* Posts by webhead

12 posts • joined 13 Sep 2011

Passengers ride free on SF Muni subway after ransomware infects network, demands $73k

webhead

Re: Design failure

Simply due to some domain admins still thinking that it's fine to put everything in the same domain. Face palm

Sad reality: It's cheaper to get hacked than build strong IT defenses

webhead

Not all hacks are caused by state magicians. Most are accomplished due to poor security hygiene. You don't need top shelf software. Imho, you need the boots on the ground to do the care and feeding of the beast.

Read the damning dossier on the security stupidity that let China ransack OPM's systems

webhead

Re: What on earth was going on over there? (offtopic)

Security thru obscurity is good. ? Lol. I would tend to agree with your statement about her server but heard only that the data was turned over and not the system files. Considering the state department mail system was having drama, I do wonder why not the private system. Perhaps, she was simply smart /lucky enough to not click on phish.

webhead

Re: The real news

The cio was new and hired after the hackers were inside the house. I saw published memo that she was improving the situation. I really thing it was more of case of not enough staff to keep up with the infrastructure care, feeding, maintenance and protection than simply amount of salary. Especially, considering the news about issues at nasa.

Ted Cruz knows where you live – if you downloaded his app

webhead

I had it demonstrated to me personally about how folks could download the data from hillary website. It was just name, age, address type of stuff. Simply, each individual record would be displayed to any anonymous person volunteering to call voters, but some slight tweets allowed you to get it in bulk.

SANS man lists five security things you're not doing but should

webhead

Re: admin priv - tip of the iceberg of least privilege

And keep domain admins on the core enterprise servers only. They should not even logon to the member servers. Give them normal user accounts and a jump server when they need to elevate.

Popping domain admins are how your domain is owned.

Hospital servers in crosshairs of new ransomware strain

webhead

Re: Dear elRegitor commentators

The article does say jboss vulnerability. It's not os specfic.

If the servers are not maintained and public facing, then expect to be breached sooner than later.

webhead

Re: New strain of ransomware targeting servers?

Jboss runs on a few different os and in this case, it is a vulnerability when the server is neglected enough (not patched). Then the attacker uses various methods to get sufficient domain admin credentials to move lateraly, and deploy the malware .

NSA data centre brings 300 million daily security scares to its Utah home

webhead

Re: Get rid of 70% of these hits

With that much attention, perhaps, create a few honey net too ;)

Hmm, I wonder if the NSA would be offering to sink hole/divert/host some of that inbound traffic. ;)

IRS: Er, those 100,000 tax records illegally accessed? Make that over 700,000

webhead
Devil

If I read the article correctly, fraudsters were able to scam the irs system by using personal identifiable information of the account holder. That means to me that unhappiness should be pointed that we have 700k+ with compromised pii, and that with added transcripts from the irs, it adds an additional pii on this 700k+, and to me, means the 700k+ has much higher chance of credit issues and worse.

Hacked OPM won't cough up documents on mega-breach – claim

webhead

Re: no sense whatsoever.

Lol, in the context of this article, her statement does make sense.

Claimed DigiNotar hacker: I have access to four more CAs

webhead

Why not Israel, Britain, US, or other state-sponsered agency?

Iran - snoop on possible communicaitons between Iran citizens and anti-Iran groups.

Israel - snoop on possible communications between Iran agents and anti-Israel groups. (for example: Hamas).

US - snoop on possible communications between Iran agents and anti-US groups.

etc

I am not saying that Iran is innocent, but, they are not the only ones that can benefit from reading emails/traffic between points in Iran and the rest of the internet.

Who knows.. maybe, its some 'blown egos' from that stuxnet malware.

Biting the hand that feeds IT © 1998–2019