Dragos

Sunt patit cu burnout-ul din mediul corporate. Cele mai frecvente cauze sunt task-urile multiple cu deadline-uri nerealiste sau proiecte mai mari din care faci parte cu oameni care nu au treaba cu domeniul. Cateva exemple din ce am patit: "Suntem la mijlocul lunii, ai un POC facut, livreaza tot proiectul pana la sfarsitul lunii si dupa corectezi ce erori apar". Inchizi pe ziua respectiva si iti scrie managerul "pana pleci, fa te rog si task-ul asta". Ii zici ca faci maine si iti raspunde cu "Ar fi mai ok azi" Explici la colegii tai cum trebuie sa faca o anumita chestie si urmatoarea zi te intreaba acelasi lucru si se repeta procesul pe cateva luni Burn out-ul nu apare dintr-o data. La un moment dat ti se aduna toata frustrarea si incepi sa devii agresiv, in special cu colegii fara experienta. In momentul in care realizezi ca esti burnt out, in primul rand trebuie sa vezi de unde iti vine si sa incerci sa rezolvi. stai peste program sa rezolvi orice chestie care putea sa ramana pe urmatoarea zi => inchizi la ora care termini, sa fii team player nu inseamna sa faci voluntariat si tot tu pierzi nu trebuie sa fii conectat non-stop la Slack/Teams/etc., decat daca esti pe o rotatie "on call" si si atunci te suna cineva din companie daca te simti burnt out, scoate Slack, Teams sau ce aplicatie foloseste compania ta de pe telefonul personal (vezi sa nu scoti si aplicatia de MFA) ai caz de forta majora (ex. Crowdstrike) => da, stai peste program si notezi cat ai stat ca OT ai un manager care iti promite multe si nu se intampla => foloseste-te de ce resurse ai la companie ca sa-ti imbunatatesti CV-ul (cursuri, diplome, conferinte platite de companie) si gaseste-ti intre timp alt job. In ziua de azi, in special in mediul corporate, nu te ajuta loialitatea la absolut nimic te intreaba lumea cum sa faca una sau alta => fa un guideline, prezinta-l intr-un call trimis la distribution list, daca tot te intreaba, trimite-i la guideline Un alt lucru important, in special in IT, nu te grabi sa livrezi ceva. Da un deadline 2x / 3x fata de cat ai estima ca ar dura. Daca livrezi rapid, o sa te incarce de task-uri de nu o sa mai stii de tine. Daca lucrezi remote, uita-te la un film, joaca ceva, fa curatenie prin casa, spala vasele, nu te grabi sa livrezi o gramada de chestii pentru ca o sa te tina minte managerul si o sa-ti dea mult mai multe de facut pe aceeasi bani.

Ai asteptari mari ca serviciul roman sau politia sa fi stiut sa faca mitm pe vremea aia.

Daca folosesti Arc, ti-o meriti. Nu am vazut functionalitati wow care sa nu fie si la alte browsere, doar chestii de feng shui si design. In spate tot Chromium.

IT teams around the world are scrambling to fix a massive outage and it is unclear exactly how large the disruption has become. Airlines, banks, media outlets and various other businesses worldwide have been left reeling from what appears to be a global Microsoft outage. The global IT issue has caused chaos, with airlines around the world reporting delays to their flights. There are reports of various PCs showing the famous ‘blue screen of death’ – a Windows error message. The Verge reports that this issue was first noted by Australiann businesses, but it has since spread with airlines across Europe reporting issues. Multiple media outlets are sharing live updates on the issue and the reports of disruptions appear to be pouring in worldwide. One recent update from the BBC is that the outage has caused disruptions to the UK’s National Health Service, causing GPs to only see the most unwell patients. Sky News says it is struggling to broadcast its live TV service, Ryanair is reporting disruptions, banks have been impacted – the scale of the disruption appears to be massive. While the scale of the issue is clear, the cause is less certain. Microsoft reported an issue earlier today (19 July) of users being “unable to access various Microsoft 365 apps and services”. The tech giant said it rerouted affected traffic to “healthy infrastructure” and reported “continuous improvement” two hours ago. The wave of IT issues is being linked to a faulty update from Crowdstrike, a cybersecurity provider used on various Windows PCs. Australia’s National Cyber Security Coordinator said it is aware of a “large-scale technical outage” and that it appears the outage relates to a “technical issue with a third-party software platform employed by affected companies”. Crowdstrike told media outlets that it is aware of the reports of Windows systems crashing. In a support note seen by The Verge, Crowdstrike said it identified the issue and reverted the faulty update, but it does not appear to have fixed the ongoing issue. It is unclear if the earlier Microsoft error is linked to the Crowdstrike update. It will take time to see confirm the exact cause and the true scale of the disruption. Regardless, the outage will likely be a significant hit to the reputation of Microsoft, which has been criticised for its connection to massive breaches in recent years. https://www.siliconrepublic.com/enterprise/massive-microsoft-crowdstrike-outage-grounds-flights-global-disruption

Le trebuie un curs de Excel si toti o sa fie experti digitali.

