|
CLAM DOWN posted:gently caress that, OANN deserves it. 
|
#
?
Dec 5, 2020 16:49
|
|
|
|
| # ? May 26, 2024 08:28 |
|
|
trashy owl posted:If you thought it was anything other than "haha look at these morons, these absolute buffoons" I really don't know what to tell you. This is the most accurate summary of InfoSec in general I think I've ever seen.
|
|
#
?
Dec 6, 2020 02:34
|
|
|
Proteus Jones posted:This is the most accurate summary of InfoSec in general I think I've ever seen. P'much
|
|
#
?
Dec 6, 2020 06:17
|
|
|
The Iron Rose posted:This is the dumbest thing. OANN sucks but the level of interest I have in celebrating leaked Wordpress credentials is nonexistent. They’re not owning anyone. They’re certainly not pwning anyone. No its cool actually
|
|
#
?
Dec 6, 2020 23:28
|
|
|
https://twitter.com/CommieGIR/status/1336424625471954947?s=20 Fireeye got popped.
|
|
#
?
Dec 8, 2020 22:38
|
|
|
CommieGIR posted:https://twitter.com/CommieGIR/status/1336424625471954947?s=20 In-loving-credible.
|
|
#
?
Dec 8, 2020 22:44
|
|
|
CommieGIR posted:https://twitter.com/CommieGIR/status/1336424625471954947?s=20 
|
|
#
?
Dec 8, 2020 22:45
|
|
|
Sickening posted:In-loving-credible. Just goes to show that everybody gets got at some point.
|
|
#
?
Dec 8, 2020 22:47
|
|
|
Wonder how they got in?
|
|
|
#
?
Dec 8, 2020 23:13
|
|
|
Vigil for Virgil posted:Wonder how they got in? https://twitter.com/gsuberland/status/1336452690059141120?s=20
|
|
#
?
Dec 9, 2020 00:34
|
|
|
One of my vendors was making a massive push two years ago to get me to replace everything we own with FireEye equivalents lol Thankfully I just took their sales guys for a ride to the tune of a dozen super expensive wine-and-dines and dumped them or this could have looked unfortunate for me 
|
|
#
?
Dec 9, 2020 01:47
|
|
|
https://twitter.com/thegrugq/status/1336468185244045312
|
|
#
?
Dec 9, 2020 01:51
|
|
|
We use basically every single FireEye product in existence. Our rep called right away to assure that customer data was safe but my gut tells me otherwise...
|
|
#
?
Dec 9, 2020 03:02
|
|
|
Fireeye had an ISP problem a few years ago resulting in some emails to us not being delivered, intermittently. We had no idea, senders received no bounce. It took weeks for them to fix it, so we dropped them. poo poo company.
|
|
#
?
Dec 9, 2020 03:10
|
|
|
Yeah, those attacks are unheard of! 
|
|
#
?
Dec 9, 2020 03:13
|
|
|
Already gone.
|
|
#
?
Dec 9, 2020 06:34
|
|
|
It was a post about some vmware workspace one vulnerabilities but no evidence linking to the fireeye hack
|
|
#
?
Dec 9, 2020 06:48
|
|
|
https://twitter.com/Bing_Chris/status/1338195736056524803?s=20
|
|
#
?
Dec 13, 2020 21:00
|
|
|
Oh drat, looks like multiple federal agencies got hit and the culprit seems to be a foreign state introducing back door into Solarwinds Orion monitoring tools between March/June this year: https://twitter.com/razhael/status/1338267165221396480?s=20 https://www.reuters.com/article/us-usa-solarwinds-cyber-idUSKBN28N0Y7
|
|
#
?
Dec 14, 2020 01:56
|
|
|
Good info here: https://www.fireeye.com/blog/threat...t-backdoor.html
|
|
#
?
Dec 14, 2020 04:21
|
|
|
Apropos of nothing, I wonder what it’s like to be a car mechanic or something, where you don’t need to worry about nation states or other shitheads keeping you up at night with worry on the reg.
|
|
#
?
Dec 14, 2020 04:39
|
|
|
As an infosec guy who also does mechanic stuff: Customers still suck.
|
|
#
?
Dec 14, 2020 04:53
|
|
|
Customers are always the biggest threat
|
|
#
?
Dec 14, 2020 04:54
|
|
|
This is the kinda poo poo I love to show people when they ask "how can we be 100% secure?"
|
|
#
?
Dec 14, 2020 06:36
|
|
|
Martytoof posted:Apropos of nothing, I wonder what it’s like to be a car mechanic or something, where you don’t need to worry about nation states or other shitheads keeping you up at night with worry on the reg. Good news, as cars become more connected, you get to deal with this poo poo there too! Beep beep, here comes the GSM > Head unit > CANBUS
|
|
#
?
