|
Storysmith posted:well that's two reasons not to work there then thankfully I'd be in a position to address both issues if I get/take the job
|
# ? Jan 11, 2017 05:43 |
|
|
# ? May 17, 2024 02:32 |
|
DuckConference posted:SA got banned from paypal a long time ago, the bittorrent forums or chargebacks or the katrina donation drive or something I don't really remember anymore.
|
# ? Jan 11, 2017 06:09 |
|
so what's going to be the next security punching bag nosql database I would bet redis except it would have to actually keep useful data in it long enough for a hacker to connect
|
# ? Jan 11, 2017 06:49 |
|
Paypal is trash for idiots qtiyd
|
# ? Jan 11, 2017 06:58 |
|
ate poo poo on live tv posted:Paypal is trash for idiots qtiyd
|
# ? Jan 11, 2017 07:05 |
|
|
# ? Jan 11, 2017 07:15 |
|
microsoft hell fucker
|
# ? Jan 11, 2017 07:17 |
|
Aquarium of Lies posted:lol a company I'm interviewing at had an unsecured mongo instance get ransomewared very recently They got what was coming to them imo
|
# ? Jan 11, 2017 08:10 |
|
spankmeister posted:They got what was coming to them imo if you're running mongo you have to assume all your data could just vanish at any point, so it probably wasn't even a big deal
|
# ? Jan 11, 2017 08:19 |
|
An acquaintance of mine took a sabattical and scanned the internet for unsecured mongos for 15 hrs a day for a year. He found thousands and did hundreds of disclosures to whomever owned the databases. About half were fixed I think. I'm not 100% sure but still fairly certain he would have found the same db and disclosed it to the owners.
|
# ? Jan 11, 2017 09:04 |
|
Subjunctive posted:just post your resume here and a steadfast operator will notice it in the database
|
# ? Jan 11, 2017 09:27 |
|
please don't post pictures containing my first and last name without censoring them in mspaint first
|
# ? Jan 11, 2017 09:41 |
|
https://twitter.com/sweatyinbkk/status/819072551687045124 ticketmaster about not using https:
|
# ? Jan 11, 2017 11:45 |
|
Wheany posted:https://twitter.com/sweatyinbkk/status/819072551687045124 wow their site even redirects you to plain http if you try to use https to access it
|
# ? Jan 11, 2017 12:11 |
|
That 29,000 mongo database ransom attack? Well, apparently paying ransom isn't getting the key to decrypt.quote:Merrigan and Gevers are maintaining a public Google Drive document (read-only) that is tracking the various victims and ransom demands. Merrigan said it appears that at least 29,000 MongoDB databases that were previously published online are now erased. Worse, hardly anyone who’s paid the ransom demands has yet received their files back. Here's Krebs article: https://krebsonsecurity.com/2017/01/extortionists-wipe-thousands-of-databases-victims-who-pay-up-get-stiffed/ Here's Google Drive list of victims: https://docs.google.com/spreadsheets/d/1QonE9oeMOQHVh8heFIyeqrjfKEViL0poLnY8mAakKhM/edit#gid=2122582863 Proteus Jones fucked around with this message at 13:04 on Jan 11, 2017 |
# ? Jan 11, 2017 12:59 |
|
and thus begins the fall of ransomware
|
# ? Jan 11, 2017 13:01 |
|
Truga posted:and thus begins the fall of ransomware alternatively: Here ends ransomware as a way to extract value from idiots with computers, here also starts using ransomware to hamper your competitors. Think industrious espionage but instead of stealing your competitors secrets you lock them away behind a wall of crypto and cyber.
|
# ? Jan 11, 2017 13:08 |
|
Boiled Water posted:alternatively: Here ends ransomware as a way to extract value from idiots with computers, here also starts using ransomware to hamper your competitors. Think industrious espionage but instead of stealing your competitors secrets you lock them away behind a wall of crypto and cyber. Maybe this will also occasion a rise in good backup discipline so companies can rapidly recover from... Sorry. I tried but couldn't keep a straight face.
