* Posts by sanmigueelbeer

1547 publicly visible posts • joined 5 Oct 2016

Chinese national accused by Feds of spear-phishing for NASA, military source code

sanmigueelbeer

Re: The Great Pathetic Reset. Is Uncle Sam too stupid to not realise nor recognise .....

Tonald Drump, is that you?

HPE CEO: 'Best interest of shareholders' to pursue $4B damages from Lynch estate

sanmigueelbeer
Coat

Pull the other leg, son. `tis got bells!

in the best interest of shareholders.

And I've got a bridge to sell. Cheap. Best investment. Everrrrrr.

Originally worth US$12bln but I can part with it for US$8bln (mates rates n'all)!

Cisco merch shoppers stung in Magecart attack

sanmigueelbeer
Facepalm

Re: CISCO?

This is the second time this year.

First time was when one of the Cisco web page, Catalyst 9800 Data Sheet, link was pointing to a well-known malware site (well, not "well-known" enough for Cisco).

It took, approximately, 22 hours for Cisco to remove the bad link from the web page.

sanmigueelbeer

Plausible Deniability

They can't even perform basic security practices like patching their f*cking site

Cisco said, "merchandise website that's hosted and administered by a third-party supplier". Plausible deniability.

Cisco's Smart Licensing Utility flaws suggest it's pretty dumb on security

sanmigueelbeer

Re: "log in to an affected system by using a static administrative credential"

exactly how long have Cisco been in the networking business

And this is why Cisco does not have "Bug Bounties" program.

NASA confirms who is flying and who is not on SpaceX Crew Dragon

sanmigueelbeer
Coat

One "mystery" passenger

I heard one is a "mystery" passenger who, coincidently, have an initial of EM.

Check your IP cameras: There's a new Mirai botnet on the rise

sanmigueelbeer
Pint

Re: We are bored now, so chuck your camera in the bin

So the moment a particular model is out of production we must chuck it in the bin? A peripheral like a camera should be expected to be used until it simply breaks (or the perceived advantages of a replacement exceed the cost of replacement).

(Have an upvote from me!)

Yes, `tis call it (accelerated) "guaranteed obsolescence". I know of this multi-billion dollar Silicon Valley-based IT company (and a darling to Wall Street) who deliberately inserted a soon-to-expire certificate inside a firmware to fix a security vulnerability.

And when devices got bricked, the company conveniently reminded customers that the model has gone past "end of support".

The "tricks" a multi-billion dollar company have to do (just) to make a buck.

Broadcom has brought VMware down to earth and that’s welcome

sanmigueelbeer
Coat

Whether there’s more pain will depend on whether VMware’s landing is soft or hard.

The bigger they are, the harder they fall.

AT&T to shell out $950,000 after quad-state 911 outage

sanmigueelbeer
Coat

That outage lasted around 12 hours and shut down all services – not just 911 calls.

And, most importantly, "AT&T admits no guilt".

Win-win situation (for everyone unless you're the customer)!

And this, ladies and gentlemen, is how free Market Capitalism "brown bag" works.

SolarWinds left critical hardcoded credentials in its Web Help Desk product

sanmigueelbeer
Pint

Re: SolarWinds ? Again ?

CrowdStrike: We DDoSed the whole world!

SolarWinds: Here, hold my beer ...

sanmigueelbeer
Coat

which presumably removes the baked-in creds.

Emphasis on the word "presumably".

It ain't over `til the fat lady sings.

UK tech pioneer Mike Lynch dead at 59

sanmigueelbeer
Coat

I wish HP(E) (and associate legal team) all the luck in the world -- Because HP(E) can kiss the $8 bln "good-bye". Guaranteed.

The proverbial ship has sailed.

Client tells techie: You're not leaving the country until this printer is working

sanmigueelbeer
Coat

I was sent to the Coolangatta, QLD for work (year 2007). After the job at Coolangatta, I was meant to fly to Cairns, QLD (via Sydney, NSW) to do another job.

Coolangatta's Gold Coast Airport (OOL) shares the same "radar" as Brisbane Airport (BNE) to the north. And every local know that whenever there is a gray cloud over OOL, all flights are canceled. Well, on the afternoon I was to depart to Cairns, it poured.

The airport and airline staff has been-there-done-that attitude. They all have a role to play. And while waiting for my checkin, I can hear each flight status going from on-time, delayed and then canceled. Police were called in as routine precaution.

When it was my turn, the staff told me that my departure was delayed. When I explained that I was flying out to Cairns because of my job, the police nearby moved closer. However, one of staff at the airport recognized me and he stepped between me and the police, "`tis OK, mate. He's one of us." The police stepped back and smiled back.

The only other flight to Cairns that evening, the airline check-in staff said, was flying out of Brisbane. And the flight leaves in three hours!

Without even calling to ask permission from my boss, I hailed a cab for a two hour (AU$160) cab ride from Coolangatta to Brisbane Airport. While I was on the cab, I got hold of Qantas reservation. Because I was on a corporate travel account, QF reservation immediately re-booked my flight.

I got to BNE just in time and only to be told that the same weather front has delayed my flight by another 90 minutes.

