,
53 tweets,
6 min read
Read on Twitter
in today's adventures as a senior cyber^Wcloud engineer, i have to take a security course which involves watching cheerful stock models show me how to hover over a link to see what it points to while hearing descriptions of what a phishing attack is.
fucking kill me.
fucking kill me.
bitch i've created a twitter mitm anti-abuse kit, wtf have u done
i can't stop laughing at this quiz help
next up is 'cybersecurity awareness' ok lets go team
lmao my computer is too secure to run ur quiz gtfo 
"when hovering over an anchor on a web page, the destination will show in the bottom left corner of the browser frame"
oh my god
oh my god
TIL someone watching you input your password is called "visual hacking"
when i saw visual hacking, i thought i was gonna learn about something cool like cyborg eyes
you should always shred your documents or discs (??????) that contain sensitive information
yeah let me get right on deconstructing my hard drive
yeah let me get right on deconstructing my hard drive
an exe isn't malware, apparently.
okay.
sure.
WHO GOT PAID TO MAKE THIS?????? THIS IS SO BAD.
okay.
sure.
WHO GOT PAID TO MAKE THIS?????? THIS IS SO BAD.
the time estimate for finishing this is 2 hours i'm literally going to die
@SwiftOnSecurity save me
it is 9 am and the craving for scotch is overpowering. i don't think i can do all of this training in one day.
ok. i think i'll take the passwords training next. this should be great.
passwords are for blocking cyber intrusion attempts. there are three different cyber attacks that can put your password at risk.
more cyber pls this is not enough cyber
more cyber pls this is not enough cyber
these people clearly don't read xkcd.
i don't think i can screencap share this but oh boy you guys they want me to select the most secure password from a list bcz this thoughtful looking old dude doesn't know what bank password and hr password to use.
the most secure version has his real name backwards and in leet speak oh my god you guys please
the most secure hr version is the leet speak version of "all work and no play" oh god WHY
this quiz doesn't know what a cookie is.
it also thinks 2fa involves scanning a qr code every time you login
what
what
i'm taking the test now and i'm still very angry that it doesn't know the difference between browser managed passwords and a cookie
i'm having to answer these questions wrong just so i don't have to take this bullshit training again. why, yes., QR codes are a great example of MFA.
how do you prevent a brute force attack?
you go to the mountains and train to be the best kung fu fighter the world has ever seen, obviously.
(one of the possible answers about what brute force attacks were had to do with someone physically stealing your hard drive)
you go to the mountains and train to be the best kung fu fighter the world has ever seen, obviously.
(one of the possible answers about what brute force attacks were had to do with someone physically stealing your hard drive)
fuck yeah 100% haha i want to die
ok, i took a break from this. now it's time to resume. moving on to training topic: mobile devices.
o shit it logged me out for inactivity. i went to go log back in. it told me to never check the box for remember password because browser hacks. IS THIS A TEST???
i don't actually know much about mobile security so i'm pretty stoked to listen to this.
haha just kidding this is going to be terrible
haha just kidding this is going to be terrible
why are they using a first gen iphone in their stock photos
SMISHING MESSAGES
i thought that was a type of sext
i thought that was a type of sext
your apple watch can give you malware when it syncs via bluetooth lmao what
i had to rewind that part to make sure i had heard it correctly.
apparently, anyone nearby can just send a code to your apple watch and when you sync it to your iphone you magically get malware
apparently, anyone nearby can just send a code to your apple watch and when you sync it to your iphone you magically get malware
i'm wearing headphones and i still heard coworkers laughing when i yelled NO PART OF THAT IS CORRECT. they know exactly what i'm doing today.
it's quizzing me. it wants me to say that WEP is secure wifi. I REFUSE.
it appears we have reached an impasse. there is no right answer to this quiz question. i'm going to say that WEP is a VPN. that's the only other answer.
i'm taking the official quiz which gives me a score (and that score has to be above 80%) now and i know the answer it wants is "application stores cannot be used to distribute malware" but fuck you. appleinsider.com/articles/18/09…
let's move on to social engineering. but before we do, what are the odds on there being someone wearing a hoodie as the 'bad guy'?
this training teaches me what to do if i'm the target of a social engineering scam.
can i just quote-RT and mock it on twitter?
can i just quote-RT and mock it on twitter?
what the shit is this clip art i'm shook
click here to learn about baiting
listen i am the master of baiting
wait
listen i am the master of baiting
wait
a CD-R has CONFIDENTIAL written on it in sharpie. this is an example of baiting.
what
who the fuck would just put some CD-R (okay and seriously who uses CD-Rs now??) into their computer because it says confidential it's probably just some boring as shit powerpoint presentations
what
who the fuck would just put some CD-R (okay and seriously who uses CD-Rs now??) into their computer because it says confidential it's probably just some boring as shit powerpoint presentations
the only way i'm passing these is because i'm mocking them on twitter. otherwise it would be so hard to pay attention. this is the fox news of technical training - completely full of shit, but you have to pretend to agree just to make someone go away and stop bothering you.
ok.
*deep breath*
next section. malicious links.
*deep breath*
next section. malicious links.
"millions of webpages are hosted by CYBER CRIMINALS"
if you click a link, you might be hit by a DRIVE-BY DOWNLOAD (whooooo came up with these terms)
it's now explaining what a link is. you should hover over an anchor to see the destination. WHAT ABOUT JAVASCRIPT?? WHAT THEN???
i like how this training - which is mostly about avoiding malware and shit - covers http, https, and mailto as protocol examples in a url, but not ftp.
ok listen.
incompetence isn't necessarily malicious. it's just the default mode of a lot of people.
incompetence isn't necessarily malicious. it's just the default mode of a lot of people.
you dumbshit that's not malicious it's probably the result of organizations rolling out https more (yay, good!) but not updating various text.
if you use a shortened URL, you might be a cyber criminal.
how many parts are there to a destination url? if you answered 3, you are wrong. because you can't forget the directory and the subdomain, because all urls have those haha xd
this is not a security test. this is a test of how much useless and incorrect bullshit i can keep in my head for 5 minutes at a time.
i have acquired many girl scout badges today. more tomorrow.
