FBI Security Alerts

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • rthonpm
    Field Supervisor

    2,500+ Posts
    • Aug 2007
    • 2848

    #76
    Re: FBI Security Alerts

    The problem is that politicians have very little control over anything in this arena because these aren't the actions of nation states. You can sanction nations for sheltering cybercriminals, but with governments that already act like criminal organisations, what good does that do?

    Better to focus efforts on ensuring that the companies being hit are in some way prepared: current and tested backups, compensating controls for end of life software and systems.

    Already we're seeing a move from phishing and malicious downloads to supply chain attacks like Solarwinds and Kesaya that can hit multiple targets with a single strike. More evidence that the software used to even manage networks has become complex enough that even its maintainers can keep track of it, or just how deep of a look into our networks third-party software can have.

    We're just piling bandages on top of bandages on top of bleeding limbs.

    Sent from my BlackBerry using Tapatalk

    Comment

    • tonerhead
      Senior Tech

      500+ Posts
      • Sep 2009
      • 582

      #77
      Re: FBI Security Alerts

      Originally posted by rthonpm
      The problem is that politicians have very little control over anything in this arena because these aren't the actions of nation states. You can sanction nations for sheltering cybercriminals, but with governments that already act like criminal organisations, what good does that do?

      Better to focus efforts on ensuring that the companies being hit are in some way prepared: current and tested backups, compensating controls for end of life software and systems.

      Already we're seeing a move from phishing and malicious downloads to supply chain attacks like Solarwinds and Kesaya that can hit multiple targets with a single strike. More evidence that the software used to even manage networks has become complex enough that even its maintainers can keep track of it, or just how deep of a look into our networks third-party software can have.

      We're just piling bandages on top of bandages on top of bleeding limbs.

      Sent from my BlackBerry using Tapatalk

      You have hit the nail on the head. Things are so complex now there are too many ways to get in. Way back when in the stone age there was lotus 123 a very simplified version of Excel. It was a whopping 300k of code on a floppy. I cut my teeth on word perfect 4.2 which fit on a 5.25 floppy, probably 100k of code. Back in 97 my wife was in grad school and needed MS office. That was a whopping 200mb at the time, I about died as I only had an 800mb hdd. I booted my first computer on a 5.25 floppy using dos 3.2. What is WindBlows now? 33 gig I think.

      People don't want to think, they want a machine to do their thinking. I had an 84 nissan, 5 speed, no power steering, no computer. It never saw the inside of a shop except for a transmission leak which I didn't have the tools for. Ran that sucker for 36 years before I sold it. Had a brand new Dodge a few years back, at 20k it developed an issue, they literally replaced every sensor and finally the computer, couldn't fix it. Things need to be simpler. Used to be we actually fixed copiers also, now we just slide new parts in and out.
      I've proved mathematics wrong. 1 + 1 doesn't always equal 2.........


      Especially when it comes to sex

      Comment

      • Phil B.
        Field Supervisor

        10,000+ Posts
        • Jul 2016
        • 22798

        #78
        Re: FBI Security Alerts

        Originally posted by SalesServiceGuy
        Large Florida school district hit by ransomware attack, hackers demanded $40M

        The district initially had 'no intention' of paying the ransom, but after two weeks, offered to pay $500G


        The computer system hacked
        Broward County Public Schools said in a statement Thursday that there is no indication that any personal information has been stolen and that it made no extortion payment to the ransomware gang, which as an apparent pressure tactic last week posted screenshots of its online negotiations with the district to its site on the dark web.

        The FBI usually investigates such attacks, but said Thursday it would not confirm if it was investigating this one.

        Thanks Biden you spineless asshole.

        Sent from my SM-G960U using Tapatalk

        Comment

        • slimslob
          Retired

          Site Contributor
          25,000+ Posts
          • May 2013
          • 37289

          #79
          Re: FBI Security Alerts

          Originally posted by rthonpm
          The problem is that politicians have very little control over anything in this arena because these aren't the actions of nation states. You can sanction nations for sheltering cybercriminals, but with governments that already act like criminal organisations, what good does that do?

          Better to focus efforts on ensuring that the companies being hit are in some way prepared: current and tested backups, compensating controls for end of life software and systems.

          Already we're seeing a move from phishing and malicious downloads to supply chain attacks like Solarwinds and Kesaya that can hit multiple targets with a single strike. More evidence that the software used to even manage networks has become complex enough that even its maintainers can keep track of it, or just how deep of a look into our networks third-party software can have.

