Scruff McGruff posted:Krebs has an article up already with some more details I didn't see it mentioned in there but I'm seeing elsewhere that the flaw being exploited was one that was in the NSA hacking tools dump, but yeah, it's already been patched.
|
|
# ? May 12, 2017 21:07 |
|
|
# ? May 30, 2024 05:49 |
|
My coworkers are freaking out because they claim that "connecting to any public wifi network" will get you infected Obvious hyperbole aside, I wonder if this is also targeting consumer devices, or only enterprise ones? The article does mention that the ransomware seeks out other devices on the local network so uhh idk I just wanna go home and make sure that my PC is up to date...
|
# ? May 12, 2017 21:30 |
|
KingSlime posted:My coworkers are freaking out because they claim that "connecting to any public wifi network" will get you infected Just back up anything important, whether to an actual backup service or just tossing it on a drive that you then put somewhere. Then if you do get hit with encryption ransomware you flatten and reinstall.
|
# ? May 12, 2017 21:55 |
|
Slime posted:Just back up anything important, whether to an actual backup service or just tossing it on a drive that you then put somewhere. Then if you do get hit with encryption ransomware you flatten and reinstall. But also keep up to date...
|
# ? May 12, 2017 22:20 |
|
The German Embassy in the United States is most certainly not commenting on any current political events. https://twitter.com/GermanyinUSA/status/863130108944670720 Edit: hey, stop pointing at me, Nelson. Mister Mind has a new favorite as of 22:27 on May 12, 2017 |
# ? May 12, 2017 22:24 |
|
Slime posted:Just back up anything important, whether to an actual backup service or just tossing it on a drive that you then put somewhere. Then if you do get hit with encryption ransomware you flatten and reinstall. No, "just" backing up will not save you. Most people thinks that backing up to a live USB disk or storing things in the Apple cloud will protect them. These will be automatically defeated by standard ransomware (the backups will be encrypted as well). More advanced ransomware will even destroy simple cloud backup solutions. A disconnected disk will work, but what's the chance you backed up 1) recently and 2) didn't connect the disk after getting infected? A proper backup which keeps multiple versions and doesn't allow you to delete older versions will also work. Currently, Dropbox will actually save you (it keeps a 30 days history you cannot just get rid of), but if people become aware of that, I'm sure ransomware will work around this.
|
# ? May 12, 2017 22:42 |
|
Also the amount of people complaining or trying to disable auto updates... take heed
|
# ? May 12, 2017 22:52 |
|
Avenging_Mikon posted:There's a difference between the data being compromised (viewed by 3rd parties) and getting cryptolockered. So no, there's not necessarily evidence. If the program has access to encrypt all the data, it has access to view all the data. We don’t know that the criminals were specifically interested in the personal health information data, but they absolutely are capable of reading/publishing it.
|
# ? May 12, 2017 23:20 |
|
|
# ? May 12, 2017 23:30 |
|
djssniper posted:Also the amount of people complaining or trying to disable auto updates... take heed No kidding though....everyone seems to know what's best when it comes to Windows and circumventing its annoying habits but this incident is a refreshing reminder that no, you absolutely do not know better (unless you're a trained professional in a relevant area, no I don't consider general IT to fall under this umbrella).
|
# ? May 12, 2017 23:33 |
|
I know better than to let windows restart while I have a video paused overnight or I'm downloading something. There are lots of reasons why windows auto restarting for updates was a terrible idea.
|
# ? May 12, 2017 23:38 |
|
Platystemon posted:If the program has access to encrypt all the data, it has access to view all the data. Only if it was capable of transmitting data. I've seen more systems with better exfiltration protection than infiltration. Cryptolockers are scripts, after all, not monitored programs.
|
# ? May 12, 2017 23:40 |
|
Avenging_Mikon posted:Only if it was capable of transmitting data. I've seen more systems with better exfiltration protection than infiltration. Cryptolockers are scripts, after all, not monitored programs. Okay, that’s possible. But I still contend that the fact that the malware is on the system is pretty decent evidence that the data is compromised. Maybe they got lucky, but don’t count on it.
|
# ? May 12, 2017 23:44 |
|
KingSlime posted:No kidding though....everyone seems to know what's best when it comes to Windows and circumventing its annoying habits but this incident is a refreshing reminder that no, you absolutely do not know better (unless you're a trained professional in a relevant area, no I don't consider general IT to fall under this umbrella). gently caress that, I know that when I shut down my PC to lock it in my drawer and go home at 17:30, I absolutely do not want Windows saying "hurrr now I'm going to spend 20 minutes patching! Don't turn off your PC and be sure to like and subscribe!", nor removing the ability for me (even by using shutdown /s /f /t 0) to cleanly shut down this time and do the updates next time. My laptop will be powered off and locked in a cabinet until Monday. No one's going to hack my gibson before I get back to work after the weekend, Microsoft. Pop up a notification during the day and give me the option to run the updates during the afternoon while I go get a coffee or something, but this force-update-on-shutdown poo poo is ridiculous. (yes I know that properly-configured GPOs would fix that but that's not my department) I absolutely know better about when I need my PC and when I don't need my PC, so MS can go eat all of the dicks on this one.
