|
https://twitter.com/DEADLINE/status...ingawful.com%2F But don't worry about the dead black people from cops.
|
![]() |
|
![]()
|
# ? Jun 10, 2024 20:54 |
|
Kesper North posted:e: oh gently caress it nobody cares, make all the jokes you want, just know you're extremely uncreative and it did not spark joy For the record I read the whole thing and I get it, it sucks to hear the same tired joke over and over when you're in a really lovely situation. I hope you and your SO are able to reunite as quickly as possible.
|
![]() |
|
Acebuckeye13 posted:For the record I read the whole thing and I get it, it sucks to hear the same tired joke over and over when you're in a really lovely situation. I hope you and your SO are able to reunite as quickly as possible. Thanks friend. I really appreciate that. She's my bright star, and I miss her so much.
|
![]() |
|
Wasabi the J posted:https://twitter.com/DEADLINE/status...ingawful.com%2F Did you watch the speech or are you commenting on the twitter byline??
|
![]() |
|
Holy loving poo poo, another exploit was exposed, this time in Microsoft Exchange. https://www.lawfareblog.com/microsoft-exchange-hack-and-great-email-robbery According to the article, this could be just as big as Solar Winds. quote:As I write this, the world is probably days away from the “Great Email Robbery,” where a large number of threat actors around the globe are going to pillage and ransom the email servers of tens of thousands of businesses and local governments. Or at least pillage those that the purported Chinese actors haven’t already pillaged.
|
![]() |
|
Once again, I am glad to be boring as gently caress.
|
![]() |
|
Yeah. I do digital forensics and incident response, and we've been turning 9-10 desperate clients away every day since that news broke due to sheer lack of capacity. We give them a detailed handout on what to do, because it's basically the same story in each case, but we can't actually work with them. And it's actually far worse than just an Exchange compromise, because on-prem Exchange service accounts have domain admin privileges - so congrats, it's not just Exchange, it's your entire domain that's been compromised and now you get to rebuild your entire network. Hope your backups work! And are clean! And that you have backups!
|
![]() |
|
Acebuckeye13 posted:It's pretty good, arguably the best of the Smithsonian cafeterias (Though AAHC is right up there as well) but it's geared towards tourists and relatively expensive as a result. It's basically an infinity room!
|
![]() |
|
Bored As gently caress posted:Holy loving poo poo, another exploit was exposed, this time in Microsoft Exchange. Lol, buttery males!
|
![]() |
|
CryptoLocker groups are rolling in on it now so kiss those already stolen emails goodbye.
|
![]() |
|
They definitely got NIPR right? Like lmao gently caress I'm so glad I'm quitting IT.
|
![]() |
|
Exchange looks like it's going to be way, way worse than Solarwinds or Accellion. The thing about SW is that while they inserted a backdoor into the supply chain and compromised.tens of thousands, they did so "safely". Unless you were in the much smaller target set, the backdoor shut itself down after checking in. There was also no way for your average cybercrime group to replicate the attack since it was a complex supply chain operation and not a clever 0-day. There was also no way for for a third party to break in through the solarwinds backdoor. Exchange on the other hand, it looks like the 0-day exploits leaked to several groups before the patch even dropped, multiple groups are automated them to hit every exchange server on the internet, and many of these groups are dropping a follow-up backdoor called a webshell. Most of these webshells are "off the shelf" components so to speak and they have no authentication. That means even if exchange is patched there is still a wide open door anyone on the internet can come waltzing through. Basically Solarwinds was a guy breaking into the locksmith's and altering the mold to support a new master key. They then hit every house in the neighborhood but 90% didn't have what they wanted so they left and locked the door. Exchange is a guy discovering you can break a certain lock by hitting it just right with a screwdriver. They then went and busted every lock in the neighborhood.
