461 stories

Our jellybean crop is coming in nicely this year

1 Share
Our jellybean crop is coming in nicely this year submitted by /u/lurkface to r/pics
[link] [comments]
Read the whole story
4 days ago
ÜT: 50.285716,-119.256393
Share this story

For Monsters Inc. (2001) due to Mary Gibbs who played Boo being so young, it was difficult to get her to stay in the recording booth to perform her lines. So they decided to follow her around with a microphone and cut her lines together using the random things/noises she say whilst playing.

1 Share
For Monsters Inc. (2001) due to Mary Gibbs who played Boo being so young, it was difficult to get her to stay in the recording booth to perform her lines. So they decided to follow her around with a microphone and cut her lines together using the random things/noises she say whilst playing. submitted by /u/StatusLoquat8 to r/MovieDetails
[link] [comments]
Read the whole story
31 days ago
ÜT: 50.285716,-119.256393
Share this story

Turn on MFA Before Crooks Do It For You

1 Comment and 2 Shares

Hundreds of popular websites now offer some form of multi-factor authentication (MFA), which can help users safeguard access to accounts when their password is breached or stolen. But people who don’t take advantage of these added safeguards may find it far more difficult to regain access when their account gets hacked, because increasingly thieves will enable multi-factor options and tie the account to a device they control. Here’s the story of one such incident.

As a career chief privacy officer for different organizations, Dennis Dayman has tried to instill in his twin boys the importance of securing their online identities against account takeovers. Both are avid gamers on Microsoft’s Xbox platform, and for years their father managed their accounts via his own Microsoft account. But when the boys turned 18, they converted their child accounts to adult, effectively taking themselves out from under their dad’s control.

On a recent morning, one of Dayman’s sons found he could no longer access his Xbox account. The younger Dayman admitted to his dad that he’d reused his Xbox profile password elsewhere, and that he hadn’t enabled multi-factor authentication for the account.

When the two of them sat down to reset his password, the screen displayed a notice saying there was a new Gmail address tied to his Xbox account. When they went to turn on multi-factor authentication for his son’s Xbox profile — which was tied to a non-Microsoft email address — the Xbox service said it would send a notification of the change to unauthorized Gmail account in his profile.

Wary of alerting the hackers that they were wise to their intrusion, Dennis tried contacting Microsoft Xbox support, but found he couldn’t open a support ticket from a non-Microsoft account. Using his other son’s Outlook account, he filed a ticket about the incident with Microsoft.

Dennis soon learned the unauthorized Gmail address added to his son’s hacked Xbox account also had enabled MFA. Meaning, his son would be unable to reset the account’s password without approval from the person in control of the Gmail account.

Luckily for Dayman’s son, he hadn’t re-used the same password for the email address tied to his Xbox profile. Nevertheless, the thieves began abusing their access to purchase games on Xbox and third-party sites.

“During this period, we started realizing that his bank account was being drawn down through purchases of games from Xbox and [Electronic Arts],” Dayman the elder recalled. “I pulled the recovery codes for his Xbox account out of the safe, but because the hacker came in and turned on multi-factor, those codes were useless to us.”

Microsoft support sent Dayman and his son a list of 20 questions to answer about their account, such as the serial number on the Xbox console originally tied to the account when it was created. But despite answering all of those questions successfully, Microsoft refused to let them reset the password, Dayman said.

“They said their policy was not to turn over accounts to someone who couldn’t provide the second factor,” he said.

Dayman’s case was eventually escalated to Tier 3 Support at Microsoft, which was able to walk him through creating a new Microsoft account, enabling MFA on it, and then migrating his son’s Xbox profile over to the new account.

Microsoft told KrebsOnSecurity that while users currently are not prompted to enable two-step verification upon sign-up, they always have the option to enable the feature.

“Users are also prompted shortly after account creation to add additional security information if they have not yet done so, which enables the customer to receive security alerts and security promotions when they login to their account,” the company said in a written statement. “When we notice an unusual sign-in attempt from a new location or device, we help protect the account by challenging the login and send the user a notification. If a customer’s account is ever compromised, we will take the necessary steps to help them recover the account.”

Certainly, not enabling MFA when it is offered is far more of a risk for people in the habit of reusing or recycling passwords across multiple sites. But any service to which you entrust sensitive information can get hacked, and enabling multi-factor authentication is a good hedge against having leaked or stolen credentials used to plunder your account.