|
# ? May 13, 2017 00:12 |
|
It's a party crasher! Meanwhile: Do not roar at tigers... https://www.youtube.com/watch?v=z5CfFXHpHfY&t=18s
|
# ? May 13, 2017 00:22 |
|
Weatherman posted:gently caress that, I know that when I shut down my PC to lock it in my drawer and go home at 17:30, I absolutely do not want Windows saying "hurrr now I'm going to spend 20 minutes patching! Don't turn off your PC and be sure to like and subscribe!", nor removing the ability for me (even by using shutdown /s /f /t 0) to cleanly shut down this time and do the updates next time. It'll shut down when it's done, why can't you just lock it in your drawer while it's updating and leave?
|
# ? May 13, 2017 00:27 |
|
RyokoTK posted:It'll shut down when it's done, why can't you just lock it in your drawer while it's updating and leave? Power/air flow/network access?
|
# ? May 13, 2017 00:34 |
|
My drawers are wired for internet.
|
# ? May 13, 2017 00:58 |
|
RyokoTK posted:It'll shut down when it's done, why can't you just lock it in your drawer while it's updating and leave? Because many people shut off the power when they leave, cause often it's not just powering your pc?
|
# ? May 13, 2017 01:00 |
|
|
# ? May 13, 2017 01:11 |
|
so this is what Spicer was doing during his break this week.
|
# ? May 13, 2017 01:13 |
Lil Bow Wow was caught lying about taking a private plane. The Internet heard about this and responded: http://www.boredpanda.com/rapper-bow-wow-challenge/
|
|
# ? May 13, 2017 01:36 |
|
I have so many unanswered questions about this.
|
# ? May 13, 2017 01:51 |
Pigsfeet on Rye posted:I have so many unanswered questions about this. Like how on earth do you stop action like that in firelight? What was he shooting, ISO 9000?
|
|
# ? May 13, 2017 02:18 |
|
Pigsfeet on Rye posted:I have so many unanswered questions about this. A man cosplaying a gender swapped Robin mountain bikes into a fire pit at a party. What's so strange about any of it?
|
# ? May 13, 2017 02:22 |
|
Honestly sounds like something my friends would do.
|
# ? May 13, 2017 02:29 |
|
Platystemon posted:If the program has access to encrypt all the data, it has access to view all the data. They can 'read' the data off the drive, but if the admins are competent then it was stored encrypted. It's not viewable. Also, while the trojan got inside the network it doesn't necessarily follow that it was able to open a channel to download the data to the outside. Nighthand posted:Also some of the older crypto-variants you can't even pay the ransom because the process got shut down. If you're ever hit by crypto and don't have backups, better hope it's a newer still-alive variant! You can still pay the ransom! (You just won't receive a key.)
|
# ? May 13, 2017 02:42 |
|
Data Graham posted:Like how on earth do you stop action like that in firelight? What was he shooting, ISO 9000? With a flash.
|
# ? May 13, 2017 03:01 |
|
Avenging_Mikon posted:A lot of places don't see IT infrastructure as anything but a black hole you put money in and get nothing out, so they minimize that expenditure. When everything works: "what do we even pay you for?" When nothing works: "what do we even pay you for?"
|
# ? May 13, 2017 04:57 |
|
Platystemon posted:If the program has access to encrypt all the data, it has access to view all the data. No, that doesn't follow. The data could be in encrypted files. The ransomware double-encrypts them, making them inaccessible, but it doesn't need to be able to decrypt the files or view their contents to do that.
|
# ? May 13, 2017 05:01 |
|
Data Graham posted:Like how on earth do you stop action like that in firelight? What was he shooting, ISO 9000? Modern digital SLRs go up to ISO 100,000+ and also flash units are things that exist.
|
# ? May 13, 2017 05:06 |
|
Data Graham posted:Like how on earth do you stop action like that in firelight? What was he shooting, ISO 9000? There’s a flash coming from the top of the camera. Look at the shadows of his arm and hand.
|
# ? May 13, 2017 05:44 |
|
https://giant.gfycat.com/EnviousMagnificentAtlasmoth.webm
|
# ? May 13, 2017 06:36 |
|
Holy gently caress that is big.
|
# ? May 13, 2017 06:43 |
|
Teddybear posted:I remember reading one where you had to score a certain amount of points in a loving Touhou shooter to unlock your files. He had done it as a joke and when it ended up released because he hosed up, he apologized and pretty quickly released a bypass for it (basically it tricked his own program that you had scored the threshold value in whatever weird game it was). https://arstechnica.com/gaming/2017/04/do-you-want-to-play-a-game-ransomware-asks-for-high-score-instead-of-money/
|
# ? May 13, 2017 07:03 |
|
LOL phone posters are gonna crash.
|
# ? May 13, 2017 07:16 |
|
Don't gently caress with Sean Spicer.
|
# ? May 13, 2017 07:59 |
|
gently caress it, just apply update, back your poo poo up and stop putting important poo poo on your computer. And if 5 loving minutes of updates is enough to ruin your night, get a loving grip, and put on your big boy and girl pants, and do your loving job. Jesus, just watch a YouTube video or something holy poo poo. Wasabi the J has a new favorite as of 10:39 on May 13, 2017 |
# ? May 13, 2017 10:32 |
|
Using up‐to‐date software is the most important thing. Your machine isn’t valuable enough to be at risk of a targeted attack, but if there’s a known hole, it’s only a matter of time because something enters through it.
|
# ? May 13, 2017 10:40 |
|
|
# ? May 30, 2024 05:49 |
|
my car has a warning light telling me to check the engine, so i started parking it by slamming it into walls. idiot hellbox trying to tell me how to live my life, gently caress that noise
|
# ? May 13, 2017 10:45 |