X Bank will not let autofill work on their website. Overkill Protection from bots. People that leave Password Managers easily accessible on their own computers?

As it says, I do some Banking with X Bank. I am one to do everything by my Password Manager Lastpass.

It has seemed like X bank has gotten worse and worse with their Protection. I can not remember if it was them or another company but last month or month before I had to clear cache to get a payment to process. I do a whole lot of payments online and X has always been the most troublesome.

So I was told they do not allow any autofill whatsoever in their Web app today. The worst part is that the error given is an exception error no code and just to call number and does not say can not use autofill.

I had to manually enter user name and password. I had to Manually enter the repeating amount instead of choosing the amount which pops up as soon as I put in first number and I had to manually enter my name as Requester.

Before I had talked to X Bank I had tried both IE and Firefox as I use Chrome and still the same thing. While on the phone with them I tried Edge. With Edge I entered in username and pasted in very long password from password manager and submit button would not brighten and activate so I could click on it. Only after I deleted the password and started over and manually did the password typing it in did the Submit button work.

Is this overkill? What good are password managers now if more follow suit? If playing to the lowest common denominator IE people on their own machines or people that will check the remember me box that states do not do if public computer is this bad how do we look in the future?

Being in IT where I have to have my Stuff Plus my Business stuff and a second Business information and Client Information I can not survive going back to notebook storing private info which is literally as why pay for a Passmanager if it is useless if you have to look up each entry and type it or Figuratively if I do keep password manager and have to lookup and type it out myself especially when the window that pops up with the pasword can not float and stay on top.

Frustrated. I know we need security but when is it too far?

Touch here for the full post on Network Security Noblemen tumblr

X Bank will not let autofill work on their website. Overkill Protection from bots. People that leave Password Managers easily accessible on their own computers?

As it says, I do some Banking with X Bank. I am one to do everything by my Password Manager Lastpass.

It has seemed like X bank has gotten worse and worse with their Protection. I can not remember if it was them or another company but last month or month before I had to clear cache to get a payment to process. I do a whole lot of payments online and X has always been the most troublesome.

So I was told they do not allow any autofill whatsoever in their Web app today. The worst part is that the error given is an exception error no code and just to call number and does not say can not use autofill.

I had to manually enter user name and password. I had to Manually enter the repeating amount instead of choosing the amount which pops up as soon as I put in first number and I had to manually enter my name as Requester.

Before I had talked to X Bank I had tried both IE and Firefox as I use Chrome and still the same thing. While on the phone with them I tried Edge. With Edge I entered in username and pasted in very long password from password manager and submit button would not brighten and activate so I could click on it. Only after I deleted the password and started over and manually did the password typing it in did the Submit button work.

Is this overkill? What good are password managers now if more follow suit? If playing to the lowest common denominator IE people on their own machines or people that will check the remember me box that states do not do if public computer is this bad how do we look in the future?

Being in IT where I have to have my Stuff Plus my Business stuff and a second Business information and Client Information I can not survive going back to notebook storing private info which is literally as why pay for a Passmanager if it is useless if you have to look up each entry and type it or Figuratively if I do keep password manager and have to lookup and type it out myself especially when the window that pops up with the pasword can not float and stay on top.

Frustrated. I know we need security but when is it too far?

Touch here for the full post on Network Security Noblemen tumblr

Shift+Enter?

In the Operation Glowing Symphony episode of Darnet Diaries, the offensive security guy being interviewed describes the moment of launching attacks as "Hitting Shift+Enter on the scripts". It's just after the 54 minute mark if you're curious to hear it.

I tend to invoke my scripts by typing their name and then hitting just <enter>. No <shift> required.

What tooling/framework/environment do you suppose he's describing where <shift>+<enter> kicks things off?

Touch here for the full post on Network Security Noblemen tumblr

Strange application question

While filling out an online application for a job I came across a step that asked which information security certifications I held. It listed a few I heard of and several I've never seen before. I didn't have any of those (I have several other mainstream certs) so I left them all blank. I try to "save and continue" my application and it says that field is mandatory. I can't continue the application without selecting at least one of those certifications. The certs they had listed weren't mentioned in the job posting at all and I already listed and attached scans of all my other certs. I ended up selecting one of the more random certs I never heard of so I could complete the application.

Was that unethical of me? I wasn't trying to lie, just complete my application. The field was required so I had to check something. Should I have just ended my app at that point? I feel like the interview could be awkward, "So you have a, b, c, d certs?" Ahh well I do have the first 3 but that last one was a required field on your poorly designed application process so, no I don't have that last cert.

Touch here for the full post on Network Security Noblemen tumblr

How do you utilize Yara rules for detection purposes?

Hi,

Yara signatures are well known intel as you known. But apart from triage/IR scans (like Thor/Loki do- we know machine is infected and will try to find what's the problem), how do you utilize Yara rules for threat detection purposes? Some EDRs (like Carbon black) collects MZ files (exe, dll) centrally and can use Yara signs for detection but what about other files types non-MZ? I know Fireye NX does this for network side for transfering files but wondering your use cases for Yara for all things like mail, network, endpoint etc.

Regards,

Touch here for the full post on Network Security Noblemen tumblr

Please help a fella out.

Hello, I'm was a hardware geek back then, But I left my pc and any other computer 3 years ago, because I was too distracted from my study and j wasn't focuses on my future. I'm going to buy a laptop soon to get started again, Suggest me a good Linux and laptop to get started, remember I'm not very rich so go easy on me :p, also I wanted to ask something else. Can I learn proper pure hacking by doing any certified ethical hacking courses around my area? is that possible anyone teaches that these days? Please please help me out.

Touch here for the full post on Network Security Noblemen tumblr