|
nyp
|
# ? Feb 28, 2022 19:01 |
|
|
# ? May 25, 2024 20:19 |
|
https://www.rfi.fr/en/toyota-halts-japan-plants-after-reported-cyber-attack Some details in here but not much yet.
|
# ? Feb 28, 2022 21:24 |
|
Nukelear v.2 posted:On the Cloud end of VM, I've been playing with Orca and Wiz lately. Their workflows for finding and prioritizing vulnerabilities and automating Slack/Jira/ServiceNow alerting is pretty slick.
|
# ? Mar 1, 2022 21:26 |
|
https://twitter.com/AgainstTheWest_/status/1498728845041672194 I guess we'll be seeing more of this stuff, than less, right now.
|
# ? Mar 1, 2022 22:58 |
|
the russian bank is the less worrying leak from anonymous https://twitter.com/AnonUkraine_/status/1498773498713497600
|
# ? Mar 1, 2022 23:33 |
|
It looks like a particle accelerator. I mean it’s not great, presumably you can’t do much with that specific UI but who knows what SCADA is actually exposed. You might be able to damage the equipment but you’re not going to trigger the next chernobyl with that interface. I did work in a particle accelerator in the late 90s for a little bit and I don’t remember there being much risk of the town going up, but I’m not going to cite myself as any sort of authority on this. It’s been far far far too long since I had anything interesting to say in that space. Thaaaaaat said, for every uninteresting SCADA interface you find I wouldn’t be surprised if there were like five more which ARE actually worrisome somewhere nearby.
|
# ? Mar 2, 2022 01:00 |
|
some kinda jackal posted:Thaaaaaat said, for every uninteresting SCADA interface you find I wouldn’t be surprised if there were like five more which ARE actually worrisome somewhere nearby.
|
# ? Mar 2, 2022 01:10 |
|
yeah, even IF you got into the SCADA systems of a normal power reactor, if anything goes funky they just shut down the reactor and start emergency cooling systems. And most power reactors, the SCADA for the reactor (if it has digital systems) is completely air gapped.
|
# ? Mar 2, 2022 03:51 |
SCADA systems always remind me of the best fact about SCADA: Too many people thinks it's okay to make them accessible from the web without any authentication. That's all you need to know about SCADA.
|
|
# ? Mar 2, 2022 06:44 |
|
Talk about SCADAfreude.
|
# ? Mar 2, 2022 07:51 |
|
I worked on so many bad SCADA systems in my time as a government employee. Just off the top of my head favorites included:
|
# ? Mar 2, 2022 12:30 |
|
I could just be talking garbage, but is there any reason why basic functions like filling a water tower with a pump couldn't be performed by programming the PLC, flipping a switch to make the code read only while providing outputs to allow process monitoring, and isolating the whole lot on a network that never sees the Internet? Or is it just a case of people writing code until it works, calling it done, no ongoing maintenance contracts agreed and local tech support people 'solving' problems by chucking in broadband links and desktop PCs running remote access software?