When the flight left, the captain not only went on the PA and apologized for the delay but he instructed the staff to "open the bar"!

Those were the days.

After nearly 3B personal records leak online, Florida data broker confirms it was ransacked by cyber-thieves

sanmigueelbeer
Coat

Inconsistencies in the law?

My personal information is private and confidential. If my PII is leaked into the whole wide world, nothing happens to the actor(s) who broke in, exfiltrated and posted my details.

However, if someone leaks classified &/or confidential documents to the whole wide world, it is "full force of the law" will bear down on you.

'Digital arrest' scams are big in India and may be spreading

sanmigueelbeer
Coat

Digital Arrest, pffft!

I've been "digitally deported" several times to the People's Republic of China for failure to pay my Australian taxes.

Kamala Harris's $7M support from LinkedIn founder comes with a request: Fire Lina Khan

sanmigueelbeer

Re: Microsoft board member requests FTC chair being removed - pays money to upcoming president

It is not bribery because money did not change hands in a "traditional" brown paper bag.

CrowdStrike's Falcon Sensor also linked to Linux kernel panics and crashes

sanmigueelbeer
Coat

And this, ladies & gentlemen, is how you DDoS the entire world.

Several hacking groups would also like to thank CrowdStrike for the file (that caused the BSoD) -- It will be very handy.

This (demonstration) makes Petya & WannaCry(pt) look "pedestrian".

UK cops arrest teen suspect in MGM Resorts cyberattack probe

sanmigueelbeer

Re: Good.

A plea of "insanity" or "senility" will not wash if front a mob enforcer.

No rest for the wiry as Cisco Nexus switches flip out over latest zero-day

sanmigueelbeer
sanmigueelbeer
Coat

To successfully exploit this vulnerability an attacker must have Administrator credentials

Velvet Ant was able to exploit it as a zero-day in April and use it to drop some remote access malware onto the switch,

What is the patch for? What is the patch for if the proverbial have already launched off the gate?

If Velvet Ant was able to employed this bug and, according to Cisco, "an attacker must have Administrator credentials" then applying the patch is futile since the intruders have already gone past the gates.

China warns citizens to stop posting info about spy satellites on social media

sanmigueelbeer
Coat

Re: Hu Youping

if that had happened in the USA, the guy would have come aboard with a knife

But the passengers in the bus would have the assault rifles.

sanmigueelbeer
Coat

China's Ministry of State Security has asked citizens to stop posting info about the nation's spy satellites and national security installations online.

War Thunder when?

Change Healthcare finally spills the tea on what medical data was stolen by cyber-crew

sanmigueelbeer
Coat

Absolute power corrupts absolutely

UnitedHealth CEO Andrew Witty confirmed to US senators that his company had paid $22 million to the extortionists to ostensibly keep a lid on the stolen data.

If UnitedHealth is capable of doing this, without a shadow of a lawsuit, legal prosecution or jail time, then I must admit the United States has the best judicial and political system money can buy.

Brit watchdog gnawing on HPE's $14B buy of cable giant Juniper Networks

sanmigueelbeer

If an HPE router meets a Juniper router in a bar, would they say "Hello" to each other?

sanmigueelbeer
Coat

Re: Rinse & repeat...

Do they even have a R&D dept anymore

Yes, HPE Finance Department calls it "Research & Devour"

NOTE:

1. Find a company with a very fat bank account (research) and merge/acquire/buyout (devour).

2. "Research" != "Due diligence"

Qilin: We knew our Synnovis attack would cause a healthcare crisis at London hospitals

sanmigueelbeer
Coat

We choose only those companies whose management is directly or indirectly affiliated with the political elites of a particular country. The politicians of these countries do not keep their word, they promise a lot, but are in no hurry to fulfill their promises.

NK health care system is aligned with the political elite of NK government-of-one, therefore, I challenge them to hit any hospitals in North Korea.

McDonald's not lovin' its AI drive-thru experiment with IBM

sanmigueelbeer

Re: McHurry out the door nugget heads

Worse. It was one French Fries short of a Happy Meal.

Brit tech tycoon Mike Lynch cleared of all charges in US Autonomy fraud trial

sanmigueelbeer
Coat

Re: No kidding?

HP should have done full due diligence, understood what little due diligence was done

HP did.

Both the external and internal "due diligence" were ignored by Léo Apotheker "someone high up in HP". When the HP CFO objected, Léo Apotheker tried to get her fired ("Mad Leo tried to sack me over Autonomy, says top HP Inc beancounter").

Instead of blaming HP themselves, HP is looking for someone outside of the company to blame (and claw back some billions).

* First, Mike Lynch is their top priority. And HP may not stop until he's dead (or ran out of money).

* Next one on the list may be the external auditor(s) who did "due diligence".

* If they still can't get any money back, they'll find some poor sod at Wakanda to sue.

sanmigueelbeer
Coat

Re: HP still has a damages claim in the civil courts.

