There are certain plugins that require your iLok account credentials directly in plugin window for activation. Do not encourage this ignorant security (lack of) practice.
Sure maybe they mean well and maybe justify it by better user experience, but it will take only 1 mistake on their part to leak your credentials and then you can kiss your licence keys good bye.
Instead they must redirect you to iLok website to login in and activate plugin with redirects and one time codes.
If you received an unexpected and cryptic email on Feb. 16 from CRA warning that your email had been deleted from the agency’s web platform, do not worry
> To be clear, these accounts were not impacted by a cyber attack at the CRA
Why are we wasting a shot on this thousand year old shithead? Seriously, there are people at risk that have their whole lives ahead of them and this fucking mummy that's going to die any minute now gets to go ahead of them. That's pure, unadulterated bullshit.
DAE 'American Dragon' Bryan Danielson is a sellout fed shill???
Hear me out.
I have a randomly generated password for the CRA website that I store in an offline password manager. I also have a bookmark to the CRA website and only ever use that to access the site, so I couldn't possibly have been phished.
I use a macOS device, exclusively, with the latest AV protection and don't download anything unusual or suspicious. That eliminates the majority of commodity malware.
I checked HaveIBeenPwned and my account has not shown up in any breaches. The email address I use for my CRA account is one I rarely use.
There are only two places my password was stored. My device in a password manager, and the CRA database.
The email from the CRA seems to suggest that my login credentials were identified as having been obtained by a third party. They couldn't have got it from me, so it has to be from the CRA.
It really seems like the CRA was compromised and they are covering this up.
> We have revoked a CRA user ID and password registered to you. Please read the following message to learn more or visit our website at: canada[.ca]/en/revenue-agency/corporate/security/revoked-userid
> During a routine check, we found that one or more of your CRA logins (user ID and password) might have been obtained by unauthorized third parties. You can still login to your CRA account using a different CRA user ID and password, your banking login or using your BC Services Card.
> This is not as a result of a breach of CRA's online systems, rather your CRA user ID and password may have been obtained by unauthorized third parties and through a variety of means by sources external to the CRA (ex: email phishing schemes). We have taken this precautionary measure to protect your personal information.
While their game and some other behavior, including their communication, still seems to be utterly shit, I think it's just fair to hear out the other side and also point out some weird behavior from the OP of the thread with the original security breach claims.
Here is Naica Online's statement on their Discord: https://i.imgur.com/OUVrgVW.png
Seeing that the mods here also removed their warning post, I guess they were slightly trigger happy on that warning and didn't fully verify the claims.
Personal TL;DR after reading following all this and also following their Discord since yesterday:
Anti-cheat was non existent in Naica Online, so yes, plenty of exploits - not uncommon for plenty of indie titles like this though
OP of the original post likely did make up the part of being able to retrieve account credentials
It seems more like that OP just used data of data breaches of other services/games and those users just re-used these email / password combinations. "Hackers" trying to do that (creating a false narrative of a new leak by just using data of older breaches) is unfortunately pretty common. https://threatpost.com/anonymous-hack-minneapolis-police-department-fake/156171/
Now Naica still made the mistake to not have enough/any restrictions on login attempts. That's still pretty bad, but of course nowhere near as bad as a full breach and passwords saved in plain text. They also said that they fixed that, not sure if that happened now or sometime during these 6 months.
Now more about "gamingsec", OP of the claims
As somebody also following some infosec topics, I originally found some of the answers of "gamingsec" aka "SEO" in their thread a little bit suspicious and then joined the Naica Discord yesterday, to see some more interesting behavior:
Edit cause that website didn't live up to my standards that I didn't bother to set.
You don't need a website to generate a QR code. Yes, QR codes can be reverse translated. It's not the damn ENIGMA machine. If you have the kind of friends or family that would do that, find new ones. Other than that, maybe stop letting international spies into your home. Most people don't care about your wifi password and would be grateful to skip that step.
Edit:Edit: This is not a home security LifeProTip. This is a convenience LifeProTip.
Like I said, this may be irrational, immature, or even just territorial, but I find myself being very annoyed when I see people, mostly on social media outlets, kind of acting like they think they’re pseudo therapists or something. Things like excessively posting therapy-like memes (could be because I know some of these people to be toxic and this feels like false advertising and it frustrating to watch others not see that side. Also people who take a few psych classes and think they are qualified as me), or some people in the spiritual world acting like therapists. Not all, but some really walk that line, and then throw out some “im not a therapist,” and keep it moving. Feels disrespectful and like they have no idea what it’s really like.
