FireEye publishes details of SolarWinds hacking techniques, gives out free tool to detect signs of intrusion Any organizations that used the backdoored SolarWinds network-monitoring software should take another look at their logs for signs of intrusion in light of new guidance and tooling. In an update and white paper [PDF] released on Tuesday, FireEye warned that the hackers – which intelligence services and computer security …
Rumor has it USA government is considering moving everything to the new BABA cloud when complete. That is if they are not delisted first.
One well known 'publican Ex-president was rumored to say on the golf course that nothing could be safer than a Communist company traded through an ADR VIE whose country was besties with Russia's Putin.
Rumors continued that 40 'publican traitors still in the US Senate have all signed proposed legislation supporting their God & Ex-Commander-in-Chief 100%. Many of them supposedly have transferred all of their government data directly to Russia since the election was possibly stolen from their mega-god.
Rumors abound that they fully support turning Washington's security needs over to Russia & China, sooner than later. Supposedly, he smiled knowingly, when he heard the news & rubbed his package excitedly while trembling noticeably.
He may have claimed if elected in 2024, he is going to build a wall between us & Canada & build a bridge connecting Washington with Cuba & North Korea.
Upon hearing this, 40 senatorial traitors may have excitedly rubbed each others packages in chambers on Wednesday while trying to dry hump their 'mocratic counter parts.
Wait & see, I guess. Maybe? Could be? Rumor has it?
I worked in infosec for decades and security vendors often had the worst security practices. When compromised, they always run to "nation state" or otherwise more advanced actors. If your kit was so good, then you would guarantee it against such intrusions--or better, use it for your own protection to detect/prevent those advance threats you base your product claims. Soft solutions like Solarwinds are just the carriers for this one and a well oiled infosec vendor should have no trouble detecting anomalies.
Of course, soon you'll be able to buy the next generation of their kit that will stop yesterday's threats. For real, after spending many millions in ultimately useless security technologies it is best to practice sound system/network admin practices and not rely on technologies that are supposed to fill the gaps.
I agree. What corporate does not want to hear is that security is not just a product that you can order and install. Security is a tedious and full time job. The very best that I can provide is for tripwires to be set everywhere and I do mean everywhere (including black lists), combined with firewalls and something like snort. This setup is monitored 24 X 7 with dedicated personnel. No magic, just hard work.
Everyday I see these "hacks" being perpetrated by using Windoze systems. Why????? Linux is still free as in beer. Just build your servers and contract custom tools you might need based on OSS.We have seen enough that security through obscurity doesn't really work anymore.
Scott McNealy, 1999: https://www.wired.com/1999/01/sun-on-privacy-get-over-it/
*
Peter Thiel, 2018: https://www.bloomberg.com/features/2018-palantir-peter-thiel/
*
2020: SolarWinds
*
So......when does the "advanced" IT industry START to take security and privacy seriously? It's all very well blaming OTHER state actors every time there's a security or privacy breach...........................but the hardware, the software, the training are primarily being sold by the very people whining about "attacks" and "intrusions". Get a grip folks......if you want to see the authors of these problems, take a look in the mirror!!!!
The AD security model is just asking for it. Its assorted mechanisms are ridiculously over-complicated.
You need to spend weeks learning about them to get even a fair appreciation, and it can take years to get into the dusty corners.
Join a new comany with an old system and try to tighten it up and you'll soon have a queue of angry users at your desk asking why XYfuckingZ application won't let them piss on the floor any more because they've always logged in as Administrator to do it.
The various graphical user interfaces don't make it easy to know what's going to break when you change anything nor what's likely to hit you on the back of the head without warning - as we've seen here.
If security is the question, AD is definitely not the answer.
I've only interacted directly with Azure at a single company. A company that admittedly had very little understanding about security, however... I was appalled at Byzantine way the system was worked. The departure of someone with admin privileges left (hopefully) orphaned permissions in pretty much every resource they ever accessed. If you needed access to a resource (you being an admin), you had to grant it to yourself. And, yeah. 100% GUI. You wouldn't want to automate any of that, now would you?
Certainly, even the best system is going to be fouled up by fools. And I cannot rule out that possibility. But the good ones don't encourage bad practices.
So, in an Azure AD environment, you have the cloud AD and the on-prem AD, which both have logs, but there are some instances where you login in the Cloud and it is not recorded in the same log than in the on-prem log, and the Unified thingy does not carry the info either, so it's not all that Unified.
Great. Feels like that makes security controls real easy to handle.
Still doesn't let SolarWinds123 off the hook, though.
Mail server login attempts from Russia and China have dropped from one every 15 seconds for the past four years, to one every 8 minutes today. No, I'm not relaxing, I'm just wondering why and checking the server and firewall logs. I wonder if some agency has hacked the servers sending these out?
Could it be that various nations have decided that hacking a Biden run America is actually risky; hacking attempts over the last four year have gone up sky high but America has done virtually nothing about it under the last President.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