Control panel-urile depind de sistemul de operare pe care il ai pe vps. Daca vrei doar sa-ti setezi cateva site-uri, poti sa-ti faci direct din ssh: https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-ubuntu-18-04 https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mariadb-php-lamp-stack-on-centos-8

Protocol hasn't changed, but you can get IP banned from most of email providers today for using this method.

Hai ca poate si PHP-ul intr-o linie C:\laragon\www\rst\>php -r "preg_match_all('/[a-zA-Zăţâ\-]+/',file_get_contents('a.txt'),$matches);print_r(array_count_values($matches[0]));" Array ( [A] => 2 [fost] => 2 [odată] => 1 [ca-n] => 1 [poveşti] => 1 [ca] => 1 [niciodată] => 1 [Din] => 2 [rude] => 1 [mari] => 1 [împărăteşti] => 1 [O] => 1 [prea] => 1 [frumoasă] => 1 [fată] => 2 [Şi] => 5 [era] => 1 [una] => 1 [la] => 1 [părinţi] => 1 [mândră-n] => 1 [toate] => 1 [cele] => 1 [Cum] => 2 [e] => 1 [Fecioara] => 1 [între] => 2 [sfinţi] => 1 [luna] => 1 [stele] => 1 [umbra] => 2 [falnicelor] => 1 [bolţi] => 1 [Ea] => 1 [pasul] => 1 [şi-l] => 1 [îndreaptă] => 1 [Lângă] => 1 [fereastră] => 1 [unde-n] => 1 [colţ] => 1 [Luceafărul] => 1 [aşteaptă] => 1 [Privea] => 1 [în] => 1 [zare] => 1 [cum] => 1 [pe] => 2 [mări] => 1 [Răsare] => 1 [şi] => 2 [străluce] => 1 [Pe] => 1 [mişcătoarele] => 1 [cărări] => 1 [Corăbii] => 1 [negre] => 1 [duce] => 1 [] => 3 [l] => 1 [vede] => 2 [azi] => 1 [îl] => 1 [mâini] => 1 [Astfel] => 1 [dorinţa-i] => 1 [gata] => 1 [El] => 1 [iar] => 1 [privind] => 1 [de] => 2 [săptămâni] => 1 [i] => 1 [cade] => 1 [draga] => 1 [ea] => 2 [coate-şi] => 1 [răzima] => 1 [Visând] => 1 [ale] => 1 [ei] => 1 [tâmple] => 1 [De] => 1 [dorul] => 1 [lui] => 1 [inima] => 1 [sufletu-i] => 1 [se] => 1 [împle] => 1 [cât] => 1 [viu] => 1 [s-aprinde] => 1 [el] => 1 [n] => 1 [orişicare] => 1 [sară] => 1 [Spre] => 1 [negrului] => 1 [castel] => 1 [Când] => 1 [o] => 1 [să-i] => 1 [apară] => 1 )

De curand Postman a scos scratchpad-ul care te lasa sa folosesti rulezi colectii si environment-uri local si forteaza pe toti sa-si faca cont si sa salveze toate datele in cloud-ul lor. Anuntul lor e aici. Presupun ca nu sunt singurul care nu poate la munca sa stocheze credentiale si colectii de API-uri in cloud-ul celor de la Postman, asa ca va intreb, voi ce alternative GUI folositi unde lucrati?

Probabil, daca o sa faca ceva, o sa o transforme intr-o birocratie cu NDA, copie dupa CI si alte balarii ca sa ai dreptul legal din data X pana in data Y sa faci pentest. Daca nu sunt sisteme de stat, sunt sisteme de-ale UTI sau altii care mananca o caruta de bani doar sa schimbe un cablu sau sa dea restart la un server si aia o sa va dea in judecata daca va vad pe loguri.

Kevin Mitnick, a reformed hacker who was once one of the FBI's "most wanted" cybercriminals, has died at the age of 59. Mitnick spent five years in prison for computer and wire fraud following a two-year federal manhunt in the 1990s. But after his release in 2000 he reinvented himself, becoming a renowned "white hat" hacker, cybersecurity consultant and author. He died on Sunday following a 14-month long battle with pancreatic cancer. "Kevin was an original; much of his life reads like a fiction story," his obituary reads. "He grew up brilliant and restless in the San Fernando Valley in California, an only child with a penchant for mischief, a defiant attitude toward authority, and a love for magic." In the 1990s, Mitnick gained notoriety breaking into government websites and corporate networks, including Pacific Bell, and stole corporate data and credit card information. He was involved in the theft of thousands of credit card numbers and data files across the country in addition to working his way into the country's cell networks, vandalizing corporate, government and university computer systems. A brief history of hacking He was dubbed as the "most wanted" computer hacker in the world by investigators. A two-year-long nationwide FBI manhunt led to his 1995 arrest and he eventually pleaded guilty to computer and wire fraud. Authorities believed he had access to corporate trade secrets worth millions of dollars. In his 2011 memoir, Ghost in the Wires, Mitnick denied using his skills to steal or exploit information for financial gain. "Anyone who loves to play chess knows that it's enough to defeat your opponent. You don't have to loot his kingdom or seize his assets to make it worthwhile," he wrote. His arrest sparked a 'Free Kevin' movement in the hacking community, which lobbied on his behalf, including with rallies outside the prison where he was held. Following his release from prison, he became a "white hat" hacker, writer and public speaker. A "white hat" hacker aims to use their skills and identify vulnerabilities or security issues of organisations to test security configurations. In 2003, he founded Mitnick Security Consulting, which advised Fortune 500 companies and government agencies on cybersecurity. In 2011, he became "chief hacking officer" and part owner of KnowBe4, which offers phishing security awareness training. "Kevin will always remain 'the world's most famous hacker' and was renowned for his intelligence, humor and extraordinary skill with technology, surpassed only by his talent as the original 'social engineer,'" the company said in a statement on Thursday. Sursa: https://www.bbc.com/news/world-us-canada-66263235

