secengineer.bsky.social
Cyber Security Engineer and plays a lot of Smash. All opinions are my own.
https://linktr.ee/Secengineer
20 posts
40 followers
26 following
Getting Started
Conversation Starter
comment in response to
post
Mythic Quest is one of my favorite feel good and heartfelt shows. There is some sad moments but all towards making the heartfelt ones mean that much more.
Also gave campy shows: Psych, Eureka, IT Crowd, and Konosuba.
comment in response to
post
Nah that’s easily the RGV.
comment in response to
post
Damn I’m even more feminine that I thought. Lfg
comment in response to
post
Over 400 hrs logged, only completed act 3 once.
comment in response to
post
What no way! I’m so sorry to hear. I was just interviewing there recently and the role got put on hold too. It’s a huge shame and I’m so sorry Phillip. I really hate how this is normal here.
comment in response to
post
Kept seeing similar vids about Facebook messenger being worse than Facebook and having access to your network and spying on your kids at school. Messenger doesn’t even have those permissions and you could turn it off if it did. There’s plenty to hate about metas practices, why make shit up.
comment in response to
post
Yeah looks like it. This attack aint that deep. You did good, covered your bases, and the goal was just admin access to your page which they didn’t get. There’s the potential of lifted credentials but you covered yourself there. I can do some forensics on the email they sent your agent if you’d like
comment in response to
post
Also seems to be a wide spread attack and not whale fishing. So likely were targeted cause you have a decent signed FB page and prob have no idea who you are. Trying to see if there’s anything else that can be taken from like your url or anything that would be on screen.
comment in response to
post
Looking more into the attack here. It’s social engineering based so what was clicked and allowed is the main focus here. The target is to get you to add them as an admin to your page with an account that has an ambiguous name like “online event” please double check admins for your page.
comment in response to
post
Scratch that even that vuln would require network access. So it’s not likely the attack vector. There definitely more to this. Would be glad to help however I can if you need.
comment in response to
post
So there was no email exchanges? Reason I ask is email will have some sender info as well as there’s usually additional elements we can inspect for shenanigans. Zoom should be safe if it’s updated. There was a vulnerability in zoom this year that could leak sensitive data if it wasn’t.
comment in response to
post
Hi Hank, cyber sec engineer here. How did they communicate with you? We may be able to get some more info on the scammers and help authorities or at least help prevent others from getting hit as well