from them? (ie your online activities, especially as they relate to getting out of your situation if that is your goal); what controls/defenses can you use to keep yourself safe, prevent info discovery, mitigate harm, etc? How you can safely proceed depends on your threat model, which depends on your own unique circumstances.

Here are a few links, but please proceed carefully (if you don't want to follow them for safety reasons, feel free to ask questions here):

A decent repo of resources to use computing machinery privately and securely: https://www.techlore.tech/resources
I'm not familiar with resources for abuse, but I found this from a relatively quick search: https://www.thehotline.org/get-help/domestic-violence-local-resources/
For psychological help (therapy, counseling, etc): https://www.psychologytoday.com/us

If the above is not the type of response you were seeking (or you were already aware of it all), feel free to disregard it. (I understand at least some of the potential implications of this post being in a cybersecurity community on a cybersecurity Lemmy instance, but I didn't want to assume just in case.) Regardless, I hear you. Your situation sounds awful. (If you just wanted to effectively shout into the void for some type of release, feel free to ignore this entire response. Finally, just in case anyone is wondering: the reason I replied here instead of privately is in the case resources/info are desired, others can provide better links/info and/or correct anything that's wrong/dubious--I'm just a computer nerd with questionable social skills who wasn't sure if/how to respond 😅...)

[–] [email protected] 3 points 7 months ago (1 children)

I'm in service account password rotation hell

[–] [email protected] 1 points 7 months ago

If this is AD, have you looked at gMSAs at all?

[–] [email protected] 2 points 7 months ago

Trying to make the time to review all this SOC 2 evidence for our annual audit, while also getting pinged for tons of other issues all the time.

[–] [email protected] 1 points 7 months ago

Schedule slips of capability installs, and fighting fake status updates. Oh joy! Nothing like having a vendor report that something is working and delivered and it’s completely missing. But somehow, it meets requirements, so contractually, they’re good.