Dec 14, 2020 06:43
|
|
|
Internet Explorer posted:This is the kinda poo poo I love to show people when they ask "how can we be 100% secure?" We all get hacked eventually, infosec is how well you prepped and can deal with it.
|
|
#
?
Dec 14, 2020 07:06
|
|
|
i’m very happy that Solarwinds ended up being the vector this time around
|
|
#
?
Dec 14, 2020 09:24
|
|
Internet Explorer posted:This is the kinda poo poo I love to show people when they ask "how can we be 100% secure?" The thing is that a lot of companies can be protected from a lot of poo poo by doing the basics right and that's something that as an industry we still loving suck at We over rely on passwords even though they have been known to be a really poor system. We don't do enough education for staff, we lead a blame culture instead of understanding, even though we all agree that infosec is loving hard. And we still can't get patching right because "Eh, that would incur downtime which we can't afford". Obviously that's not gonna protect you from everything.
|
|
|
#
?
Dec 14, 2020 09:25
|
|
|
Martytoof posted:Apropos of nothing, I wonder what it’s like to be a car mechanic or something, where you don’t need to worry about nation states or other shitheads keeping you up at night with worry on the reg.
|
|
#
?
Dec 14, 2020 10:43
|
|
|
Ironically, I wonder how many sensitive orgs were spared this particular hack because they didn't patch Solarwinds on schedule. Given this was a patch from this summer I'd say that the number is definitely non-zero.
|
|
#
?
Dec 14, 2020 14:09
|
|
|
Martytoof posted:Ironically, I wonder how many sensitive orgs were spared this particular hack because they didn't patch Solarwinds on schedule. Given this was a patch from this summer I'd say that the number is definitely non-zero. Somewhere my old boss is telling people about this and saying, "And that's why we don't update our software" 
|
|
#
?
Dec 14, 2020 14:36
|
|
|
Internet Explorer posted:This is the kinda poo poo I love to show people when they ask "how can we be 100% secure?" Yeah. My answer is usually, shut it off encase it in concrete wrap in tinfoil and bury.
|
|
#
?
Dec 14, 2020 15:03
|
|
|
Martytoof posted:Ironically, I wonder how many sensitive orgs were spared this particular hack because they didn't patch Solarwinds on schedule. Given this was a patch from this summer I'd say that the number is definitely non-zero. I’m just going to say that I looked at 3 customer solarwinds servers yesterday and they all were running a version too old to be impacted so yeah.
|
|
#
?
Dec 14, 2020 16:20
|
|
|
Hotfix 1 is out for Solarwinds, another coming on the 15th. Still should check to see what your local solarwinds was talking to.
|
|
#
?
Dec 14, 2020 16:21
|
|
|
Bob Morales posted:Somewhere my old boss is telling people about this and saying, "And that's why we don't update our software" I might be your boss. The little if any good news out of this is the InfoSec group hosed up by going right to "wipe our systems nooooooooooooooooooooooooooooooooow," and cc'd everyone before providing any actual evidence we were compromised. Someone was smart enough to call them out to ask for reports from the 2-3 security appliances we pay a fuckton for asking if there was any actual suspicious activity and what's up with them if we are so hosed we need to wipe our systems.
|
|
#
?
Dec 14, 2020 16:24
|
|
|
Maneki Neko posted:I’m just going to say that I looked at 3 customer solarwinds servers yesterday and they all were running a version too old to be impacted so yeah. I checked in with a customer I knew using it last night and they were in the same boat. Hooray for not updating! 
|
|
#
?
Dec 14, 2020 16:27
|
|
|
ghostinmyshell posted:I might be your boss. Your infosec group sucks. For one thing, never wipe your systems, shut them down and preserve them for investigation and spin up your backup network
|
|
#
?
Dec 14, 2020 17:00
|
|
|
RFC2324 posted:your backup network "our what?"
|
|
#
?
Dec 14, 2020 17:11
|
|
|
Subjunctive posted:"our what?" In the case of the small businesses I worked for that would have been spinning up whole new instances, while actively preserving the old compromised backups so they could be restored to a VM for investigation
|
|
#
?
Dec 14, 2020 17:14
|
|
|
|
| # ? May 26, 2024 08:28 |
|
|
Did some poor security practices lead to the US Government and FireEye breach? SolarWinds exposed their FTP server credentials in a Github leak in 2019 https://savebreach.com/solarwinds-credentials-exposure-led-to-us-government-fireye-breach/
|
|
#
?
Dec 14, 2020 17:52
|
|