Intri din browser si nu ar trebui sa fie protectie

Depinde acum daca au avut alte probleme medicale. Am avut un caz in familie si i s-a recomandat de medic sa nu faca vaccinul.

Se pot intampla multe, fii mai specific

E iPhone sau Android? Pe iPhone pare sa fie problema recenta cu toate notificarile.

Ofera mai multe detalii: ce tip de joc ca sa ne dam seama de complexitate, poate sa fie browser game based cum e Turf Wars sau full 3D cum e seria GTA daca ai deja grafica, materiale pentru joc, diagrame, use-case-uri (cand da click aici se intampla asta) buget deadline

Nameserverele de la Cloudflare ajuta la raspuns mai rapid, dar nu au impact asupra continutului. Google tot o sa vada ca ai continut copiat de la alte site-uri deja indexate si o sa-ti afecteze ranking-ul.

Parca au facut si ai nostri acum ceva timp scanari pentru una din vulnerabilitatile populare, mi se pare ca pentru shellshock.

Depinde foarte mult de ce vrei sa faci pe viitor. Dintr-un acces la router nu poti sa faci cine stie ce. Daca treci de autentificare, o sa ajungi sa poti sa schimbi numele wi-fi-ului, conexiunea la RDS sau ce altceva mai are un router de scoala. Per total, nu o sa te ajute cu nimic in afara de bragging. Exista site-uri gen wechall.net in care iti dau probe de infosec in environment-uri controlate. Ai probe de sqli, crypto, stegano, incerci din toate si gasesti ce ti-ar place si pe ce ai merge mai departe. Eu am inceput acum mai bine de 10 ani pe web de la un joc trivia, conQUIZtador. Jocul rula in browser si aveai pachete http in care erau intrebarile si, dupa ce se raspundea, serverul trimitea si raspunsul la toti. Pe baza la asta, un baiat de pe forum a facut o baza de date si un programel ConQUIZtador killer care raspundea automat in functie de valorile din baza de date. Nu a fost cine stie ce, dar a fost un inceput pentru mine. Acum lucrez in domeniu pe partea de web si zero trust security.

Un proxy/vpn care iti filtreaza domeniile/IP-urile/host-urile accesate nu inseamna un DMZ.

Pai ai cumparat un hostname sau ai inregistrat macar unul free? Ce trebuie sa faci e sa ai un hostname/domeniu si sa-i legi nameserverele la o zona DNS (CloudFlare de exemplu). Dupa, creezi o intrare A pe root / @ sa puncteze catre IP-ul tau de acasa, eventual sa adaugi si port forwarding din router catre calculatorul tau daca e nevoie. Partea de certificat ori ti-o faci tu cu let's encrypt (sunt tutoriale multe pe net), ori folosesti de la serviciul DNS. Asta e ultimul pas. EDIT: Daca vrei doar sa o testezi la tine in calculator si sa nu dai si la altii, modifici fisierul hosts de pe calculator (C:\Windows\system32\drivers\etc\hosts pentru Windows sau /etc/hosts pentru Linux/Mac) si punctezi cum vrei tu sa fie. In cazul asta pentru certificat va trebui sa ti-l generezi self signed si sa-l adaugi la exceptii.

Ce anume vrei sa vezi? Cine ce request-uri face? Ce date se trimit/primesc?

Certificatele se fac pe hostname, nu pe IP. Daca vrei pentru demo, foloseste ngrok care iti da un tunel pe https in afara.

Terminati cu saraciile astea.

De ce nu folosesti un modem sa trimiti din linie de comanda? Eu am folosit smstools inainte pentru un proiect de licenta fara probleme. Nu stiu de aplicatie pe Android, dar poti sa-ti faci o aplicatie simpla si sa o incarci pe telefon sa-ti citeasca un csv si sa trimita SMS https://stackoverflow.com/questions/26311243/sending-sms-programmatically-without-opening-message-app