What’s more, a great many online sites and services that do support multi-factor authentication are completely automated and extremely difficult to reach for help when account takeovers occur. This is doubly so if the attackers also can modify and/or remove the original email address associated with the account.

KrebsOnSecurity has long steered readers to the site twofactorauth.org, which details the various MFA options offered by popular websites. Currently, twofactorauth.org lists nearly 900 sites that have some form of MFA available. These range from authentication options like one-time codes sent via email, phone calls, SMS or mobile app, to more robust, true “2-factor authentication” or 2FA options (something you have and something you know), such as security keys or push-based 2FA such as Duo Security (an advertiser on this site and a service I have used for years).

Email, SMS and app-based one-time codes are considered less robust from a security perspective because they can be undermined by a variety of well-established attack scenarios, from SIM-swapping to mobile-based malware. So it makes sense to secure your accounts with the strongest form of MFA available. But please bear in mind that if the only added authentication options offered by a site you frequent are SMS and/or phone calls, this is still better than simply relying on a password to secure your account.

Read the whole story
88 days ago
ÜT: 50.285716,-119.256393
Share this story
1 public comment
87 days ago
MFA is a great way to increase the security of your online accounts. I enable it myself on all accounts I can. Brian calls out twofactorauth.org and I highly encourage anyone to view where 2FA can be setup on your services. As Brian also points out, SMS codes is one of the weaker 2FA systems but it is better than nothing.
Seattle, WA

Florence, Ala. Hit By Ransomware 12 Days After Being Alerted by KrebsOnSecurity

1 Comment and 2 Shares

In late May, KrebsOnSecurity alerted numerous officials in Florence, Ala. that their information technology systems had been infiltrated by hackers who specialize in deploying ransomware. Nevertheless, on Friday, June 5, the intruders sprang their attack, deploying ransomware and demanding nearly $300,000 worth of bitcoin. City officials now say they plan to pay the ransom demand, in hopes of keeping the personal data of their citizens off of the Internet.

Nestled in the northwest corner of Alabama, Florence is home to roughly 40,000 residents. It is part of a quad-city metropolitan area perhaps best known for the Muscle Shoals Sound Studio that recorded the dulcet tones of many big-name music acts in the 1960s and 70s.

Image: Florenceal.org

On May 26, acting on a tip from Milwaukee, Wisc.-based cybersecurity firm Hold Security, KrebsOnSecurity contacted the office of Florence’s mayor to alert them that a Windows 10 system in their IT environment had been commandeered by a ransomware gang.

Comparing the information shared by Hold Security dark web specialist Yuliana Bellini with the employee directory on the Florence website indicated the username for the computer that attackers had used to gain a foothold in the network on May 6 belonged to the city’s manager of information systems.

My call was transferred to no fewer than three different people, none of whom seemed eager to act on the information. Eventually, I was routed to the non-emergency line for the Florence police department. When that call went straight to voicemail, I left a message and called the city’s emergency response team.

That last effort prompted a gracious return call the following day from a system administrator for the city, who thanked me for the heads up and said he and his colleagues had isolated the computer and Windows network account Hold Security flagged as hacked.

“I can’t tell you how grateful we are that you helped us dodge this bullet,” the technician said in a voicemail message for this author. “We got everything taken care of now, and some different protocols are in place. Hopefully we won’t have another near scare like we did, and hopefully we won’t have to talk to each other again.”

But on Friday, Florence Mayor Steve Holt confirmed that a cyberattack had shut down the city’s email system. Holt told local news outlets at the time there wasn’t any indication that ransomware was involved.

However, in an interview with KrebsOnSecurity Tuesday, Holt acknowledged the city was being extorted by DoppelPaymer, a ransomware gang with a reputation for negotiating some of the highest extortion payments across dozens of known ransomware families.

The average ransomware payment by ransomware strain. Source: Chainalysis.

Holt said the same gang appears to have simultaneously compromised networks belonging to four other victims within an hour of Florence, including another municipality that he declined to name. Holt said the extortionists initially demanded 39 bitcoin (~USD $378,000), but that an outside security firm hired by the city had negotiated the price down to 30 bitcoin (~USD $291,000).

Like many other cybercrime gangs operating these days, DoppelPaymer will steal reams of data from victims prior to launching the ransomware, and then threaten to publish or sell the data unless a ransom demand is paid.

Holt told KrebsOnSecurity the city can’t afford to see its citizens’ personal and financial data jeopardized by not paying.

“Do they have our stuff? We don’t know, but that’s the roll of the dice,” Holt said.