I guess, I worked damn hard to get this job, and maintain it. Society doesn’t respect our roles like they ought to, but will shower these stupid memes with praises. There aren’t constant cries to pay mental health professionals what they’re worth, like teachers for example.
I know I don’t “own” therapy, and to each his own... but it really irritates me. Like, at least respect the field and give credit where it’s due. Am I being ridiculous?
I'll try to keep this vague in case anyone knows anyone involved.
A friend has recently started dating a man who claims to be a general surgeon (UK) we are concerned he may be lying due to how he behaves and something just doesn't feel right. He is too young but claimed he 'fast tracked' three years of his qualifications because of people who knows so was able to become a surgeon earlier than expected.
He says he does plastic surgery abroad privately but works at a NHS hospital in the UK doing general surgery.
He claimed to perform stomach pumps on New year's Eve on his shift.
How can I check if he is legit? I can't find him on the GMC register or Royal college of surgeons. They have been dating for less than 3 months and he is already trying to buy a house with her.
Our concern is he could be a conman trying to steal money or worse someone who may be abusive with narcissistic tendencies.
She seems smitten and is ignoring all the red flags. She's pretty inexperienced in dating and is a little naive so I feel she is vulnerable to manipulation.
Any help or thoughts would be appreciated.
It seems like for all the shit they get, American politicians are mostly ivy educated alumni, whilst Israeli politicians....
I mean look at Lapid, Miri Regev, those are just the first to come to my mind.
I (25M) have just been promoted at work. It came down to a two horse race between myself and a colleague who I will call Anne. At one point, it looked as though Anne was going to get the promotion, which was when one of our colleagues informed me that she had lied about her credentials while applying for the job back when she came to work here. I reported this to HR, they looked into it and they have fired Anne. I don't know how Anne found out that I reported her (or she guessed because we were both aiming to be promoted), but she called me and asshole and has accused me of harpooning her career in order to further mine.
Edit/update: I can kinda see which way things are going for me on here, so I probably won't monitor this post anymore. I will add a few things here just so I've said them.
I would have reported her regardless as to whether or not she was up for the same promotion as me.
I did not realise exactly what she had lied about, I didn't know if it were a college grade or something more serious.
While she probably wouldn't have been fired without me reporting her, or at least not yet anyway, she shouldn't have lied when applying for the job. She either should have told the truth from the beginning and hoped that she would get the job, or she should have gone for jobs where she wouldn't have to lie to get the job.
I am working on a script that will probably change hands once or twice. This script reaches out to an API, gets a token, uses that token to do the work. But to get the token, you have to pass in a user and password.
So each time someone wants to use this script, they will need to create an encrypted password file to house the creds. The credentials are stored in a password manager key people have access to. My toughts would be to just make a really basic function that uses the following. And when anyone pulls down the script and wants to use it, the first thing they would do is, import the module, run the function / pass in the creds, and the file gets created for them. Is that typically how it's done? Or do people just document to run something like the following manually> I just want to make it easy on people. And I say people, but only 2 people would ever be using / running this ever. But it will change hands from 2 people, to a different two as time goes on.
$credential = Get-Credential $credential.Password | ConvertFrom-SecureString | Set-Content c:scriptsencrypted_password1.txt
Thank you everyone for all of the info and advice. I really very much appreciate it.
I started a job as a systems administrator a few weeks ago. This company uses an msp and is still under contract with them. I will eventually be responsible for the Network when the contract runs out. My question is in the meantime while we need to co-exist should they give me access to the firewall that we bought but they manage? I asked and they just said they manage that. Not wanting to cause any issues right Off the bat I just said ok. Love to hear comments on this.
Link to Article:
Hello, good day everyone.
In my previous post I showed how I managed to pass the FTMO challenge 3 times in a raw
Check it here:
A lot of people massaged me, and asked for my trading style & tips and so on …I decided to take a 4th challenge, and share it here live and show everything with complete transparency.I contacted FTMO, and according to them no problem in sharing Investor’s credentials, so once I receive it I will post it here.
My main Rules are:
FTMO Challenge account
Any Questions, feel free to ask.
I’m using an ESP32 for a little project and I want to be able to hand-off a device to a friend without hard-coding a WiFi SSID/password into the device. Is there some standard way to do this out-of-the-box? I’ve solutions using a captive WiFi portal but that seems super clunky.