azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
400 Commits 3 Branches 0 Tags
2ae7d6a0accdbf2252cfb026016377ae478fcdaa
Commit Graph

13 Commits

Author SHA1 Message Date
Howard Enos
347b2d30a9 sync: auto-sync from HOWARD-HOME at 2026-04-21 18:50:48 
Author: Howard Enos
Machine: HOWARD-HOME
Timestamp: 2026-04-21 18:50:48
 2026-04-21 18:50:52 -07:00
Howard Enos
f15862440e sync: auto-sync from HOWARD-HOME at 2026-04-21 15:07:39 
Author: Howard Enos
Machine: HOWARD-HOME
Timestamp: 2026-04-21 15:07:39
 2026-04-21 15:07:42 -07:00
Howard Enos
924f326e7f sync: auto-sync from ACG-TECH03L at 2026-04-21 08:09:28 
Author: Howard Enos
Machine: ACG-TECH03L
Timestamp: 2026-04-21 08:09:28
 2026-04-21 08:09:38 -07:00
Howard Enos
2f0bc654a1 sync: auto-sync from ACG-TECH03L at 2026-04-20 14:15:01 
Author: Howard Enos
Machine: ACG-TECH03L
Timestamp: 2026-04-20 14:15:01
 2026-04-20 14:15:07 -07:00
Mike Swanson
b0db273e1e Remediation report: breach check john.trozzi@cascadestucson.com — mailbox clean, phishing received 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-20 11:35:18 -07:00
Howard Enos
a92d2d3f2c report: Cascades Tucson phishing sweep - deleted 14 phish across 7 users 
Triggered by John Trozzi reporting a spoof email. Single-user check
confirmed him clean (reported, not compromised). Tenant-wide sweep
found a sustained ~1 month campaign from 4 external IPs (UA/US/DE/AT
- deltahost + ColoCrossing) plus a compromised-M365-tenant relay
vector. Deleted 14 messages (Groups A+B) per Mike's explicit
authorization. Preserved legitimate HR thread (HRPYDBRUN xlsx) and
user outbound forwards as evidence.

Recommendations in report: DMARC p=quarantine/reject for
cascadestucson.com (biggest leverage), TABL IP blocks, zoom.nl
URL block, Defender impersonation protection.

Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-04-20 09:39:22 -07:00
Mike Swanson
9694b4d521 sync: auto-sync from DESKTOP-0O8A1RL at 2026-04-20 08:05:31 
Author: Mike Swanson
Machine: DESKTOP-0O8A1RL
Timestamp: 2026-04-20 08:05:31
 2026-04-20 08:05:34 -07:00
Howard Enos
c4fdb5a233 sync: auto-sync from ACG-TECH03L at 2026-04-19 12:50:13 
Author: Howard Enos
Machine: ACG-TECH03L
Timestamp: 2026-04-19 12:50:13
 2026-04-19 12:50:24 -07:00
Howard Enos
74890d51ec sync: auto-sync from ACG-TECH03L at 2026-04-18 14:28:21 
Author: Howard Enos
Machine: ACG-TECH03L
Timestamp: 2026-04-18 14:28:21
 2026-04-18 14:34:04 -07:00
Howard Enos
d2e375df8a sync: auto-sync from ACG-TECH03L at 2026-04-18 10:17:42 
Author: Howard Enos
Machine: ACG-TECH03L
Timestamp: 2026-04-18 10:17:42
 2026-04-18 10:17:45 -07:00
Howard Enos
dd8e45de80 sync: auto-sync from ACG-TECH03L at 2026-04-17 11:44:31 
Author: Howard Enos
Machine: ACG-TECH03L
Timestamp: 2026-04-17 11:44:31
 2026-04-17 11:44:33 -07:00
Howard Enos
32888ea9d4 sync: auto-sync from ACG-TECH03L at 2026-04-17 11:26:41 
Author: Howard Enos
Machine: ACG-TECH03L
Timestamp: 2026-04-17 11:26:41
 2026-04-17 11:26:46 -07:00
Mike Swanson
100a491ac6 Session log: multi-user setup, audit + gap fixes, Howard onboarding package 
Two session logs:
- session-logs/2026-04-16-session.md: cross-cutting (multi-user, audit, infrastructure)
- guru-rmm session log appended: MSI installer, Len's Auto Brokerage, Uranus, migration drift

Gap fixes: GrepAI initialized + MCP server added, Ollama models pulling,
settings.json created (bypassPermissions), MCP_SERVERS.md written.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-16 18:56:26 -07:00