Steve Price, the Florence IT manager whose Microsoft Windows credentials were stolen on May 6 by a DHL-themed phishing attack and used to further compromise the city’s network, explained that following my notification on May 26 the city immediately took a number of preventative measures to stave off a potential ransomware incident. Price said that when the ransomware hit, they were in the middle of trying to get city leaders to approve funds for a more thorough investigation and remediation.

“We were trying to get another [cybersecurity] response company involved, and that’s what we were trying to get through the city council on Friday when we got hit,” Price said. “We feel like we can build our network back, but we can’t undo things if peoples’ personal information is released.”

A DoppelPaymer ransom note. Image: Crowdstrike.

Fabian Wosar, chief technology officer at Emsisoft, said organizations need to understand that the only step which guarantees a malware infestation won’t turn into a full-on ransomware attack is completely rebuilding the compromised network — including email systems.

“There is a misguided belief that if you were compromised you can get away with anything but a complete rebuild of the affected networks and infrastructure,” Wosar said, noting that it’s not uncommon for threat actors to maintain control even as a ransomware victim organization is restoring their systems from backups.

“They often even demonstrate that they still ‘own’ the network by publishing screenshots of messages talking about the incident,” Wosar said.

Hold Security founder Alex Holden said Florence’s situation is all too common, and that very often ransomware purveyors are inside a victim’s network for weeks or months before launching their malware.

“We often get glimpses of the bad guys beginning their assaults against computer networks and we do our best to let the victims know about the attack,” Holden said. “Since we can’t see every aspect of the attack we advise victims to conduct a full investigation of the events, based on the evidence collected. But when we deal with sensitive situations like ransomware, timing and precision are critical. If the victim will listen and seek out expert opinions, they have a great chance of successfully stopping the breach before it turns into ransom.”

Read the whole story
101 days ago
ÜT: 50.285716,-119.256393
Share this story
1 public comment
100 days ago
This is sad. I'm with Fabian Wosar here. Once you know you've been breached, the only responsible thing to do is rebuild from scratch. Unfortunately, that takes a lot of time and money.
Los Angeles, CA

Various Tumblr Gems to Keep the Day Moving

1 Share

Tumble users are one part creative chaos, one part boredom, and one part sleep deprivation. Throw in some extremely specific pop culture references and you've got a recipe for some hilarious and totally random Tumblr gems. You never know what people are gonna pull out of their heads and spit out as totally random Tumblr gems to occupy existing.


Lighting - theoldness khanos it's vegan blackmodel Recipe? officialschool organic earthy dirt deeply infused with vegan,dairy-free, gluten free milk with a hint of non GMO organic fresh grass 198,649 notes


Text - gothammite yknow i saw an article that was like "robert pattinson standing strong against the batman hate! :)" and im like. you fools. you absolute clowns. don't you know who you're dealing with? you realize this is the man who waded through all of the twilight hate? with stride? basically brushed it off of his shoulder immediately? even as a non twilight fan in the early 2000s i knew this man would never succumb to the words of the simple minded. batman criticism means nothing to him. he


Text - neutraldankhotel you: *eats 100 ears of corn in two hours* I am the corn king! I cannot be outcorned me: *eats 101 ears of corn in ten minutes* just another day in the corn fields 10inchflaccid what? neutraldankhotel I don't know. i woke up at 6am, wrote this, and went back to sleep 10inchflaccid hope youre okay 364,502 notes >


Text - P i-am-a-fish everytime I stay at a hotel I take a bite out of the soap bar to confuse the cleaning staff damaramegido hey op real quick what the Actual fuck transselkie Hey op you do realize that by actually biting a chunk of fucking soap you are in fact the one losing karo-chic y'all are just jealous that op is brave enough to monch on the forbidden chocolate... i-am-a-fish I'm living dragon-hated-art What does the forbidden chocolate taste like i-am-a-fish soap 222,639 notes A


Text - askinnyblackman things i used to laugh at actual jokes things i laugh at now yard sard 286,579 notes


Photo caption - someonespetturtle under communism we all have to share one toothbrush with this man 126,069 notes


Text - toastpotent nobody: half full water bottle left behind on the floor of a public bus: *rolls around* thejoanglebook OP is an optimist 103,004 notes


Cat - arousedhoe hey does anyone know the fastest way to clean up milk that's covering every goddamn i nch of the kitchen floor saddestblogger i know a gal..she's on her way arousedhoe thanks saddestblogger #q 383,370 notes


