FBI Security Alerts

Re: FBI Security Alerts

The problem is that politicians have very little control over anything in this arena because these aren't the actions of nation states. You can sanction nations for sheltering cybercriminals, but with governments that already act like criminal organisations, what good does that do?

Better to focus efforts on ensuring that the companies being hit are in some way prepared: current and tested backups, compensating controls for end of life software and systems.

Already we're seeing a move from phishing and malicious downloads to supply chain attacks like Solarwinds and Kesaya that can hit multiple targets with a single strike. More evidence that the software used to even manage networks has become complex enough that even its maintainers can keep track of it, or just how deep of a look into our networks third-party software can have.

We're just piling bandages on top of bandages on top of bleeding limbs.

Sent from my BlackBerry using Tapatalk

Re: FBI Security Alerts


You have hit the nail on the head. Things are so complex now there are too many ways to get in. Way back when in the stone age there was lotus 123 a very simplified version of Excel. It was a whopping 300k of code on a floppy. I cut my teeth on word perfect 4.2 which fit on a 5.25 floppy, probably 100k of code. Back in 97 my wife was in grad school and needed MS office. That was a whopping 200mb at the time, I about died as I only had an 800mb hdd. I booted my first computer on a 5.25 floppy using dos 3.2. What is WindBlows now? 33 gig I think.

People don't want to think, they want a machine to do their thinking. I had an 84 nissan, 5 speed, no power steering, no computer. It never saw the inside of a shop except for a transmission leak which I didn't have the tools for. Ran that sucker for 36 years before I sold it. Had a brand new Dodge a few years back, at 20k it developed an issue, they literally replaced every sensor and finally the computer, couldn't fix it. Things need to be simpler. Used to be we actually fixed copiers also, now we just slide new parts in and out.

Re: FBI Security Alerts

Thanks Biden you spineless asshole.

Sent from my SM-G960U using Tapatalk

Re: FBI Security Alerts

And the bigger software company, then longer it seems to take them to patch their vulnerabilities. An example would be the zero login vulnerability Microsoft had at one time.

I also remember 16 years ago when I was the Unit Information Manager for an Army transportation company in Iraq there was a website I could go to that listed all the known vulnerabilities for software, operating systems and browsers. It not only gave a description of the vulnerability and any work around but also when the vulnerability was first found and how soon a solution was expected. On browsers, Mozilla usually resolved an issue in a week or two, sometimes in just a few days. Microsoft on the other hand normally took months.

Re: FBI Security Alerts

Hilouiris the last LOSER you Amigos would give any excuse. No responsibly for Nothing.

Re: FBI Security Alerts

Business)The White House on Sunday urged companies who believe their systems were compromised in the ransomware attack that targeted software vendor Kaseya to immediately report it to the Internet Crime Complaint Center.

"Since Friday, the United States Government has been working across the interagency to assess the Kaseya ransomware incident and assist in the response," said Anne Neuberger, deputy national security advisor for cyber and emerging technology. "The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have been working with Kaseya and coordinating to conduct outreach to impacted victims."

REvil malware hit a wide range of IT management companies and compromised hundreds of their corporate clients late last week. The cybercriminal gang, which is believed to operate out of Eastern Europe or Russia, targeted a key software vendor known as Kaseya, whose products are widely used by IT management companies, cybersecurity experts said.

Re: FBI Security Alerts

Finally a President with BALLS

On Saturday, President Joe Biden said that the US government is not certain who is behind the attack, but he has directed federal agencies to assist in the response.

"The fact is that I directed the intelligence community to give me a deep dive on what's happened and I'll know better tomorrow. And if it is either with the knowledge of and/or the consequence of Russia, then I told Putin we will respond," Biden said Saturday, referring to his meeting with the Russian leader last month.

"We're not certain. The initial thinking it was not the Russian government but we're not sure yet," he added.

Re: FBI Security Alerts

Dispite the footprints from Russian hackers he doesn't want to piss off Vlad.... gotcha.

Sent from my SM-G960U using Tapatalk

Re: FBI Security Alerts


Unlike the past Wimp FOOL he will act if US intelligence confirmsgotcha.

Re: FBI Security Alerts

Kaseya ransomware attack: US launches investigation as gang demands giant $70 million payment

CISA warns businesses to enable and enforce multi-factor authentication for all accounts - not just privileged admin accounts.

President Biden is fully aware of the attack and promises a significant response once the offending party is verified.

... how to protect your scan to emails from your copier via 2FA or MFA is discussed in detail in the Connectivity thread under Two Factor Authentication.

Re: FBI Security Alerts

The best method for protecting accounts used for scanning and email short of MFA is to use specific accounts for those that have no access beyond what they need.

The accounts we set up for scan to folder are denied login to any computer or server on the network either through GPO in Active Directory or local security policy in workgroup accounts. The only thing they are granted access to is the Scan folder(s) they need to send documents to.

For email, a fully licensed account is used for M365 or Google with SMTP authentication enabled. No type of user account is created for the email address so that it only exists as an email account.

Sent from my BlackBerry using Tapatalk

Re: FBI Security Alerts

... many of the recent ransomware attacks seem to be directed against premise based servers and not Cloud based services.

In Canada, 55% of the time, the client has subscribed to MS365.

Many SMB businesses that I work with seem to unaware of the threats that exist out there and largely let me do anything that I want when installing a new copier.

Re: FBI Security Alerts


I have no idea if this is correct or not. What I do know is that his advice has not let me down thus far.

Re: FBI Security Alerts

Re: FBI Security Alerts

I don't think Biden is up to the job.