back to article CISA unleashes Untitled Goose Tool to honk at danger in Microsoft's cloud

American cybersecurity officials have released an early-warning system to protect Microsoft cloud users. The US government's Cybersecurity and Infrastructure Security Agency (CISA) released the software, developed in conjunction with Sandia National Labs, to help network administrators spot potentially malicious activity in …

  1. Roland6 Silver badge

    Windows and MacOS only?

    According to the GitHub Linux install is possible, although running the powershell script may be problematic. I’m basically surprised that the tool isn’t Linux first given the recommendation is to run it with in a VM.

    1. Anonymous Coward
      Anonymous Coward

      Re: Windows and MacOS only?

      Why would you think Linux when recommending a VM? Almost all of our client base run virtual machines. Maybe 2% of them are Linux, with the rest Windows. The Linux VMs are mostly virtual appliances to help users get to the Windows based applications running on the rest of the VMs.

  2. Anonymous Coward
    Anonymous Coward

    Waaaay too much effort

    If you're going to sink so much money in sticking plasters over abject failures in security you might as well spend the money on migrating away from Microsoft.

    It'll be cheaper in the end.

  3. ronkee

    Seems to be a tribute to a computer game

    1. J. Cook Silver badge

      It's a hilarious game, even though I apparently suck at it (I managed to get out of the starting area ONCE, and then stupidly overwrote my save file).

  4. Throatwarbler Mangrove Silver badge

    The what now?

    "Untitled Goose Tool uses novel data gathering methods via bespoke mechanisms"

    I'm sorry, can you be a little more specific? That sounds like a line from a parody spy movie.

    1. Ball boy Silver badge

      Re: The what now?

      I think I can clear that up for you.

      It's a rather smart Java script that extracts the contact details of anyone with Domain Admin rights and crafts a bespoke FAX to each on of them in 22 point font that essentially reads "Remind the dork working down in goods-in not to click on random attachments in emails or believe that accident-prone Nigerians really have millions they need embezzling"

      You're welcome. Glad to help ;)

      1. imanidiot Silver badge

        Re: The what now?

        That presumes it's always the dork working down in goods-in that gets phished. The reality is that it's more likely to be the "smart" people caught out by a fake invoice, sales offer, etc, etc in engineering, sales, marketing, the board room, etc. People are idiots some time, and it doesn't matter where they work.

  5. Ken Moorhouse Silver badge

    Untitled Goose Tool

    Enables you to have a gander at your data.

  6. Anonymous Coward
    Anonymous Coward

    Security tool requires out of date Python version

    Just tested in a clean VM. Installed latest 3.11 version of python. Doesn't work. Failed on Python version check. Only works with 3.7, 3.8, or 3.9.

  7. Robert Carnegie Silver badge

    I don't understand

    So do we need to install preransomware now, or to block it? This job gets harder every day. ;-)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like