Posts by sanmigueelbeer 1210 posts • joined 5 Oct 2016
Might as well add this to the Emergency Change: September 2021 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication
One of them has a "perfect 10" score: Cisco IOS XE Software for Catalyst 9000 Family Wireless Controllers CAPWAP Remote Code Execution Vulnerability
Is this the answer to the ransomeware scourge? Go after the "banks"?
What about the elephant in the room -- IT security? What IT security?
Have a look at After ransomware attack, company finds 650+ breached credentials from NEW Cooperative CEO, employees:
* The password "chicken1" was common among the company's 120 employees and was used over 10 times.
Kahn added that the firm's CEO Brent Bunte appeared to have the second highest number of instances of breached credentials while other current executives also had passwords that had been leaked.
* We saw that the Colonial Pipeline breach was ultimately a result of a bad password
The US Government's strategy of going after the hackers, affiliates and their "banks" without acknowledging that the bigger problem is actually the victim's poor response(s) to IT security is not going to fix this.
Not only did the victims shot-themselves-in-the-foot by having very poor IT security, they also made sure their critical systems were exposed to the internet. It was a perfect storm and self-inflicted injury packed in one neat box. Ready for the picking hacking.
We kept making jokes among ourselves about "admin/password" but, in reality, it is way more common and very widespread.
There are many instances that the hacks could've/would've been avoided if someone actually took simple IT security seriously.
In my humble opinion, current Apple executives and decision makers are just there to "keep the lights on". They have no idea what new product to introduce since the death of Steve Jobs.
When Steve Jobs was still at the helm, Apple lead the way and left competitors eating their dusts.
Nowadays, the only thing Apple knows how to do with the iPhone/iPad is to add "make-up" to an old product and to jack up the price.
Being number one is not as easy as staying number one.
I like how, message 120 and 5 months after the issue was first reported, the administrator asks the people what the problem is (Could you share some photos or videos illustrating the problem?).
Lenovo is "out of their depth". I do not even believe Lenovo made any feeble attempt to replicate the issue in-house.
This is just a reminder for us to "never send a boy to do a man's job".
You guys really should open your eyes to the European system
As an Australian, I have worked for a European firm and an American company. Let me just say that my first job, I joined a European company and was treated us well.
My next job was a very big American company and junior staff were given the same respect like a disposable cell phone. The CEO likes to brag about the "difficult life" he lives by sending out emails whilst traveling in one of his private jets.
That company tried to stop me from leaving. In my first job offer, they called my new job and told them I was a troublemaker.
It's quite telling that governments of so many countries are shaking just about the thought of making those companies paying tax
This is why there was an "emergency" 2021 G7 Summit in Cornwall.
With the COVID-19 pandemic raging for almost a year and many countries' treasury are running on empty. Governments cannot impose more taxes on their citizens unless they want an angry mob on the streets.
Various government had to "convince" Ireland to accept the across-the-board 15%. Ireland, of course, was not happy but it had to be done.
NOTE: Not trying to defend the action by any organization.
No idea why everyone is focusing their attention on Samsung.
Nobody seems to complain when Apple does the same thing to, say, iPhones stolen from their stores.
And, if I remembered correctly, some vehicles in America can get remotely disabled if, for example, it was stolen.
This is EXACTLY the same software system Huawei tried to sell to the UK government
Selling the software is one thing. But getting it to even work, now that is where the scam money is.
However, if the software did manage to get off the ground, I would presume it would be so buggy ANYONE would have backdoor access at any one time. Think of it like a frat-n-sorority party in a broom closet (with room to spare).
Just reading the title gave me the urge to look for GM's response to Bill Gates' comment of "If GM had kept up with technology like the computer industry has, we would all be driving twenty-five dollar cars that got 1000 mi/gal".
NOTE: Open to corrections.
The west are unable to match Russia's dominance in rocket technology and R&D and, if I remembered correctly, full-flow engines were THE engines Russia uses extensively to fling stuff to space.
The west uses a bank of strap-on boosters while Russia uses a single engine.
the Cabinet Office said GCHQ had since set up "an internal Commercial and Legal Oversight Group" to ensure blah, blah, blah, blah, blah ...
For short, a committee has been set up. What is the true definition of a FUBAR?
Wait for it, wait for it, wait for it.
A committee will let you know, in 12 months time, a draft report of the true definition of a FUBAR.
Fight a war when you intend to win -- Never threaten to start a war when all chips are down.
Joint Chiefs Seek A New Warfighting Paradigm After Devastating Losses In Classified Wargames
Several decades ago, there was this UK-based lock maker. Every time they would come up with a new design, they would send samples to the US, UK and the Mossad. Mossad would return said sample with the note "hard to break in" (or something to those words).
One day, as they were about to send out a new model to be tested, out of the blue they were told "do not send the sample out" to the Mossad. So they complied.
Let us just say, a team of agents unsuccessfully tried, for almost an hour, to go through a lock they have never seen before and from a "brand" they were very familiar with.
if they're found to be in serious breach of new regulations
First off, the regulators will need proof of "serious breach" was conducted. But if it was a "minor breach" everyone is fine-and-dandy? There could be an army of lawyers who can easily negotiate a "serious breach" down to a misdemeanor without jumping out of bed.
Next, if I was to use the past penalties handed by the ICO. "fines of up to 10 per cent" is not really much.
Finally, handing out fines is one thing. Wake me up when news of fines collected have been publicly made available.
These "regulations" are more there to protect big business from getting in trouble.
Far-right UK commentator Katie Hopkins to be deported from Australia
Poor girl. All dressed up and nowhere to go. </sarcasm>
ICS Advisory (ICSA-21-119-04): Multiple RTOS (Update B)
Urgent Security Notice: Critical Risk To Unpatched End-Of-Life SRA & SMA 8.X Remote Access Devices (SonicWall) -- Possibly being exploited in the wild.
Malicious exploit code cannot be released
Is China's famed "security services" included in this guidance?
Details of holes cannot be publicized until the bugs are fixed
And if the bugs/exploits are not fixed, what then? Wait for the "proof-of-concept" to be made public?
It's also a dangerous place to be for an unpatched-vulnerabilities database, which would be an incredibly attractive target for adversaries"
A honeypot, no question about it.
Now if someone is going to insert a booby trap in those files and Boob's-your-uncle!
President Biden had a phone call with Russia's President Putin about the worldwide ransomware epidemic
1. This does not solve the issue one bit. The problem is still dancing right in front of us, butt naked: A lot of systems are still woefully unpatched, out-of-date, vulnerable and very-much-accessible from the Internet. Like I said, butt naked.
2. Pres Biden probably told Putin to "stop attacking our systems (in the US)" and this, to me, implies anyone else outside of the US is "fair game".
3. What about countries like Iran, North Koreans and PRoC? It is not as if they do not have hackers of their own.
No need to go this far. Iran still has a fatwa on "the Florida Man living in Mar-y-Lago" for the death of General Qassem Soleimani.
When the Grand Ayatollah says “Revenge is certain”, people around the person in question tend to be wearing bomb disposal suits (or has one ready to go). Talk about "dead man walking".
Rudy Giuliani suspended from practising law in Washington DC following New York suspension
he had violated professional conduct rules as he promoted theories that the election was stolen through fraud
The Register - Independent news and views for the tech community. Part of Situation Publishing
Biting the hand that feeds IT © 1998–2021
