* Posts by csecguy44

14 posts • joined 20 Feb 2018

From Docker Hub hack to Facebook's burglar-friendly API to phone fingerprint bypasses...


The number of (disclosed) breaches is growing for sure, as well as the potential impact and severity. I couldn't point a finger at the "cloud era" as such, or at least not as a single reason. Sure, there is now a lot more information and a lot more services "up there", which simply means the target is larger, and therefore easier to "hit".

There is also a learning curve involved for IT pros, who are "used to" securing on prem solutions, as well as a level of ignorance from the business that thinks "it's fine, it's in the cloud, we don't need to worry about it".

And one of the bigger issues would probably be the speed of the IT/Security processes. In today's world it isn't easy to keep up with cyber criminals, who jump on vulnerable systems in the matter of hours or days, where IT need to follow testing/proving/patching that may take weeks.

Naturally, there are tons of different other reasons apart from the above, each worth an in depth conversation on their own.

Facebook blames 'server config change' for 14-hour outage. Someone run that through the universal liar translator


Simple explanation

All their storage got filled up with data about us, and it took 14 hours to get more drives from Amazon Prime

It's Shodan embarrassing: Red-faced Rubrik blames public-facing DB on developer ballsup


Quite a statement

"We have confirmed that no customer-owned data was exposed."

Hmm... there was customer data, and there was a door left wide open. Does the "-owned" sound a bit of a fine twist in the statement?

Japanese cyber security minister 'doesn't know what a USB stick is'


Imagine a world...

Imagine a world where leaders of a "field" are actually required to have a solid understanding of the stuff they are in charge of...

In Windows 10 Update land, nobody can hear you scream


Re: Even when the audio works..

I thought that was a feature for mobile devices only? Hear your call ring in your headset, and the system goes to phone as soon as the call is answered.

Budget hotel chain, UK political party, Monzo Bank, Patreon caught in Typeform database hack


The clue is in the statement

We take the security of our data seriously - but this was technically your data

US government weighs in on GDPR-Whois debacle, orders ICANN to go probe GoDaddy


Re: US Govt weighing in

Why US Government? GDPR is an EU regulation

Accenture, Capgemini, Deloitte creating app to register 3m EU nationals living in Brexit Britain


Re: A focus on security I hope

I'm unsure if a mobile platform would be the absolute best interface for such an involved process. On the other hand, 90% of the information required is already known to the Government, such as address, tax, employment history etc, so if the process can be simplified, it might just work.. but that's a big IF.

Looking to nab Nvidia's GeForce chips? You need cash and patience


This is the well known Scan free delivery trick. Place an order for next day delivery - mine has never arrived next day so far - complain, and get delivery cost refunded.

Facebook supremo Mark Zuckerberg has flunky tell UK MPs: Nope, he's sending someone else


If only futuristic stuff like video conferencing would exist...

Patch LOSE-day: Microsoft secures servers of the world. By disconnecting them


You must be right. Microsoft recommend the same workaround as they did the last time (reusing their old script)


Re: I stopped updating my Windows 7 boxes

Everyone has a different level of risk appetite. Yours seems quite healthy.

Hands up who HASN'T sued Intel over Spectre, Meltdown chip flaws


Ryzen is also affected

Capita data centres hit by buttload of outages


Re: Capita is "too complex"?

There appears to be no said or implied requirement for a "head/manager of IT" to actually have any technical expertise at all. Surely at least a bit of "good understanding" would go a long way.

Despite the above, I often see people on charge to have absolute 0 knowledge at all. When I'm asked if new Windows 10 computers will work with the existing Cisco switches, my alarms are all starting to go off.


Biting the hand that feeds IT © 1998–2022