Text - videntefernandez we would be living in in the correct timeline if megamind had been more successful than despicable me aethernalstars #we would be living in the correct timeline #if the story of a supervillain adopting 3 kids and becoming a Dad #had been more successful than the background yellow comic relief characters #despicable me was fine it's a shame that ppl cared more abt minions than the actual plot It's true and you should say it @ghostlyboop 71,857 notes >


Text - O spotifyofficial Spotify premium is now only $4.99 for people who have foreskin! Just send in that dick pic and get endless streaming! bird-big oh sick i knew this thing would come in handy 13,922 notes


Text - 70slesbian we need to stop doing litterary analysis.. like maybe kafka just litteraly turned into an insect who are we to tell him that he didnt 46,217 notes


Text - lia-wild-english School: we're continuing all classes online! My ADHD brain: oh so what you're saying is Time doesn't exist, Sleep Schedules are no longer apparent, and The Classes may still exist but only as a strange distant entity that I can no longer interact with in any meaningful way okura94 Okay, but imagine you're the teacher. That's my life rn 30,043 notes


Face - siobhanblank-deactivated2019011 why's this site so weird about horses? they're just horses. the-descolada Are you sure siobhanblank 381,952 notes


Text - broscarwilde Pennywise did NOT say "gay rights." OUT.COM Pennywise Is Surprisingly Anti-Queer in 'It Chapter Two' im sorry but this is THE FUNNIEST thing i ever read with my own two eyes sharpestrose im-still-in-shock They're making Hannibal evil... I shoulda seen this coming but still... I was hoping he'd be an anti-hero at least. :( bonanzajellybean HE EATS PEOPLE #this is so EMBARRASSING 41,545 notes >


Text - izzetheking What the Heck is a mushroom?Well let me tell you... its like a plant... but stop right there...Its not a plant... its nota planet and not an animal.. Its something else... Something fucked up that we havnt ever seen before... You can eat it on a steak but its not an animal or a plant... So what is a mushrom? Its a fungits 67,531 notes


Vertebrate - realest-asami-requiem THIS NICHE EMPTY FEET thoughtcontainment Meme culture has peaked, gang. It's all downhill from here.


Text - vorefoot-contessa Hello tumblrinas. Did i miss much? fleetnaturals elon musk is pregnant 5,186 notes A


Text - "I think being an editor really helped me take other people's notes on my writing. I'd get a note like 'It's too wet' or 'The first couple chapters are good, but then the rest of the pages were so wet that they were completely illegible' or 'Did you dip this in Sprite? This smells like Sprite. Why would you dip your novel in Sprite?' And instead of pushing back, l'd listen. That's an incredibly important skill for a young writer to have."


Text - zackisontumblr Total Current browsers visitors are using. 31 Chrome 12 Safari 5 Firefox 2 Internet Explorer 1 Wit Wii someone is on my blog on their wii that is dedication right there zackisontumblr 2013 was a simpler time 441,072 notes


Text - outofcontextbratz I feel so down, I can barely even bring myself to follow the arrow that's pointing towards the Smoothie Bar. * game84cube Why do I vibe with this? 15,163 notes Posted in r/tumblr by u/VUXX6078 reddit


Text - ollieplimsolls open rp Hey can I get seven large cokes and a bbq sauce taahko is pepsi ok villneuve 'i guess' i said sulking, my amber hued orbs peering down because of gravity taahko 'ok. i hand you seven large cokes and a pepsi 233,693 notes


Text - felwinter-deactivated20190201 my sister has apparently had to stop playing Skyrim because she stole every book in the game to stock her house so now her house is full of books to the point where it almost breaks the game and every time she tries to read one guards teleport into her home and arrest her aminoasinine Ray Bradbury - Fahrenheit 451 (1953) 172,061 notes >


Font - cineastette you will not believe the date i just had physcicduckface I miss this meme physcicduckface I'm glad others also missed this meme #food 470,367 notes


Text - generalgrievousdatingsim oh to be a slightly ridiculous looking sea monster on a geographically inaccurate medieval map 63,582 notes


Text - reallyreallyreallytrying people say dolphins are smart but there not smart enough to not be Shity grey rubber tubes flappin about in the gotdamn ocean mystic-bullshitt *they're reallyreallyreallytrying congratulations! you are the piss lord of shit mountain. thank u for hefting turds down the mountainside so that we, the proles, may feast on your bounteous craps mosticonicposts certified iconic post 357,933 notes


Circle - swankydesserts DI 26 I went to a 90s themed party last night piesandfalcs it's a cup cake generic-housewife You know what.... 45,584 notes