HP will continue to pursue Mike Lynch until:

a. A country (any country, for that matter) will find Mike Lynch guilty

b. Mike Lynch dies

c. HP runs out of money

d. Mike Lynch runs out of money

Aussie cops probe MediSecure's 'large-scale ransomware data breach'

sanmigueelbeer

MediSecure calls in administrators after cyber breach

MediSecure calls in administrators after cyber breach

sanmigueelbeer

Should've called themselves MaybeSecure.

Command senior chief busted for secretly setting up Wi-Fi on US Navy combat ship

sanmigueelbeer
Coat

WiFi? In a boat with metal bulkheads all around?

Three-year-old Apache Flink flaw under active attack

sanmigueelbeer
Coat

"Doctors and nurses are the worse patients," the saying goes. But doctors are the worse cry-babies. A sookie lala of the highest order.

I raised a change control to upgrade a piece of kit in a hospital environment because of a security vulnerability that is "actively aggressively exploited in the wild" and manufacture has given a CVSS score of 9.9.

The change was rejected to Change Control Board which the CTO was involved. Show proof, he said, that this so-called "vulnerability" is being exploited in Australia.

The next day the change was approved and it was deemed "do it NOW!"

sanmigueelbeer
Coat

No CIO/CTO takes "patching" seriously. Not even when the company is spattered all over the 11 o'clock news. Or not even when dragged into a US House committee hearing. If UnitedHealth CEO can calmly admit paying hackers (instead of employing a competent IT security team) in front of the US House committee hearing, then, f**ck, anyone can do it too!

In other (maybe-related news): Nissan A/NZ's outsourced cyber incident call centre breached

Nissan Oceania has revealed the call centre it set up to handle customer inquiries after a cyber incident late last year has itself been breached.

Valve vexation: Boeing's Starliner grounded again

sanmigueelbeer
Coat

Re: Lucky

The emergency door will only blow out mid-flight.

Nothing is gonna happen when the vehicle is on the ground.

AI Catholic 'priest' defrocked after recommending Gatorade baptism

sanmigueelbeer
Coat

11th Commandment

11th Commandment: Thou shall not covet thy neighbor's wife but if thy neighbor's wife covets you, then, thou shall not refuse.

UnitedHealth CEO: 'Decision to pay ransom was mine'

sanmigueelbeer
Facepalm

Re: Too pissed to read much...

Read between the lines: It was (probably) still cheaper to pay off the hackers than to stand up a competent IT team.

What was that saying again? Money talks & BS walks.

ByteDance 'would rather' torpedo TikTok than sell it off

sanmigueelbeer
Coat

Re: Empty threat.

Just posturing.

Bend forward or backward kind of "posturing"?

IBM to acquire Hashi for $6.4B, hopes it will boost software biz and Red Hat

sanmigueelbeer

Any Hashi employees over the age of about 35 25 should be very nervous right now

TFTFY

sanmigueelbeer
Coat

The company advised investors to “expect constant currency revenue growth consistent with its mid-single digit model”

Translation: As long as Hachi & Red Hat continues their double-digit percentage in yearly revenue, happy days are here to stay.

Ex-CEO of 'unicorn' app startup HeadSpin heads to jail after BS'ing investors

sanmigueelbeer
Coat

This defendant admitted he lied about his company’s revenue and customers to attract funding

I assume, in Corporate America, this is just a start. Right?

Tesla slashes vehicle and self-driving-ish software prices as shares plummet

sanmigueelbeer
Coat

Re: "an essential part of doing business in the auto industry"

Bells do not need to be put into Wash Mode and can be washed in direct sunlight.

Some smart meters won't be smart at all once 2/3G networks mothballed

sanmigueelbeer
Coat

Has any "smart" meter manufacturer come up with a smart meter with modular cellular modem?

Instead of upgrading the meter every time the cellular technology becomes obsolete, maybe the cellular modem can be upgraded instead?

Cisco creates architecture to improve security and sell you new switches

sanmigueelbeer
Coat

Self-updating networks -- What could possibly go wrong?

Self-updating networks and mitigations that keep those machines safe is Cisco's alternative.

I have no problem with this as long as Cisco can promise adequate QA/QC of their codes.

OpenAI launches Asian operations in Tokyo to avoid being lost in translation

sanmigueelbeer

どうもありがとうミスターロボット

Space Force boss warns 'the US will lose' without help from Musk and Bezos

sanmigueelbeer
Coat

General Chance Saltzman's post-retirement life is all but guaranteed to be "very well taken care of".

Apple cuts hundreds of jobs after ditching the car project and more

sanmigueelbeer

Re: The Apple car

At least the VW Beetle was affordable.

If this Apple fandangled-car gets built and put on sale, the sticker price would be in the millions.

World's second-largest eyeglass lens-maker blinded by infosec incident

sanmigueelbeer
Facepalm

Hoya never saw that coming? Maybe they need to see a good optometrist.

Oh, wait ...

Tech titans assemble to decide which jobs AI should cut first

sanmigueelbeer
Facepalm

And it appears that the Biden administration is more than happy to let the very tech companies developing your AI replacement take the lead on this one.

Like the same idea to close all the factories in the US and move them all (including the kitchen sink) to the far east? Sure, why not? I mean, what could possibly go wrong with this idea?