|
Lutha Mahtin posted:this is something that security researchers deal with all the time, even for malware that doesn't come on a piece of hardware. a decent malware writer has checks in their code to figure out if it might be running in a test environment, and it will refuse to do its tricky bits if it thinks this is the case there are devices that are basically passive taps for usb, the idea is you plug it into an actual replica of your target system (down to the hardware, no virtual machine or anything) and analyse what it does, not what's on it. that's probably a level of paranoia too high for your typical corporate "usb key found in the car park" situation, but you'd have thought the secret service and the fbi would have at least thought about this a little bit...
|
#
?
Apr 8, 2019 20:43
|
|
|
|
| # ? Jun 12, 2024 09:48 |
|
|
goddamnedtwisto posted:there are devices that are basically passive taps for usb, the idea is you plug it into an actual replica of your target system (down to the hardware, no virtual machine or anything) and analyse what it does, not what's on it. that's probably a level of paranoia too high for your typical corporate "usb key found in the car park" situation, but you'd have thought the secret service and the fbi would have at least thought about this a little bit... the FBI likely has. the USSS apparently not so much.
|
|
#
?
Apr 8, 2019 20:46
|
|
|
Raere posted:is anyone turning away from cisco given their nonstop pants on head stupid vulns or are they still worth it? I jumped from Cisco and have never looked back. Junos and Arista EoS are so much better.
|
|
#
?
Apr 8, 2019 21:14
|
|
|
Cocoa Crispies posted:lol thanks but yeah someone else informed me when I used that joke after they bought nginx It was a pretty good joke 
|
|
#
?
Apr 8, 2019 21:15
|
|
|
Juniper is dandy if all you need to do is move a poo poo ton of packets cheaply but their security offerings are dogshit
|
|
#
?
Apr 8, 2019 21:16
|
|
|
BangersInMyKnickers posted:Juniper is dandy if all you need to do is move a poo poo ton of packets cheaply but their security offerings are dogshit Modern Network Security is trash, and the sooner people move to a zero trust network the better. For a zero trust network, SRXs are great.
|
|
#
?
Apr 8, 2019 21:18
|
|
|
ate poo poo on live tv posted:Modern Network Security is trash, and the sooner people move to a zero trust network the better. For a zero trust network, SRXs are great. Ding ding ding. Zero trust all the way for me.
|
|
#
?
Apr 8, 2019 21:35
|
|
|
ate poo poo on live tv posted:Modern Network Security is trash, and the sooner people move to a zero trust network the better. For a zero trust network, SRXs are great. You still need some kind of border firewall and maybe IPS to keep the internet from thrashing your routing core with unmitigated garbage and Juniper can't do those roles well.
|
|
#
?
Apr 8, 2019 21:37
|
|
|
BangersInMyKnickers posted:You still need some kind of border firewall and maybe IPS to keep the internet from thrashing your routing core with unmitigated garbage and Juniper can't do those roles well. I kind of assumed he included those 
|
|
#
?
Apr 8, 2019 21:48
|
|
|
goddamnedtwisto posted:there are devices that are basically passive taps for usb, the idea is you plug it into an actual replica of your target system (down to the hardware, no virtual machine or anything) and analyse what it does, not what's on it. that's probably a level of paranoia too high for your typical corporate "usb key found in the car park" situation, but you'd have thought the secret service and the fbi would have at least thought about this a little bit... oh, cool, question answered, you can just snoop the USB mass storage traffic and build up a disk image from there
|
|
#
?
Apr 8, 2019 21:55
|
|
|
https://www.cbc.ca/news/canada/ottawa/city-treasurer-sent-100k-to-fraudster-1.5088744quote:City treasurer Marian Simulik fell for a "fake CEO scam" and wired more than $100,000 to a fraudster last summer, Ottawa's audit committee heard Monday afternoon. oh boy technology, that thing that definitely fixes hte problem of people doing unwise things
|
|
#
?
Apr 8, 2019 21:58
|
|
|
Lutha Mahtin posted:this is something that security researchers deal with all the time, even for malware that doesn't come on a piece of hardware. a decent malware writer has checks in their code to figure out if it might be running in a test environment, and it will refuse to do its tricky bits if it thinks this is the case I liked the one that was flash embedded in a word document and they put it on the third page so it would never be picked up by sandboxing but it had an extremely high hit rate with actual people because if you see more than one blank page the first thing you do is scroll down
|
|
#
?
Apr 8, 2019 22:46
|
|
|
Really loving ballsy for them to go after a government. it's like the only actor which would have the legal authority, international connections, and sheer vindictiveness to track your rear end down.
|
|
#
?
Apr 8, 2019 22:47
|
|
|
Shifty Pony posted:Really loving ballsy for them to go after a government. it's like the only actor which would have the legal authority, international connections, and sheer vindictiveness to track your rear end down. Most of these places have Fraud/Security insurance for a reason.
|
|
#
?
Apr 8, 2019 22:49
|
|
|
flakeloaf posted:https://www.cbc.ca/news/canada/ottawa/city-treasurer-sent-100k-to-fraudster-1.5088744 when i read "bank account being monitored by the secret service" i assumed the next line was going to be "who asked them to send the money again so they could trace it, then three more times"
|
|
#
?
Apr 8, 2019 22:53
|
|
|
Shifty Pony posted:the FBI likely has. the USSS apparently not so much. It's possible people could be this stupid, but it's also just as likely this never even happened or they did it on purpose so they could describe scary-sounding hacker things happening.
|
|
#
?
Apr 8, 2019 23:31
|
|
|
ErIog posted:It's possible people could be this stupid, but it's also just as likely this never even happened or they did it on purpose so they could describe scary-sounding hacker things happening. https://twitter.com/nycsouthpaw/status/1115382149379653634
|
|
#
?
