or, you just let your bangalore support to change 2 passwords and forget all that happened and continue to ignore reality.This is a total shit show!
If you enjoy the forum please consider supporting it by signing up for a NES Membership The benefits pay for the membership many times over.
or, you just let your bangalore support to change 2 passwords and forget all that happened and continue to ignore reality.This is a total shit show!
if they hack into my computer, the download of mutated porn viruses they will introduce into their system will render their systerm inoperable pretty quickly. You IT guys can thank me for saving the world anytime now.
You didn't hear about the EventSentry hack 2 weeks ago?We use solarwinds at work (NPM & SAM) but I have shut down services and disabled them (server it was hosted on had no internet access). We use very little of it and can replace it with another great piece of software we have, EventSentry.
Imma be blunt - you need to stop pretending you have enough clue to wave your it penis around and do some more research:
Imma be blunt - you need to stop pretending you have enough clue to wave your it penis around and do some more research:
Could someone explain the nature and scope of the attacks to a non IT guy. I read the hack began back in March, appearing coincidently with that of made in china bat juice.
Hah, I dodged a bullet. Couple months ago was contacted about a leadership position at SolarWinds. Said no, in part due to the limited upside and unlimited downside of taking over responsibility for that stack.
What if we’re not following it because we don’t use it?I know there are some fellow IT pros on this forum. IDK if you're following the Solar Winds story, but this shit is the scariest shit I have ever seen in my career... This is a truly epic compromise we'll be learning more about each day for weeks. It's already played a role in the compromise at FireEye, now Microsoft, many branches of the Federal Government.... This shit is scary stuff...
IMHO, if you work in IT and aren't following this, you may want to reevaluate your priorities...
who knows. 30 yrs ago - nope, nowadays - maybe they indeed got somewhat cyberwarfare ready.Maybe it's just me, but after this whole Russian collusion bullshit and the fact that the left is already calling this a Russian "invasion" worthy of an in-kind response I'm skeptical.
FireEye made a statement that they have counter measures in place to prevent the use of those tools/detect the use...It was on a con call with their G.C. and our G.C... Take that how you want.2FA...it's a thing. Fireye was hacked and their Red Team tools were used to breech solarwinds, 2FA would have mitigated the breech...but it wasn't mandatory.
Axiom....Security is not convenient,
SolarWinds was skinflint RMM. You get what you pay for,
impressive!Microsoft unleashes ‘Death Star’ on SolarWinds hackers in extraordinary response to breach
Analysis: This week Microsoft took a series of dramatic steps against the recent SolarWinds supply chain attack. In the size, speed and scope of its actions, Microsoft has reminded the world that it can still muster firepower like no one else as a nearly-overwhelming force for good.www.geekwire.com
Moral? Dump Microsoft and use Linux.
Because of the extensive amount of labor, downtime, and cost, many organizations are just not going to take the steps to properly remediate. That means the consequences of the compromise will live on for years. Information will continue to be stolen, ransomware will continue to propagate, who knows what the long-term implications will be.
Meh, I doubt it. Most people aren't going to do shit, other than standardized security inspections, changing of passwords, and so on. Unless the system involved is really
sensitive. Nobody would ever get anything done if you had to destroy every machine that ever had a mild security problem.
Is this a big deal? No doubt. I don't disagree on that. Conhugecos that used this shit are likely very vulnerable and also the most likely to be exploited by chicoms or russian hackers, etc. Because there's money involved.
Moral? Dump Microsoft and use Linux.
I work in an environment that has 30% linux boxes. The rest are macs and windows machines.
NEARLY ALL of the worst security incidents in the past decade that we ever had, have come from this class of machines.
ALL of the worst, most f***ing aggravating, security policies we have, also, have evolved from f***ing intrusions into linux boxes.
If someone kept a running tab, in the number of man hours wasted on forensics on those issues, the amount of time could never
even be met, let alone exceeded, by the other OSes.
Back when I was more involved in auditing, most of the leg work I had to do was with getting people with linux boxes to fix their
shit. It doesn't help that when you install the average linux distro, it's basically a big box of stale donuts in under a year and, with some
exceptions, completely abandoned. Even a shitty Mac or Windows OS release gets at least 5 years of patches.
I'm not saying "linux is inherently insecure". My point is more like "it's trivially easy to punch yourself in the dick with linux if you don't know what you're doing".
It's almost as if the people who keep chanting use linux over the past 20+ years don't know anything about the joys of Linux, especially the builds that were around up until relatively recently.
Linux is so great that it's free and people still don't use it.
brb while i spend 5 hours trying to figure out why I have no sound in linux, etc.
I've had this happen with Windows also.The best is when you go to help some rando patch their machine and the entire patching thing/subsystem fails because the OS is just barely 2 months out of date. So you have to fix the
f***ing thing, before you can even patch the OS. Seen that movie too many times.
Hell if they launched our own nukes on D.C. I don’t think I would be upset. So, what difference does this make to the average American?
Be a shame if it were to broom all the evidence of Deep State collusion against Trump." The remediation effort alone will be staggering. It will require the segregated replacement of entire enclaves of computers, network hardware and servers across vast federal and corporate networks. "
My thoughts exactly maybe Putin can drain the swamp.Be a shame if it were to broom all the evidence of Deep State collusion against Trump.
But that would just be coincidence.
Sooo for us laymen can someone break this down. As far as impact on the average American? If Russia has dirt on the U.S, government from this hack I’m honestly not that upset about it. Hell if they launched our own nukes on D.C. I don’t think I would be upset. So, what difference does this make to the average American?