          We're just piling bandages on top of bandages on top of bleeding limbs.

          Sent from my BlackBerry using Tapatalk
          And the bigger software company, then longer it seems to take them to patch their vulnerabilities. An example would be the zero login vulnerability Microsoft had at one time.

          I also remember 16 years ago when I was the Unit Information Manager for an Army transportation company in Iraq there was a website I could go to that listed all the known vulnerabilities for software, operating systems and browsers. It not only gave a description of the vulnerability and any work around but also when the vulnerability was first found and how soon a solution was expected. On browsers, Mozilla usually resolved an issue in a week or two, sometimes in just a few days. Microsoft on the other hand normally took months.

          Comment

          • bsm2
            IT Manager

            25,000+ Posts
            • Feb 2008
            • 29827

            #80
            Re: FBI Security Alerts

            Originally posted by Phil B.
            Thanks Biden

            Sent from my SM-G960U using Tapatalk
            Hilouiris the last LOSER you Amigos would give any excuse. No responsibly for Nothing.

            Comment

            • bsm2
              IT Manager

              25,000+ Posts
              • Feb 2008
              • 29827

              #81
              Re: FBI Security Alerts

              Business)The White House on Sunday urged companies who believe their systems were compromised in the ransomware attack that targeted software vendor Kaseya to immediately report it to the Internet Crime Complaint Center.

              "Since Friday, the United States Government has been working across the interagency to assess the Kaseya ransomware incident and assist in the response," said Anne Neuberger, deputy national security advisor for cyber and emerging technology. "The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have been working with Kaseya and coordinating to conduct outreach to impacted victims."

              REvil malware hit a wide range of IT management companies and compromised hundreds of their corporate clients late last week. The cybercriminal gang, which is believed to operate out of Eastern Europe or Russia, targeted a key software vendor known as Kaseya, whose products are widely used by IT management companies, cybersecurity experts said.

              Comment

              • bsm2
                IT Manager

                25,000+ Posts
                • Feb 2008
                • 29827

                #82
                Re: FBI Security Alerts

                Finally a President with BALLS

                On Saturday, President Joe Biden said that the US government is not certain who is behind the attack, but he has directed federal agencies to assist in the response.

                "The fact is that I directed the intelligence community to give me a deep dive on what's happened and I'll know better tomorrow. And if it is either with the knowledge of and/or the consequence of Russia, then I told Putin we will respond," Biden said Saturday, referring to his meeting with the Russian leader last month.

                "We're not certain. The initial thinking it was not the Russian government but we're not sure yet," he added.

                Comment

                • Phil B.
                  Field Supervisor

                  10,000+ Posts
                  • Jul 2016
                  • 22798

                  #83
                  Re: FBI Security Alerts

                  Originally posted by bsm2
                  Finally a President with BALLS

                  On Saturday, President Joe Biden said that the US government is not certain who is behind the attack, but he has directed federal agencies to assist in the response.

                  "The fact is that I directed the intelligence community to give me a deep dive on what's happened and I'll know better tomorrow. And if it is either with the knowledge of and/or the consequence of Russia, then I told Putin we will respond," Biden said Saturday, referring to his meeting with the Russian leader last month.

                  "We're not certain. The initial thinking it was not the Russian government but we're not sure yet," he added.
                  Dispite the footprints from Russian hackers he doesn't want to piss off Vlad.... gotcha.

                  Sent from my SM-G960U using Tapatalk

                  Comment

                  • bsm2
                    IT Manager

                    25,000+ Posts
                    • Feb 2008
                    • 29827

                    #84
                    Re: FBI Security Alerts

                    Originally posted by Phil B.
                    Dispite the footprints from Russian hackers he doesn't want to piss off Vlad.... gotcha.

                    Sent from my SM-G960U using Tapatalk

                    Unlike the past Wimp FOOL he will act if US intelligence confirmsgotcha.
                    Last edited by bsm2; 07-05-2021, 11:29 AM.

                    Comment

                    • SalesServiceGuy
                      Field Supervisor

                      Site Contributor
                      5,000+ Posts
                      • Dec 2009
                      • 8140

                      #85
                      Re: FBI Security Alerts

                      Originally posted by bsm2
                      Unlike the past Wimp FOOL he will act if US intelligence confirmsgotcha.
                      Kaseya ransomware attack: US launches investigation as gang demands giant $70 million payment

                      CISA warns businesses to enable and enforce multi-factor authentication for all accounts - not just privileged admin accounts.