|
![]() |
|
Kesper North posted:Yeah. I do digital forensics and incident response, and we've been turning 9-10 desperate clients away every day since that news broke due to sheer lack of capacity. We give them a detailed handout on what to do, because it's basically the same story in each case, but we can't actually work with them. And it's actually far worse than just an Exchange compromise, because on-prem Exchange service accounts have domain admin privileges - so congrats, it's not just Exchange, it's your entire domain that's been compromised and now you get to rebuild your entire network. I feel like this event is a giant sales pitch for O365 and Azure.
|
![]() |
|
Well gently caress, I know what I'll be doing at work for like the next two weeks. Backups ahoy!
|
![]() |
|
Wasabi the J posted:They definitely got NIPR right? Like lmao gently caress I'm so glad I'm quitting IT. Not touching computers was the best career move I have ever made. Less work, more pay. I don't understand how that works out.
|
![]() |
|
Soylent Pudding posted:Exchange looks like it's going to be way, way worse than Solarwinds or Accellion. The thing about SW is that while they inserted a backdoor into the supply chain and compromised.tens of thousands, they did so "safely". Unless you were in the much smaller target set, the backdoor shut itself down after checking in. There was also no way for your average cybercrime group to replicate the attack since it was a complex supply chain operation and not a clever 0-day. There was also no way for for a third party to break in through the solarwinds backdoor. Note that this is not an issue if your org uses office 365 and does not have their own exchange server.
|
![]() |
|
Mr. Nice! posted:Note that this is not an issue if your org uses office 365 and does not have their own exchange server. Well.....gently caress
|
![]() |
|
Mr. Nice! posted:Note that this is not an issue if your org uses office 365 and does not have their own exchange server. Unfortunately, from what I have seen in the last decade, even most orgs that have migrated all of their users over to 365 probably still have an exchange server running for the half dozen legacy apps that are using it for smtp.
|
![]() |
|
Mr. Nice! posted:Note that this is not an issue if your org uses office 365 and does not have their own exchange server. That's a good point to keep in mind. For those less interested in the fiddly bits of computer touching but care about policies and norms of cyber conflict there is a strong argument that the Us should be holding solarwinds as an example of responsible and restrained espionage and treat the exchange shitfuckery as an irresponsible deviation from principles due to the latter's massive collateral impact. I also just thought of this. But in the event of cyber conflict does an adversary like Russia or China even have to hack into all our stuff themselves or can they drop some of their 0day stash in darknet forums and let the ransomware gangs do the work of attacking at scale?
|
![]() |
|
https://twitter.com/axios/status/1370346618889900033 If Marco Rubio told me the Pope was Catholic, I’d call the Vatican switchboard to check, but I don’t know what his play is here.
|
![]() |
|
Platystemon posted:If Marco Rubio told me the Pope was Catholic, I’d call the Vatican switchboard to check, but I don’t know what his play is here. BIG TECH BAD https://twitter.com/jbarro/status/1370382519561027590?s=19 Also he's looking to 2024 and playing this as a dumb "mavericky" thing because of polarization, when Rubio is a right-to-work union-busting gently caress.
|
![]() |
|
Soylent Pudding posted:That's a good point to keep in mind. I don't think we will immediately recognize a "cyber war" because of exactly what you pointed out. I also believe that we are totally screwed if any actor goes "all in" with any kind of cyber attack. Everyone talks about these attacks like they are on a battlefield, but I don't think they realise just how asymmetric it really is.
|
![]() |
|
ASAPI posted:I don't think we will immediately recognize a "cyber war" because of exactly what you pointed out. also any coordinated attack at any scale can take out huge chunks of infrastructure basically immediately because security is just that bad everywhere. edit: and if a nation state wanted to do something crazy like cut ocean cables or anything else sufficiently dr. evil-esque you could trash the infrastructure and then lock everyone in behind you
|
![]() |
|
facialimpediment posted:BIG TECH BAD He's up for reelection to the Senate in 22, unclear if anyone in FL GOP will run against him, and IIRC the FL Dems see DeSantis the easier opponent vs Rubio. So if this blows up its unlikely to impact him in a primary in 22 and forgotten about in the 24 primaries.