|
# ? Mar 2, 2022 12:57 |
|
Thanks Ants posted:I could just be talking garbage, but is there any reason why basic functions like filling a water tower with a pump couldn't be performed by programming the PLC, flipping a switch to make the code read only while providing outputs to allow process monitoring, and isolating the whole lot on a network that never sees the Internet? Or is it just a case of people writing code until it works, calling it done, no ongoing maintenance contracts agreed and local tech support people 'solving' problems by chucking in broadband links and desktop PCs running remote access software? Basic functions could absolutely be performed as you described. The problem I encountered over and over again is that these small cities would spend most of their budget on the basic hardware, SCADA was an afterthought, and security of the system a mere glimmer in the mind. Most of these are setup by smaller rinky dink HVAC or plumbing companies, and if you're lucky the installer has some basic IT knowledge. So while the hardware is in place the SCADA software/systems is setup following the most basic of configs, like following the instructions for a home router setup basic, and any deviation from that will piss off the installer, because again they barely understand how it works and just followed the basic setup instructions without understanding any of the why. I'd see "servers" that were off the shelf computers from best buy running a home OS with all the garbage that comes with that. Most often setup with some lovely free remote access software. And every public works guy out there needs/wants to be able to hit it from their phone. Most of the time the best I could do is isolate these poo poo heaps from the rest of the network while still following orders and making it internet accessible. At least that way when it went down the damage was limited. In some cases like the water tower example, it was noticeable by the public, and the city council made funds available to actually improve the system. Hired an actual professional integrator who worked with us and setup a modern, secure system. That rarely happens though. EDIT: Another thing came to mind. When some of these systems would inevitably go down, public works staff would just manually drive to sites to check things and adjust as needed. So most of the time if stuff did go down the city water supply wasnt at risk of shutting down, it was just way more labor intensive. Occasionally after having staff work a weekend and paying overtime we'd get them to consider safeguarding and improving these systems but that was pretty rare. The one weekend a month of overtime was still cheaper short term than hiring a SCADA integrator. BaseballPCHiker fucked around with this message at 13:18 on Mar 2, 2022 |
# ? Mar 2, 2022 13:15 |
|
Thanks Ants posted:I could just be talking garbage, but is there any reason why basic functions like filling a water tower with a pump couldn't be performed by programming the PLC, flipping a switch to make the code read only while providing outputs to allow process monitoring, and isolating the whole lot on a network that never sees the Internet?
|
# ? Mar 2, 2022 13:23 |
|
Yeah from all my experiences with aforementioned academic accelerator bla bla, I think the people who are responsible for said SCADA give it zero thought other than "it's there, and I want to use it, sometimes from home" Of course this was also the era where my University just handed out publicly routable IPs on their /16 when you put a fancy new computer in your lab or office so it's not like "do I make it public" was much of a decision. Really and truly glad I wasn't on their IT squad back in the 90s. I would like to presume there was some basic firewalling going on but I distinctly remember opening up 80 and running an IRC server on my office desktop so yeah..
|
# ? Mar 2, 2022 13:25 |
|
The other thing is SCADA often doesn't include built in mechanical safeties like safety vales, relief valves, burst valves, etc that can prevent dangerous conditions even if you do a bunch of muck in the SCADA system, and are often not connected. If the safety system at a reactor decides that its no longer safe to run the reactor, the operator is going to shut it down. This is party of why the human factor is always going to be critical even in digitally controlled industrial systems: They are often a factor of safety in ensuring nothing goes too wrong.
|
# ? Mar 2, 2022 18:30 |
|
Dumb question: Is #againstthewes a typo, or am I missing something?
|
# ? Mar 2, 2022 19:41 |
|
Tapedump posted:Dumb question: Is #againstthewes a typo, or am I missing something? Who the hell is Thewes?
|
# ? Mar 2, 2022 20:12 |
|
who is wes?!
|
# ? Mar 2, 2022 20:33 |
|
CLAM DOWN posted:who is wes?!
|
# ? Mar 2, 2022 20:58 |
|
Hughmoris posted:Who the hell is Thewes? And with his mighty thewes, Travis Ormandy sundered all encryption forever
|
# ? Mar 2, 2022 21:41 |
|
Arivia posted:Travis Ormandy Tavis
|
# ? Mar 3, 2022 08:11 |
Travis Ormandy is the North-British long-lost twin of Tavis Ormandy.
|
|
# ? Mar 3, 2022 13:49 |
|
Anyone else seen an increase in phishing of like... 400%+ since the Russian invasion? Our e-mail scanners are having a complete field day. I work for a European company.
|
# ? Mar 3, 2022 23:51 |
FungiCap posted:Anyone else seen an increase in phishing of like... 400%+ since the Russian invasion? Our e-mail scanners are having a complete field day. I work for a European company. i've heard from two different techs at a company that A:phishing has almost vanished since russia cut off their own internet!! and B: they've been having constant issues, guess russia has stepped up their game!! so here at least im just assuming it's confirmation bias or something, those two both work in the same team doing the same thing on alternating day shifts lol
|
|
# ? Mar 4, 2022 00:02 |
|
I think usaa just got owned. Beware if that is your bank.
