OC-5070 d7d9f72fc6 Session log: Dataforth security incident, MFA rollout, test datasheet investigation ...

- DF-JOEL2 compromised via ScreenConnect social engineering (Angel Raya)
- C2 IPs blocked, rogue clients removed, M365 sessions revoked, password reset
- IC3 complaint filed, abuse reports sent to Virtuo and ConnectWise
- Conditional Access policies deployed (MFA, block foreign, block legacy auth)
- 38 stale test station accounts deleted from Entra
- Test datasheet pipeline investigated - data exists in DB, export step broken
- TestDataSheetUploader source code extracted for analysis

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-27 20:07:19 -07:00

..

bg-builders

Reorganize repo: compartmentalize scripts by client/project

2026-03-20 17:15:07 -07:00

dataforth

Session log: Dataforth security incident, MFA rollout, test datasheet investigation

2026-03-27 20:07:19 -07:00

glaztech

Reorganize repo: compartmentalize scripts by client/project

2026-03-20 17:15:07 -07:00

grabb-durando/website-migration

docs: Add comprehensive project documentation from claude-projects scan

2026-01-22 09:58:32 -07:00

gurushow/archive-player

sync: Auto-sync from ACG-M-L5090 at 2026-03-10 19:11:00

2026-03-10 19:59:08 -07:00

horseshoe-management

Complete project organization: move all DOS files to projects/dataforth-dos, create client folders, update Claude config

2026-01-20 16:03:00 -07:00

internal-infrastructure

Reorganize repo: compartmentalize scripts by client/project

2026-03-20 17:15:07 -07:00

ix-server/session-logs

IX server cleanup: detailed notes on 14 removed + 7 restored accounts with backup locations

2026-03-16 18:48:48 -07:00