Yes but the only relevant metric is how many reported it. Doesn’t matter if they delete, read, click or enter data. We’re only interested in the information that a phish got through our security controls (=we failed our users), so we can investigate (and clean up if needed) the impacted mailboxes and accounts.
The layoffs are finally paying off…
deleted by creator
However I can see when any IPv6 begins with 2a02:12xx:: then it’s Swisscom (biggest swiss ISP). But I can’t remember any of their hundreds of IPv4 prefixes.
ExtensibleMarkupLanguageHypertextTransferProtocolRequest
This makes only sense, given that they have a dedicated investors.broadcom.com page but no security.broadcom.com you can see where their focus is.
For services I host I really like this EULA:
If the Provider of the Service (the “Provider”) needs a place to crash and you have a sofa available, you should maybe give the Provider a break and let him sleep on your couch.
If you are caught in a dire situation wherein you only have enough time to save one person out of a group, and the Provider is a member of that group, you must save the Provider.
THE ACCESS IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO BLAH BLAH BLAH ISN’T IT FUNNY HOW UPPER-CASE MAKES IT SOUND LIKE THE LICENSE IS ANGRY AND SHOUTING AT YOU.
Edit: original found here: https://github.com/pirate/security-growler
The root cause has been fixed in 2.2.2: https://www.phoronix.com/news/OpenZFS-2.2.2-Released Block cloning has not yet been reenabled as default though.
Yes I know. We do simulations but we only measure who reports them and provide training how to report them (In the mail itself). No shaming for user who click them and no additional training on how to look at details.
It makes no sense training the user in looking at for example the links if all the big vendors use suspicious links anyway. For example the phishers use OneNote shares to phish, but those are hosted on Microsoft which by itself is legitimate. The only way a user really is able to recognize a phish is if it is unsolicited (report the mail as spam) or if it looks legit but asks for credentials (report it, we use SSO everywhere possible and you should never be asked for credentials for one of our platforms). We cannot do this for all vendors however and the users are encouraged and trained on using Passkeys or Autofill by the company provided password manager so that they get suspicious when no autofill is possible, then they can report the mail.
It’s not always possible to recognize phishing from the get go and security is better suited to investigate than rando from the logistics department.