Text - r4cs0 BE A FUNCTIONING WEBSITE momir You can carbon date this post by its shade of blue thefirstpaleontologist wildmuddyriver S spoonfulofcurry Follow beakybee Tumbir blue through the years. attackofthebteam computer illiteracy pride flag Source: beakybee 129.033 notes A beanskelly I'm not gonna lie I miss the days of when tumblr wasn't this deep saturated blue 111,724 notes


Text - davidlieberman going to brine myself with sugar and salt, then hotbox my car with some nice alder wood chips to smoke myself like a salmon.... see you on the other side brother.. 29,500 notes


Text - aquaticpaleo Neil Shubin @NeilShubin Finall...A Minecraft Tiktalik. fossils- archeology.fandom.com/wiki/Tiktaalik 6/15/19, 2:53 PM words cannot sum up my love for neil shubin whales-are-gay guys. neil shubin is the person who discovered the tiktaalik. neil shubin, actual paleontologist, discoverer of the evolutionary link between land and sea, tweeted about a minecraft mod that has his discovery in it. 44,245 notes


Text - s-ound-wave S thedominoswizard Follow tragedycamp hamlet is about everything if you try hard enough tragedycamp "read a different play" no! 2,313 notes


Text - snuv songs to touch the stove to 4,551 notes


Text - Anonymous said How is your husband? the-real-rupaul He should be fine I left him with enough food and water for a week the-real-santino-rice That was two weeks ago the-real-rupaul Oh god no let me go check on him the-real-rupaul By Talos this can't be happening


Text - lake-erie this year's prom theme is... *opens envelope* Great Lakes Invasive Species And What Boaters Can Do To Stop Them footballintuxedos And the subject of tonight's ecology panel is *turns on powerpoint* Enchantment Under the Sea 117,014 notes

Submitted by:

Read the whole story
122 days ago
ÜT: 50.285716,-119.256393
Share this story

How to configure the new Room Finder in Outlook

1 Share

Did you hear of room lists? What is a room list?

A room list is a collection of room mailboxes. Room lists are specially marked distribution groups that you can also use the same way you use ‘regular’ distribution groups. You can only create room lists using the Exchange Management Shell. This article goes over how to create a room list in Exchange. We highly recommend defining room lists to mirror your building layouts, so that the room finder works best.

We wanted to talk about this because we have now released the new room finder experience to Exchange Online Outlook on the web (and you should start seeing it roll out to other Outlook clients over the next few months).

Note: If room lists are not set up, the room finder will not be very useful.

Setting up the city property

If you want to have room list appear under specific cities, you must set the city property for room list using Set-Place cmdlet (use the -City property) or places API in Microsoft Graph.

Setting up this properly allows you to see cities under Room Finder, like the following:

1. List of recent room lists that user used or rooms that user booked that belong to those room list.

2. List of all cities where room list (buildings) are located.


Setting up filters

Filters for rooms are also set by using Set-Place cmdlet or places API. Some examples:

1. Capacity of a room (use the -Capacity property)

2. Floor on which the room is located (-Floor property)

3. Define other features a room may have:

  • Several properties that can be used to define the type of a device present in the room: -AudioDeviceName, -DisplayDeviceName and -VideoDeviceName
  • The -IsWheelChairAccessible parameter specifies whether the room is wheelchair accessible


Coming soon: to add more filters, the ‘tag’ property can also be set per room mailbox using Set-Place cmdlet (-Tags property) or places API. The room finder will display the unique tag string value for each room (see the “Bean bags” tag in the above screenshot, as an example.)

Room list FAQ

How can I see a list of all room lists without having to filter by city first or select recent room list?

This functionality is not available today. The Outlook team has acknowledged this request so that it can be implemented.

Why can’t I see all the cities that my company has a presence in?

There are 2 reasons why this may happen:

  • The city property for a room list has not been set or
  • We are working through a bug that causes only a subset of cities to appear for some of our customers; if you have this problem, in a few weeks it will be history

Why is my room list (building) under the wrong city?

This is most likely due to an incorrect city value set for the room list. Please review what the city value is for the room list and confirm it is correct.

I see the room finder in Outlook on the web; will the same show up in Outlook for Windows and Mac?

Yes. We are working on releasing this to other Outlook clients.

Do my room mailboxes need to be in Exchange Online for this room finder feature to work?


Victoria Rodriguez

Read the whole story
125 days ago
ÜT: 50.285716,-119.256393
Share this story
Next Page of Stories