|
# ? Mar 4, 2022 00:50 |
|
Russia didn't cut off their internet?
|
# ? Mar 4, 2022 00:51 |
|
I'm not sure why people think that Russia cutting off the internet from the general populace would impact their gov sponsored campaigns that are proxied in countries across the world tbh. Edit: They didnt even cut off their internet so I'm double confused. FungiCap fucked around with this message at 00:55 on Mar 4, 2022 |
# ? Mar 4, 2022 00:52 |
Sickening posted:I think usaa just got owned. Beware if that is your bank. It is. What specifically about it? e: I see a bunch of mentions on Twitter about problems logging in but I seem ok mobile at least. rafikki fucked around with this message at 01:01 on Mar 4, 2022 |
|
# ? Mar 4, 2022 00:57 |
|
rafikki posted:It is. What specifically about it? My ceo was just hit by a very advanced social engineering attempt who had way more usaa info the what would be possible without a breach or otherwise phished info. Other Employees are reporting similar things. Their front door just went down.
|
# ? Mar 4, 2022 01:13 |
|
Yeah something is going on with USAA. Heard from a coworker that is in InfoSec finance that I use to work with, some FINRA members are apparently discussing it. No clue super vague right now.
|
# ? Mar 4, 2022 01:41 |
|
BaseballPCHiker posted:Yeah something is going on with USAA. Heard from a coworker that is in InfoSec finance that I use to work with, some FINRA members are apparently discussing it. No clue super vague right now. Isn't USAA the bank for military/family? e: lol false flag, oorah e2: they're owned by Schwab now, who I used to work for, I should know this
|
# ? Mar 4, 2022 02:02 |
|
BaseballPCHiker posted:Yeah something is going on with USAA. Heard from a coworker that is in InfoSec finance that I use to work with, some FINRA members are apparently discussing it. No clue super vague right now. Not my bank but hopefully my insurance company is spun off and insulated
|
# ? Mar 4, 2022 02:39 |
I do everything with USAA. Their customer service has gotten pretty bad so if they really got owned time for a new bank I guess.
|
|
# ? Mar 4, 2022 02:45 |
|
i just got two phishing emails from Schwab with straight up malware pdf links edit: nothing from USAA though, can't say it is related brains fucked around with this message at 13:22 on Mar 4, 2022 |
# ? Mar 4, 2022 13:18 |
|
I have USAA and have not heard anything yet or seen anything weird.
|
# ? Mar 4, 2022 15:45 |
|
CommieGIR posted:I have USAA and have not heard anything yet or seen anything weird. Check the timeline for people posting about USAA on twitter. Things are looking spooky.
|
# ? Mar 4, 2022 15:59 |
|
Sickening posted:Check the timeline for people posting about USAA on twitter. Things are looking spooky. No, I do see the posts, but I'm not seeing anything in USAA itself. But if it does turn out to be a breach and they were not transparent, yeah that's gonna be a deal killer. E: I logged onto my account, I can see everything, but the....UI has entirely changed? They do say its a new homepage, its massively simplified. Right now its looking more like a really bad app rollout than a hack. CommieGIR fucked around with this message at 16:24 on Mar 4, 2022 |
# ? Mar 4, 2022 16:21 |
|
FungiCap posted:Anyone else seen an increase in phishing of like... 400%+ since the Russian invasion? Our e-mail scanners are having a complete field day. I work for a European company. I can say that for myself personally, the amount of phishing/impersonation scam emails, phone calls, AND texts has gone up about 10x this week from what I usually get. Usually get 1 or 2 spam phone calls a month, yesterday I got 4. Also most of the phishing emails have been Norton Antivirus related, lol.
|
# ? Mar 4, 2022 16:29 |
|
|
# ? May 25, 2024 20:19 |
|
gently caress me, are there literally any good American banks
|
# ? Mar 4, 2022 17:02 |