Sporting Systems
J&B Firearm Sales
Bear Creek Arsenal
Oregon Rifleworks
Southwest Firearms
HighLine Firearms
JavaScript is disabled
Our website requires JavaScript to function properly. For a better experience, please enable JavaScript in your browser settings before proceeding.

  • Join the #1 community for gun owners of the Northwest

    We believe the 2nd Amendment is best defended through grass-roots organization, education, and advocacy centered around individual gun owners. It is our mission to encourage, organize, and support these efforts throughout Oregon, Washington, Idaho, Montana, and Wyoming.

    Free Membership Benefits

    • Fewer banner ads
    • Buy, sell, and trade in our classified section
    • Discuss firearms and all aspects of firearm ownership
    • Join others in organizing against anti-gun legislation
    • Find nearby gun shops, ranges, training, and other resources
    • Discover free outdoor shooting areas
    • Stay up to date on firearm-related events
    • Share photos and video with other members
    • ...and much more!

Tech warning - Norton Password Manager breached

Flopsweat said:
I opened a test email like that once, while I worked with a bunch of networking and security people. As a developer. 😬 I didn't click on anything, and all that happened was I got an email from security saying that was a test and don't open stuff like that. My boss never said anything. 🤷‍♂️ But I felt like a complete idiot. I totally knew better.
Click to expand...
We have a SQL dev that we need to keep on a short leash because we found an app he 'developed' that used plain-text passwords. Yes, it was available to the outside.
 
Flopsweat said:
I opened a test email like that once, while I worked with a bunch of networking and security people. As a developer. 😬 I didn't click on anything, and all that happened was I got an email from security saying that was a test and don't open stuff like that. My boss never said anything. 🤷‍♂️ But I felt like a complete idiot. I totally knew better.
Click to expand...
One of those was the very first email I received on my company account. The VERY FIRST. And it says it was from HR so of course I clicked on it. Then immediately I get a message saying I wasn't supposed to click on that for reasons. A few minutes later I get the "training" I was supposed to get beforehand. Now I don't open any of their emails because they poisoned the well on day one. Phone calls only if I see someone tried to contact me.
 
TTSX said:
One of those was the very first email I received on my company account. The VERY FIRST. And it says it was from HR so of course I clicked on it. Then immediately I get a message saying I wasn't supposed to click on that for reasons. A few minutes later I get the "training" I was supposed to get beforehand. Now I don't open any of their emails because they poisoned the well on day one. Phone calls only if I see someone tried to contact me.
Click to expand...
"So, tell us why you're leaving the company so soon"...
 
TTSX said:
One of those was the very first email I received on my company account. The VERY FIRST. And it says it was from HR so of course I clicked on it. Then immediately I get a message saying I wasn't supposed to click on that for reasons. A few minutes later I get the "training" I was supposed to get beforehand. Now I don't open any of their emails because they poisoned the well on day one. Phone calls only if I see someone tried to contact me.
Click to expand...
That sucks!

I just made a note to check ours on Monday. We automatically enroll new users in a training campaign, but we also have a continuous testing campaign that I'm pretty sure they get tossed into as well.

I'll probably need to modify it so any accounts under 30 days old don't get tossed into the testing campaign.

Thanks!
 
Nosferatu said:
Ugh...don't even get me started on Providence. You'd think with the money they have they could sink a bit more into data connectors that effing work most the time.

We have a health clinic that relies on parts of Providences' systems. Unreliable is being polite.
Click to expand...
That is the worst. I hate it when I know what the problem is but am powerless to fix it. All you can do is send off another email asking "please fix" or "what is the status of that fix?" or "can I just please talk to the guy who can actually fix this, not some middleman who may or may not be relaying my problems accurately?"

The worst part is when you actually do get through to the engineer who can fix your problem and you spend five minutes on the phone with them and the problem is solved. You mean I just spent 2 months chasing bureaucracy only to walk thorough a 5 minute configuration change that the engineer in charge knew about but never fixed because he didn't think anyone was impacted?! My kingdom to be made admin of everything. I'll do it myself.
 
lucusloc said:
That is the worst. I hate it when I know what the problem is but am powerless to fix it. All you can do is send off another email asking "please fix" or "what is the status of that fix?" or "can I just please talk to the guy who can actually fix this, not some middleman who may or may not be relaying my problems accurately?"

The worst part is when you actually do get through to the engineer who can fix your problem and you spend five minutes on the phone with them and the problem is solved. You mean I just spent 2 months chasing bureaucracy only to walk thorough a 5 minute configuration change that the engineer in charge knew about but never fixed because he didn't think anyone was impacted?! My kingdom to be made admin of everything. I'll do it myself.
Click to expand...
We've had that phone call numerous times with them. Every switch and firewall update they install breaks it.

Luckily, we hired a new guy a couple months ago. Providence is his problem now! :D
 
TTSX said:
One of those was the very first email I received on my company account. The VERY FIRST. And it says it was from HR so of course I clicked on it. Then immediately I get a message saying I wasn't supposed to click on that for reasons. A few minutes later I get the "training" I was supposed to get beforehand. Now I don't open any of their emails because they poisoned the well on day one. Phone calls only if I see someone tried to contact me.
Click to expand...
Yeah, I really don't want to do that to any of my users. That can be a really hard thing to un-train. And then they get even more "creative" with work processes because they got burned on one I had set up for them.

