borari

I have a 6 bay, so yeah that might be a little limiting. I have all my personal stuff backed up to an encrypted cloud mount, the bulk of my storage space is pirated media I could download again, and I have the Synology using SHR so I just plug in a bigger drive, expand the array, then plug in another bigger drive and repeat. Because of duplication sectors you might not benefit as much from that method with just 4 bays. Or if you have enough stuff you can’t feasible push to up to the cloud to give piece of mind during rebuilding I guess.

Depending on how many bays your Synology is, you might be best off getting a nuc or a mini pc for compute and using your synology just for storage.

Bro it’s a huge problem, companies will blame the employee that opened the malicious document instead of blaming their fucking abysmal internal security controls, detection, and response.

lol. Uhhhhhhh not so much lol.

I work on an internal red team, so covert in prod operations instead of limited scope one off pen tests. We actively phish employees, but any victim user isn’t named in the report and we provide follow up training with them that’s not shame based and it’s with the operators directly, not some mandatory online class annual training bullshit.

It sucks, but this is a huge vector of initial compromise for APTs, and I work in an industry and for a company that are both extremely frequently targeted by APTs, so we have to do what we do. It lets us identify gaps in security and signature known ttps so our defensive teams can id those alerts when they pop.

I’m currently using it to generate initial contact emails, and generate contextual responses to received replies, for a phishing project at work.