this post was submitted on 10 May 2024
1290 points (98.6% liked)
Comic Strips
23397 readers
1640 users here now
Comic Strips is a community for those who love comic stories.
Rules
-
π Be Nice!
- Treat others with respect and dignity. Friendly banter is okay, as long as it is mutual; keyword: friendly.
-
ποΈ Community Standards
- Comics should be a full story, from start to finish, in one post.
- Posts should be safe and enjoyable by the majority of community members, both here on lemmy.world and other instances.
- Any comic that would qualify as raunchy, lewd, or otherwise draw unwanted attention by nosy coworkers, spouses, or family members should be tagged as NSFW.
- Moderators have final say on what and what does not qualify as appropriate. Use common sense, and if need be, err on the side of caution.
-
𧬠Keep it Real
- Comics should be made and posted by real human beans, not by automated means like bots or AI. This is not the community for that sort of thing.
-
π½οΈ Credit Where Credit is Due
- Comics should include the original attribution to the artist(s) involved, and be unmodified. Bonus points if you include a link back to their website. When in doubt, use a reverse image search to try to find the original version. Repeat offenders will have their posts removed, be temporarily banned from posting, or if all else fails, be permanently banned from posting.
- Attributions include, but are not limited to, watermarks, links, or other text or imagery that artists add to their comics to use for identification purposes. If you find a comic without any such markings, it would be a good idea to see if you can find an original version. If one cannot be found, say so and ask the community for help!
-
π Post Formatting
- Post an image, gallery, or link to a specific comic hosted on another site; e.g., the author's website.
- Meta posts about the community should be tagged with [Meta] either at the beginning or the end of the post title.
- When linking to a comic hosted on another site, ensure the link is to the comic itself and not just to the website; e.g.,
β Correct: https://xkcd.com/386/
β Incorrect: https://xkcd.com/
-
π¬ Post Frequency/SPAM
- Each user (regardless of instance) may post up to five (5 π) comics a day. This can be any combination of personal comics you have written yourself, or other author's comics. Any comics exceeding five (5 π) will be removed.
-
π΄ββ οΈ Internationalization (i18n)
- Non-English posts are welcome. Please tag the post title with the original language, and include an English translation in the body of the post; e.g.,
SΓ, por favor [Spanish/EspaΓ±ol]
- Non-English posts are welcome. Please tag the post title with the original language, and include an English translation in the body of the post; e.g.,
-
πΏ Moderation
- We are human, just like most everybody else on Lemmy. If you feel a moderation decision was made in error, you are welcome to reach out to anybody on the moderation team for clarification. Keep in mind that moderation decisions may be final.
- When reporting posts and/or comments, quote which rule is being broken, and why you feel it broke the rules.
Web Accessibility
Note: This is not a rule, but a helpful suggestion.
When posting images, you should strive to add alt-text for screen readers to use to describe the image you're posting:
Another helpful thing to do is to provide a transcription of the text in your images, as well as brief descriptions of what's going on. (example)
Web of Links
- !linuxmemes@lemmy.world: "I use Arch btw"
- !memes@lemmy.world: memes (you don't say!)
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I've worked with a dude for years who I would consider smart both technically and non-technically. One time we got an email at work with an attachment that was something like "microsoft_update.exe.txt". The email said "due to a technical limitation on the email system, this file needs to be renamed to drop the .txt and executed to apply a critical to your computer."
It was, in my mind, such an obvious phishing attempt that I laughed out loud and said "who the fuck would ever fall for this?" Then my coworker popped his head over the cube wall and said "WAIT WHAT? We weren't supposed to run that?!"
Fortunately, the security team sat nearby and heard the whole thing and rushed over to quarantine his PC
You mean shut it off and steal and the Ethernet cable? Lol
You DONT want to turn it off. Digital forensics work WAAAAAAY better if you have a memory dump of the system. And all the memory is lost if you turn it off. Even if the virus ran 10h ago and the program has long stoped running, there will most likely still be traces in the RAM. Like a hard drive, simply deleting something in RAM doesn't mean it is gone. As long as that specific area was not written over later it will still hold the same contenta. You can sometimes find memory that belonged to a virus days or even weeks after the infection if the system was never shut down. There is so much information in ram that is lost when the power is turned off.
You want to 1: quarantine from network (don't pull the cable at the system, but firewall it at the switch if possible) 2: take a full copy of the RAM 2.5: read out bitlocker keys if the drive is encrypted. 3: turn off and take a bitwise copy of the hard drive or just send the drive + memory dump to the forensics team. 4: get coffee
Why would you be doing digital forensics?
To find out if nuking that one workstation is enough or if you have to take more drastic measures.
I feel like most companies wouldn't bother with all that. They'd probably just nuke the workstation and call it a day.
And then get ransomwared a bit later.
Oh yeah probably
Yeah no. You gotta do due diligence. Getting one system compromised isn't enough. The whole point is to pivot, elevate, repeat.