                      President Biden is fully aware of the attack and promises a significant response once the offending party is verified.

                      ... how to protect your scan to emails from your copier via 2FA or MFA is discussed in detail in the Connectivity thread under Two Factor Authentication.

                      Comment

                      • rthonpm
                        Field Supervisor

                        2,500+ Posts
                        • Aug 2007
                        • 2848

                        #86
                        Re: FBI Security Alerts

                        The best method for protecting accounts used for scanning and email short of MFA is to use specific accounts for those that have no access beyond what they need.

                        The accounts we set up for scan to folder are denied login to any computer or server on the network either through GPO in Active Directory or local security policy in workgroup accounts. The only thing they are granted access to is the Scan folder(s) they need to send documents to.

                        For email, a fully licensed account is used for M365 or Google with SMTP authentication enabled. No type of user account is created for the email address so that it only exists as an email account.

                        Sent from my BlackBerry using Tapatalk

                        Comment

                        • SalesServiceGuy
                          Field Supervisor

                          Site Contributor
                          5,000+ Posts
                          • Dec 2009
                          • 8140

                          #87
                          Re: FBI Security Alerts

                          Originally posted by rthonpm
                          The best method for protecting accounts used for scanning and email short of MFA is to use specific accounts for those that have no access beyond what they need.

                          The accounts we set up for scan to folder are denied login to any computer or server on the network either through GPO in Active Directory or local security policy in workgroup accounts. The only thing they are granted access to is the Scan folder(s) they need to send documents to.

                          For email, a fully licensed account is used for M365 or Google with SMTP authentication enabled. No type of user account is created for the email address so that it only exists as an email account.

                          Sent from my BlackBerry using Tapatalk
                          ... many of the recent ransomware attacks seem to be directed against premise based servers and not Cloud based services.

                          In Canada, 55% of the time, the client has subscribed to MS365.

                          Many SMB businesses that I work with seem to unaware of the threats that exist out there and largely let me do anything that I want when installing a new copier.

                          Comment

                          • BillyCarpenter
                            Field Supervisor

                            Site Contributor
                            VIP Subscriber
                            10,000+ Posts
                            • Aug 2020
                            • 16308

                            #88
                            Re: FBI Security Alerts

                            Originally posted by rthonpm
                            The best method for protecting accounts used for scanning and email short of MFA is to use specific accounts for those that have no access beyond what they need.

                            The accounts we set up for scan to folder are denied login to any computer or server on the network either through GPO in Active Directory or local security policy in workgroup accounts. The only thing they are granted access to is the Scan folder(s) they need to send documents to.

                            For email, a fully licensed account is used for M365 or Google with SMTP authentication enabled. No type of user account is created for the email address so that it only exists as an email account.

                            Sent from my BlackBerry using Tapatalk

                            I have no idea if this is correct or not. What I do know is that his advice has not let me down thus far.
                            Adversity temporarily visits a strong man but stays with the weak for a lifetime.

                            Comment

                            • slimslob
                              Retired

                              Site Contributor
                              25,000+ Posts
                              • May 2013
                              • 37289

                              #89
                              Re: FBI Security Alerts

                              Comment

                              • BillyCarpenter
                                Field Supervisor

                                Site Contributor
                                VIP Subscriber
                                10,000+ Posts
                                • Aug 2020
                                • 16308

                                #90
                                Re: FBI Security Alerts

                                I don't think Biden is up to the job.






















                                "It appears to have caused minimal damage to U.S. businesses but we're still gathering information to the full extent of the attack," Biden told reporters Tuesday, while promising to "have more to say about this in the next several days."


                                "I feel good about our ability to be able to respond," he added.











                                That response is unlikely to satisfy policymakers who say only bold action can deliver the wakeup call that Putin needs to receive.





                                In fact, no major U.S. business has yet been identified among the many victims of the Kaseya breach. The most visible impact to date has been the shutdown of a Swedish supermarket chain. That also sets this attack apart from past major global ransomware outbreaks, which in recent years have crippled targets ranging from Pfizer to the shipping giant Maersk.





                                The RNC said Tuesday, as it had over the weekend, that one of its tech vendors was among the victims of a cyberattack. But the committee insisted again that a probe found no sign that hackers had gotten ahold of any data from the Republican Party organization.





                                The RNC had made a similar comment in a statement to Bloomberg on Saturday.







                                Adversity temporarily visits a strong man but stays with the weak for a lifetime.

                                Comment

                                Working...