|
The Earl of ToeJam posted:Possible Zscaler data breach. Well this ruins my entire loving weekend if this is true. Cert revocation on its own would be a nightmare. Anyone using their ZIA product in dev environments knows what I am talking about.
|
# ? May 8, 2024 18:02 |
|
|
# ? May 26, 2024 09:36 |
|
Preliminary public info from Zscaler legal team is expected shortly, but my contacts definitely said "it's not nothing". poo poo.
|
# ? May 8, 2024 18:12 |
|
There's always more, and it's always worse.
|
# ? May 8, 2024 18:22 |
|
There, now we have zero trust in them. Well done lads
|
# ? May 8, 2024 18:23 |
|
The Earl of ToeJam posted:Preliminary public info from Zscaler legal team is expected shortly, but my contacts definitely said "it's not nothing". poo poo. The rumors are painful. Once that information starts circling everyone wants to start an incident with nothing actionable outside of reaching out to reps who aren't going to get back to us.
|
# ? May 8, 2024 18:34 |
|
The happiest person at zscaler is the one account rep who left on vacation yesterday.
|
# ? May 8, 2024 18:40 |
|
Sickening posted:The rumors are painful. Once that information starts circling everyone wants to start an incident with nothing actionable outside of reaching out to reps who aren't going to get back to us. Yep. Counting the minutes till someone tells me to start standing up Squid boxes to replace on-prem Zscaler...
|
# ? May 8, 2024 18:44 |
|
If anyone gets more info can you post links here plz
|
# ? May 8, 2024 19:05 |
|
Rust Martialis posted:If anyone gets more info can you post links here plz I really don't think this was a necessary request. Do you honestly think that WASN'T going to happen?
|
# ? May 8, 2024 19:07 |
|
https://trust.zscaler.com/zscaler.net/posts/18686
|
# ? May 8, 2024 19:07 |
|
Accipiter posted:I really don't think this was a necessary request. Do you honestly think that WASN'T going to happen? I'm twitchy now
|
# ? May 8, 2024 19:15 |
|
https://x.com/milkshakesbot/status/1788264515877949951 e: Can't do images right now, but the attacker confirms "begins with a z"
|
# ? May 8, 2024 19:32 |
|
Wow, really bad week for Zntrust
|
# ? May 8, 2024 20:13 |
|
some kinda jackal posted:Wow, really bad week for Zntrust Zisco
|
# ? May 8, 2024 20:18 |
|
I received an update from our rep stating no evidence of compromise to "customer and production environments". e: they added the full statement to the trust site as well. https://trust.zscaler.com/zscaler.net/posts/18686 The Earl of ToeJam fucked around with this message at 20:22 on May 8, 2024 |
# ? May 8, 2024 20:20 |
|
only $20K for that? I guess inflation hasn’t hit that market yet
|
# ? May 8, 2024 20:20 |
|
quote:UPDATE Wed, 08 May 2024 12:07:38 UTC - Zscaler’s priority is our customer and production environment and we have not discovered any evidence of incident or compromise to these environments. We are continuing our investigation and closely monitoring the situation.
|
# ? May 8, 2024 20:21 |
|
The Infosec Thread: Yes, time to move to a mountain and raise goats
|
# ? May 8, 2024 20:44 |
|
Subjunctive posted:The Infosec Thread: Yes, time to move to a mountain and raise goats GOOSE FARMER
|
# ? May 8, 2024 20:46 |
|
Alpacas
|
# ? May 8, 2024 20:48 |
|
https://seekingalpha.com/news/4102870-zscaler-tumbles-company-confirms-ongoing-investigation-possible-data-breach Pretty much the same as what we've seen so far, with the addition of info that the stock is falling.
|
# ? May 8, 2024 20:58 |
|
I mean, the stock is down 3.3% on the day, which is pretty much within its normal volatility window from looking at the last month it’s not being dumped in panic …yet?