Apr 8, 2019 23:39
|
|
|
agent ivanovich is not the sharpest tool in the shed
|
|
#
?
Apr 9, 2019 00:58
|
|
|
huh, turns out Skyfall was realistic
|
|
#
?
Apr 9, 2019 03:11
|
|
|
~Coxy posted:huh, turns out Skyfall was realistic autorun still works on modern Windows PCs?  like that part sounds a bit sketchy to me. I thought having software run after you pop in removable media was disabled in windows a long time ago My Linux Rig fucked around with this message at 03:39 on Apr 9, 2019 |
|
#
?
Apr 9, 2019 03:36
|
|
|
I think windows nwo asks you if you want to autorun or open
|
|
#
?
Apr 9, 2019 03:37
|
|
|
Celexi posted:I think windows nwo asks you if you want to autorun or open lol so basically their agents just clicked autorun without thinking? yikes
|
|
#
?
Apr 9, 2019 03:40
|
|
|
no it was more likely a rubber ducky style device that pretends to be a keyboard
|
|
#
?
Apr 9, 2019 03:44
|
|
|
some goon discord bot was compromised and used to doxx multiple people with threats of swatting, apparently.
|
|
#
?
Apr 9, 2019 04:26
|
|
|
How does a discord bot doxx you, are goon communities requiring full name, address and ssn for identity verification? 
|
|
#
?
Apr 9, 2019 04:34
|
|
|
baram. posted:some goon discord bot was compromised and used to doxx multiple people with threats of swatting, apparently. how does that even work? access to private servers/rooms or something?
|
|
#
?
Apr 9, 2019 04:38
|
|
|
goddamnedtwisto posted:there are devices that are basically passive taps for usb, the idea is you plug it into an actual replica of your target system (down to the hardware, no virtual machine or anything) and analyse what it does, not what's on it. that's probably a level of paranoia too high for your typical corporate "usb key found in the car park" situation, but you'd have thought the secret service and the fbi would have at least thought about this a little bit... USB bus analysers are crazy expensive, or were last time I purchased one. I can't imagine any agency would be able to justify the cost of testing every USB device they process on something like that. Even if they did, a 10 minute delay on the hub becoming active would defeat it. Good idea, but I have no idea how you could scale it to the needs of an investigative body.
|
|
#
?
Apr 9, 2019 09:47
|
|
|
SeaborneClink posted:How does a discord bot doxx you, are goon communities requiring full name, address and ssn for identity verification?
|
|
#
?
Apr 9, 2019 11:19
|
|
|
yoloer420 posted:USB bus analysers are crazy expensive, or were last time I purchased one. I can't imagine any agency would be able to justify the cost of testing every USB device they process on something like that. Even if they did, a 10 minute delay on the hub becoming active would defeat it. Well a bit of triage is needed. USB in a pile of USBs hidden in the wall of someone you just raided after tracking pedo poo poo to their IP address? throw it on the secure duplicator. USB from a suspected spy with five cell phones, $7500 in cash that they lied to you about, and hidden camera detection equipment? be pretty drat careful.
|
|
#
?
Apr 9, 2019 11:40
|
|
|
lol the symantec firewall has to make disk calls to open ports good lord this stupid product
|
|
#
?
Apr 9, 2019 13:47
|
|
|
Meh they should just get the audio from the listening devices she was wearing
|
|
#
?
Apr 9, 2019 14:51
|
|
|
it's me, the interviewer who doesn't personally verify the recording before every interview i was a loving dismal interrogator but that part even i could get right
|
|
#
?
Apr 9, 2019 15:19
|
|
|
Perplx posted:the real question is did it use an old exploit, a new exploit or did it emulate a keyboard you can get a flash drive to auto-run like a CD in windows still, right? i bet it was that  e: lol i should scroll up more Shame Boy fucked around with this message at 15:24 on Apr 9, 2019 |
|
#
?
Apr 9, 2019 15:20
|
|
|
flakeloaf posted:oh boy technology, that thing that definitely fixes hte problem of people doing unwise things hi im real ceo man please give me all the money in bitcoins i'm also away on very important ceo business which is why my email is external but it's important that the money happens quick for the important business!!! see here is proof that i'm out of the office: sent form my ipone
|
|
#
?
Apr 9, 2019 15:27
|
|
|
Perplx posted:the real question is did it use an old exploit, a new exploit or did it emulate a keyboard It's not like finding a 0-day vulnerability in locked up-to-date iphones or something.
|
|
#
?
Apr 9, 2019 15:41
|
|
|
you would have thought that an agent tasked with analysing a usb device of a foreign agent would be doing something more sophisticated than just plugging it into windows 10 and seeing what happened.
|
|
#
?
Apr 9, 2019 21:24
|
|
|
Chalks posted:you would have thought that an agent tasked with analysing a usb device of a foreign agent would be doing something more sophisticated than just plugging it into windows 10 and seeing what happened. "YOLO" --The Secret Service
|
|
#
?
Apr 9, 2019 21:39
|
|
|
if I was a nation state and I haven’t already owned mar a lago I’m definitely gonna do it like, next week
|
|
#
?
Apr 9, 2019 23:18
|
|
|
flakeloaf posted:i was a loving dismal interrogator but that part even i could get right Wait, what?
|
|
#
?
Apr 10, 2019 00:21
|
|
|
|
| # ? Jun 12, 2024 09:48 |
|
|
Squinky v2.0 posted:if I was a nation state and I haven’t already owned mar a lago I’m definitely gonna do it like, next week seems like it would be easiest to just pay one of the many almost certainly sub minimal wage employees to plant something tbh
|
|
#
?
Apr 10, 2019 00:22
|
|