|
![]() |
|
Somewhat possible that Biden was even underselling vaccine timing/availability last night too. https://twitter.com/DavidEggert00/status/1370412252562653193?s=19
|
![]() |
|
https://twitter.com/vermontgmg/status/1370395395382259717?s=21
|
![]() |
|
facialimpediment posted:Somewhat possible that Biden was even underselling vaccine timing/availability last night too. Hey, I'm an adult in Michigan!
|
![]() |
|
This is for anyone appalled at the state of our national cyber security
|
![]() |
|
Security is, and always has been, an illusion.
|
![]() |
|
How do you all expect the Exchange attack to affect regular old consumer people? I imagine if they work for any business with an internal email server they could potentially have had their emails stolen? Emails are used for 2fa a lot.. so I could also imagine hackers using email access to break into other accounts people own and start identity/monetary theft stuff. I work for a hospital, we use exchange, I haven’t heard anything about this attack except for here, but I imagine we are affected to some extent.
|
![]() |
|
Blind Rasputin posted:How do you all expect the Exchange attack to affect regular old consumer people? I imagine if they work for any business with an internal email server they could potentially have had their emails stolen? Emails are used for 2fa a lot.. so I could also imagine hackers using email access to break into other accounts people own and start identity/monetary theft stuff. I work for a hospital, we use exchange, I haven’t heard anything about this attack except for here, but I imagine we are affected to some extent. If you have email 2fa pointed at your work email, I suggest changing that. If you have said anything in a work email that can be used against you, they could in theory use that to gently caress with you. Because this wasn't a single actor, but rather a bunch of amateur actors with serious access, they might stoop to kiwifarms type bullshit. I mean, if you are entirely professional in your emails, you should be fine, but I know alot of people aren't. Oh, and they are going to have to rebuild your entire computer network because exchange has domain administration privilege, so expect some disruption. As they turn everything attached to the domain off(which is how you log into the computer itself, and access files)
|
![]() |
|
I'd assume that every company running exchange already had all your personal data stolen. Likewise some chunk of these orgs are gonna get hit with ransomware. So keep an eye on your credit and don't be surprised if your org / org you do business with gets their ops disrupted by ransomware and recovery thereof. As far as using the email access to fuss with 2fa, I would imagine that would be reserved for high value targets, C levels, finance and accounting people with access to funds, etc. Though my focus isn't threat intel so take with a grain of salt.
|
![]() |
|
drat, wow. Well luckily I’ve never used my hospital work email for anything but banal meetings and stuff. I kept my personal life all wrapped up in Gmail, which I imagine is not involved in this. This just seems like a really scary, incredibly bad deal. But moreso, it seems to highlight yet again how vulnerable our country’s infrastructure and basically means of function is to any state-actor that wants to push buttons. And yeah, seems to me that “cyberwar” is extremely one-sided. The defender doesn’t know they are going to be attacked or even often know they’ve been attacked, until after the attack. Defending against that kind of thing seems difficult to say the least.
|
![]() |
|
https://twitter.com/maggieNYT/statu...ingawful.com%2F AOC and other New York reps have told Cuomo to resign and that's his response
|
![]() |
Sounds like he's just gonna post through it.
|
|
![]() |
|
Wrong thread; Cuomo bad
|
![]() |
|
As an Italian-American I can not state emphatically enough we should return to this nation's roots of vehement anti-Italian sentiment
|
![]() |
|
So one of our friends just texted me to say her sister just got her stimulus money...that was fast.
|
![]() |
https://twitter.com/rhinosoros/status/1370440012337197056?s=20
|
|
![]() |
|
![]()
|
# ? Jun 10, 2024 20:54 |
|
If the past year has taught these people anything it’s that constituents actually do have the memory of a goldfish, and if they can lie low for about two months while the news cycle moves on to other awful societal and economic disasters the public will forget that they wanted to hold the person accountable for something. It’s disgusting.
|
![]() |