I swear, I don't actually expect you to know all this stuff, but I need you to know all this stuff so you stop creating new gaps in our infrastructure! It's either that or I have to lock down literally everything and you only get to do work if you ask specific permission to do it.

Or to paraphrase the old adage; I can make a perfectly secure system, until you tell me I have to let someone else use it.
 
Nosferatu said:
We've had that phone call numerous times with them. Every switch and firewall update they install breaks it.

Luckily, we hired a new guy a couple months ago. Providence is his problem now! :D
Click to expand...
I love hiring new monkeys! My problem is they always learn stuff and then graduate from being a monkey to a colleague and then I feel guilty about giving them all my trash. And eventually HR wises up and puts the kibosh on hiring new monkeys and I don't have the excuse of foisting off a "learning experience" to them anymore. Problems are infinite, pawns are not :(
 
lucusloc said:
I love hiring new monkeys! My problem is they always learn stuff and then graduate from being a monkey to a colleague and then I feel guilty about giving them all my trash. And eventually HR wises up and puts the kibosh on hiring new monkeys and I don't have the excuse of foisting off a "learning experience" to them anymore. Problems are infinite, pawns are not :(
Click to expand...
We don't have much turnover here so it's pretty rare we get a FNG. I have the highest seniority and get to decide who does what at this point. (more like decide what I don't do!) My focus needs to be on engineering projects, so I'm handing off all the support and helpdesk escalation stuff.
 
As an update the sibling of Wife did get the money back. Bank put all of it back and are going to go after the scum, who it turns out lives only a few miles from us, not in another state as first thought. In any case I told Wife her sister should consider herself lucky, VERY lucky that it was at worst a good fright. Hopefully she learned something from this close call.
 
Alexx1401 said:
As an update the sibling of Wife did get the money back. Bank put all of it back and are going to go after the scum, who it turns out lives only a few miles from us, not in another state as first thought. In any case I told Wife her sister should consider herself lucky, VERY lucky that it was at worst a good fright. Hopefully she learned something from this close call.
Click to expand...
That's a fantastic outcome. I hope they come down on the thief with both feet.
 
Why would anyone, with 1/2 1/4 1/8 1/9,427th of a working brain, use a password manager?

There's no way people can be this stupid - oh wait, they made a movie...
 
ATCclears said:
Gen Digital, formerly Symantec Corporation and NortonLifeLock, informed its customers that threat actors have breached Norton Password Manager accounts in credential-stuffing attacks. The company detected an unusually large volume of failed logins to customer accounts on December 12, 2022, and launched an investigation to determine what has happened.


securityaffairs.com

NortonLifeLock: threat actors breached Norton Password Manager accounts

Gen Digital, formerly Symantec Corporation and NortonLifeLock, warns that hackers breached Norton Password Manager accounts.
securityaffairs.com securityaffairs.com
Click to expand...

20201104_013319136_iOS.jpg
 
Benchrest said:
Why would anyone, with 1/2 1/4 1/8 1/9,427th of a working brain, use a password manager?

There's no way people can be this stupid - oh wait, they made a movie...
Click to expand...
I have worked in I.T. for over a decade. I use them, my company uses them, and a lot of really smart people I know use them. The key is to use them correctly.
 
My, how deeply is the Deep State entwined with Big Tech! Not surprised. :rolleyes:

BTW, Oracle is advertising a new product where your put all you business information in and it "manages" it for you!
 

Similar threads

Joe13
Anyone work for PUD? Or know of a company hiring a Project Coordinator / Manager?
Replies
2
Views
171
Xaevian
ATCclears
Tech warning - Hack at LastPass worse than admitted/realized
Replies
10
Views
825
ATCclears
arakboss
Anger Management & Negative Waves.
6 7 8
Replies
149
Views
4K
JRMadrid
L84Cabo
Zebra Camouflage: How To Manage An Angry Wife-Unit Who Won't Let You Grow Your Collection
Replies
16
Views
559
CLT65
RicInOR
Apple Killed the Password
Replies
6
Views
542
RicInOR
Copeland Custom Gunworks
Sporting Systems
Cerberus Training Group
Southwest Firearms Forum
Tigard Pawn 4 More
Bear Creek Arsenal
Sidebar Menu

New Posts

Upcoming Events

PewFac
Rifle Mechanics
Sweet Home, OR
M
Oregon Arms Collectors May 2024 Gun Show
Portland, OR
PewFac
Handgun Self Defense Fundamentals
Sweet Home, OR
Kids_SAFE_Fdn
Teen Rifle 1 Class
Springfield, OR
Kids_SAFE_Fdn
Kids Firearm Safety 2 Class
Springfield, OR

New Resource Reviews

New Classified Ads

Support Our Community

If our Supporting Vendors don't have what you're looking for, use these links before making a purchase and we will receive a small percentage of the sale
Aero Precision
Amazon
Ballistic Advantage
Brownells
Cabela's
Chewy Pet Supplies
CrossBreed Holsters
eBay
Faxon
Palmetto State Armory
Primary Arms
Sportsman's Guide
Sportsman's Warehouse
Walmart
Back Top