* Posts by Mystery Machine

13 publicly visible posts • joined 27 Apr 2018

NordVPN rapped by ad watchdog over insecure public Wi-Fi claims

Mystery Machine

Re: Train WiFi was actually that bad for a while

They state that they block streaming and potentially other large / voluminous data transfers (photo sync would be obvious). I've never used it for much and generally go via 3G/4G as it's generally better on a busy service but will have a gander next time I'm on the train.

Like many wifi sites your persistent TLS stuff like Outlook will throw cert errors when you're at the captive portal page because of how DNS works for captive portals but once through the portal it's all rosy.

It's your what in a box? Here's a thing to make your bosses think about malware responses

Mystery Machine

Re: Exercise of the Pox

"good cybersecurity bods will mistrust any patch they didn't write themselves."

Fair point if they wrote the OS running on the server they designed and built from raw silicon. Fucking honestly....

Spyware sneaks into 'million-ish' Asus PCs via poisoned software updates, says Kaspersky

Mystery Machine

Re: How did the bad actor identify the MAC addresses?

No idea about how soon a machine spews its MAC to a Wifi access point (assume this are wireless MACs) but it mightn't be supply chain if it's possible to get near the target (including local coffee shops, hotels etc) and harvest MAC addresses either passively or actively. To attackers this would be a numbers game because they'd only need to compromise one device (more is better but not tooo many) to get the access to the target environment. The attackers will have known 1) the target(s) use ASUS gear with LiveBollocks enabled and 2) they had access to the update servers for ASUS prior to kicking this off. However what is suprising is most corporates worth their salt wouldn't use consumer-focused vendor crapware to manage their infrastructure.

Who needs malware? IBM says most hackers just PowerShell through boxes now, leaving little in the way of footprints

Mystery Machine

Presume they're still in the main using using malware to get through the front door

<EOM>

Six Flags fingerprinted my son without consent, says mom. Y'know, this biometric case has teeth, say state supremes...

Mystery Machine

Re: Thank you!

Not just season passes. Most overseas visitors to Florida** will have a two week pass for Disney or Universal as it's around the same cost as 3-4 days of entry. So the park owners use biometrics to avoid sharing the passes as you're clearly not going to be mad enough to go every day, especially when there's a rocket base up the road. I do recall it's also linked to a photo at first time of entry as it gives them a method for manual validation when the fingerprint thing goes Bzzzt. No idea what they do with all this data at the end of your stay (other than maybe to see how well they monitized you with the wristband thingy) but the Homeland mob have it all anyway for overseas visitors.

** sizeable percentage of guests.

AI-powered IT security seems cool – until you clock miscreants wielding it too

Mystery Machine

Jumbled article

Jumbled article - stats and FUD for both

- The use of AI in the domain of information security to improve the capabilities of attackers and defenders

- The implications of the adoption of AI within modern/digital businesses and it's/their potential manipulation by attackers (using non-specific means) to disrupt business

Keep it focused / tight or else you're just writing a bullshit article loosely linked to a buzzword.

Your specialist subject? The bleedin' obvious... Feds warn of RDP woe

Mystery Machine

Re "I'm not convinced."

The term VPN might be better qualified as suitably configured remote access solution that provides 'appropriate user, device and network access control mechanisms' to control access from the internet commensurate to the systems required to be accessed. That may be a wide-open network-layer VPN to anyone with the right password, it might be proxied access from only corporate machines with strong authentication to a single RDP destination or it might be somewhere in between.

Point is critical assets with exploitable or limited security controls shouldn't be directly connected to the internet. There are more appropriate systems (loosely termed VPNs) that should act as an intermediary.

Security procedures are good – follow them and you get to keep your job

Mystery Machine

Re: Wireshark is a risky app?

Of course it's a risky app as the vast majority of employees aren't doing network diagnostics or security analysis (nor can review code and build applications from source), and therefore it becomes a good tool for undertaking malicious activity. Some applications (like powerline-based network adaptor setup tools) require it and therefore it can be present for a variety of reasons not limited to debugging jumbo frames.

Ultimately the issue here is allowing users to install their own shit in the first place as that is invariably associated with local admin rights and whole world of additional pain. Why for articles about general end-user security is there always loads of smart-arse comments from people who clearly are infosec/IT one-percenters? This article isn't about you - it's for you to inform you what the other 99% are up to.

2FA? We've heard of it: White hats weirded out by lack of account security in enterprise

Mystery Machine

Re: Extortionate costs

"300 a pop, pretty good scope for a startup to disrupt"

You're describing the market as it was ~10-15 years ago when RSA was a byword for that thing you had dangling from your keyring. Many companies have come and gone and it's quite rare to see SecurID being used these days - lots of this stuff runs as SaaS and soft tokens which is a pretty good consumption model except for all the grumpychops who won't run it on their personal phone in which case just give them a funky key fob, credit card style OTP generator and no more than 3600 seconds for their lunch hour.

No big deal... Kremlin hackers 'jumped air-gapped networks' to pwn US power utilities

Mystery Machine

Don't forget the data diodes in all this 'what is airgapped anyway'?

https://en.wikipedia.org/wiki/Unidirectional_network

Although they're proprietary and expensive so rarely used.

Deck the halls with HALs: AI steals the show at Infosec Europe

Mystery Machine

Re: Macine learning creates its own vulnerabilities

"As a result, there have been numerous reported cases whereby machine recognition can be "fooled" by miniscule changes to an input pattern."

Is it not the same for humans?

SpaceX flings SES-12 satellite into orbit, but would-be lunar tourists should probably unpack

Mystery Machine

I was there :-)

First launch for my family and I. We watched from Titusville as KSC viewing was closed out of hours but it was a real delight to see, hear and feel a night launch after a day at KSC and it was our last day away before returning to blighty so shit or bust for us.

AWS DNS network hijack turns MyEtherWallet into ThievesEtherWallet

Mystery Machine

Re: A lot of sites still sport self-signed certificates

"The people who did this were clever, but they could have been much cleverer."

Comme ça - https://www.fox-it.com/en/insights/blogs/blog/fox-hit-cyber-attack/