|
# ? Jan 11, 2017 13:14 |
|
i don't know any company that backs up workstations lol
|
# ? Jan 11, 2017 13:25 |
|
nothing of value should be lost if a workstation is blown away
|
# ? Jan 11, 2017 14:09 |
|
Subjunctive posted:nothing of value should be lost if a workstation is blown away
|
# ? Jan 11, 2017 14:11 |
|
Subjunctive posted:nothing of value should be lost if a workstation is blown away we had a contractor that lost '3months of work' because she stored everything on the c drive and the machine was reimaged to upgrade to win 7 nothing of value was lost as her work was garbage so they just terminated her contract lol
|
# ? Jan 11, 2017 14:22 |
|
Subjunctive posted:nothing of value should be lost if a workstation is blown away
|
# ? Jan 11, 2017 14:50 |
|
Subjunctive posted:nothing of value should be lost if a workstation is blown away how much disk quota do your employees have on the file server? e: not defending saving files locally btw
|
# ? Jan 11, 2017 15:33 |
|
Shinku ABOOKEN posted:how much disk quota do your employees have on the file server? when last I cared about workstations, dozens of terabytes if they wanted it
|
# ? Jan 11, 2017 15:47 |
|
The mongodb ransomwares aren't working because the dbs are still open to the world after the data is dropped so copycats are rolling in, blowing away the original ransom note and putting in their own, and repeat nine times so there's no way to pay the attacker that actually has your data In other news, back a while I referenced fears that Russia had access to Telegram, but didn't have much more than speculation to back it up, one thing hidden in the trumppissgate docs is confirmation that yes, Russia has access to Telegram
|
# ? Jan 11, 2017 15:49 |
|
In other Telegram sucks news, nadim going to grad school has done good things https://twitter.com/kaepora/status/819181464369577984
|
# ? Jan 11, 2017 15:53 |
|
what is trumppissgate? Fake edit: my phone autocorrected trumppissgate to trumpageddon
|
# ? Jan 11, 2017 16:14 |
|
A Pinball Wizard posted:what is trumppissgate? Look man, if you're gonna do the joose and forget the last three days don't look at us to fill in the details (Trump likes watching hookers pee on each other, Russia has docs/video on this and other blackmail material, it is the only thing anyone on twitter, TV news, etc has been talking about the last couple days)
|
# ? Jan 11, 2017 16:18 |
|
pr0zac posted:Look man, if you're gonna do the joose and forget the last three days don't look at us to fill in the details news is depressing af lately and I don't blame anyone for avoiding it :\
|
# ? Jan 11, 2017 16:22 |
|
pr0zac posted:Look man, if you're gonna do the joose and forget the last three days don't look at us to fill in the details i think it's less "piss on each other" and more "piss on a bed that obama slept in"
|
# ? Jan 11, 2017 16:25 |
|
Other nugget in there is quote:reported that over the period March-September 2016
|
# ? Jan 11, 2017 16:35 |
|
Munkeymon posted:news is depressing af lately and I don't blame anyone for avoiding it :\ I haven't actively watched the news since like last spring, for every nugget of real news there was 2 hours of "OBAMA AND HILLARY CONSPIRED TO PAINT THE OVAL OFFICE A SHADE OF GREEN THAT IS USED ON THE ISIS FLAG" or some poo poo. most of the real news filters through from other sources, like in this case, same with twitter
|
# ? Jan 11, 2017 16:49 |
|
fins posted:Other nugget in there is plant hugs? this was copied out of a PDF wasn't it
|
# ? Jan 11, 2017 16:49 |
|
Munkeymon posted:plant hugs? Aw, plant hugs.
|
# ? Jan 11, 2017 16:57 |
|
Shinku ABOOKEN posted:how much disk quota do your employees have on the file server? the last time i dealt with this was in like 2004, how exactly are roaming profiles handled now that everything is a laptop on the road or in a home office over vpn
|
# ? Jan 11, 2017 17:06 |
|
pr0zac posted:In other news, back a while I referenced fears that Russia had access to Telegram, but didn't have much more than speculation to back it up, one thing hidden in the trumppissgate docs is confirmation that yes, Russia has access to Telegram Care to elaborate?
|
# ? Jan 11, 2017 17:28 |
|
spankmeister posted:Care to elaborate? Sorry, I'm on phone waiting for my wife's car to be fixed thus lack of details. http://www.theverge.com/2017/1/11/14237136/trump-leak-telegram-security-cracked-russia-encryption quote:An FSB [Russian secret service] cyber operative flagged up the ‘Telegram’ enciphered commercial system as having been of especial concern and therefore heavily targeted by the FSB, not least because it was used frequently by Russian internal political activists and oppositionists. His/her understanding was that the FSB now successfully had cracked this communications software and therefore it was no longer secure to use.
|
# ? Jan 11, 2017 17:31 |
|
security pissup megathread - much hacking, hacking is bad, shouldn't be done
|
# ? Jan 11, 2017 17:33 |
|
|
# ? May 17, 2024 02:32 |
|
every single one of the claims made against trump is completely unverifiable, and buzzfeed believes that journalism means publishing every claim so that the american people can figure out what's real and what's not by themselves. everything in those highlighted printouts is bullshit, and you would be a humongous gullible idiot for taking any of those claims seriously.
|
# ? Jan 11, 2017 17:45 |