|
# ? May 8, 2024 21:11 |
|
Subjunctive posted:The Infosec Thread: Yes, time to move to a mountain and raise goats The Infosec Thread: Teaching rocks to do math was our first mistake
|
# ? May 8, 2024 22:07 |
|
Looking hopefully like just the one day ruined for me, and not the entire weekend. quote:UPDATE [Wed, 08 May 2024 23:09:00 UTC] - Zscaler can confirm there is no impact or compromise to its customer, production and corporate environments.
|
# ? May 9, 2024 00:28 |
The Earl of ToeJam posted:Looking hopefully like just the one day ruined for me, and not the entire weekend. Did they remove that update? I don’t even see the one from a few hours ago saying they didn’t detect anything.
|
|
# ? May 9, 2024 00:49 |
|
rafikki posted:Did they remove that update? I don’t even see the one from a few hours ago saying they didn’t detect anything. Still seems to be up for me. Maybe it's blocked on your proxy?
|
# ? May 9, 2024 00:51 |
|
Smells like dev nonsense.
|
# ? May 9, 2024 00:52 |
The Earl of ToeJam posted:Still seems to be up for me. Maybe it's blocked on your proxy? Guess it was a caching issue on my phone despite refreshing.
|
|
# ? May 9, 2024 01:00 |
|
https://www.bleepingcomputer.com/news/security/zscaler-says-it-was-not-hacked-after-rumors-circulate-online/ I hope some sucker got bilked out of $20k.
|
# ? May 9, 2024 01:21 |
|
The Earl of ToeJam posted:Possible Zscaler data breach. ha ha ha ha. heh. phoooooo. I'm on vacation biiiiiiiiiitch
|
# ? May 9, 2024 03:54 |
|
Sickening posted:Smells like dev nonsense. out of curiosity, what piqued your skepticism?
|
# ? May 9, 2024 03:55 |
|
Subjunctive posted:The Infosec Thread: Yes, time to move to a mountain and raise goats I threaten to do this on a regular basis.
|
# ? May 9, 2024 06:05 |
|
Potato Salad posted:out of curiosity, what piqued your skepticism? You misunderstand me. I read the last update as some devs building dumb test poo poo in dumb loving spaces outside of normal company owned areas. Basically “gently caress following any processes, I am spinning up my own aws and doing what I want”. I hope I am right and I hope everyone involved gets ejected.
|
# ? May 9, 2024 06:22 |
|
in local news (for me lol) https://www.cbc.ca/news/canada/british-columbia/bc-premier-cyberattacks-sophisticated-1.7198501 quote:B.C.'s premier said Wednesday that the government has recently identified "sophisticated cybersecurity incidents" involving government networks. they reset all passwords for all 35,000+ public service workers suddenly last week and it was clear something was up but everyone was being so cagey
|
# ? May 9, 2024 06:43 |
|
Sickening posted:You misunderstand me. I read the last update as some devs building dumb test poo poo in dumb loving spaces outside of normal company owned areas. Following along with your hypothetical, these are the logical consequences of "our security controls don't account for the business's needs."
|
# ? May 9, 2024 12:32 |
|
WELPquote:[Access] Largest Cyber Security Company [SOLD] Accipiter fucked around with this message at 13:32 on May 9, 2024 |
# ? May 9, 2024 13:26 |
|
Blinkz0rz posted:Following along with your hypothetical, these are the logical consequences of "our security controls don't account for the business's needs." earlier this week I had a dev tell me he needed to open a storage account to the public so they could write to it from salesforcd Accipiter posted:WELP lmao
|
# ? May 9, 2024 13:28 |
|
The Fool posted:earlier this week I had a dev tell me he needed to open a storage account to the public so they could write to it from salesforcd
|
# ? May 9, 2024 13:31 |
|
Accipiter posted:WELP Very polite of them to try to blank out Ms No Reply’s email address.
|
# ? May 9, 2024 13:43 |
|
|
# ? May 26, 2024 09:36 |
So uh is zscaler owned or not
|
|
# ? May 9, 2024 14:14 |