* Posts by simkin

31 publicly visible posts • joined 5 Oct 2018

Microsoft sheds some light on Russian email heist – and how to learn from Redmond's mistakes

simkin

O365 security?

So, someone can leverage a test account to gain full access to execs' email, and your takeaway is that they should have used MFA? How many employees does MS have again? How many of those should be able to get access to execs' email?

Inside Denmark’s hell week as critical infrastructure orgs faced cyberattacks

simkin

Re: Sounds about par for the course

Sounds right. I just had to fill in our cyberinsurance forms for this year.

q: How many endpoints are not protected? If any, why?

a: 100%. Reason, we don't employ anyone whose job it would be to manage them.

Australia to build six 'cyber shields' to defend its shores

simkin

Re: The Great (Fire)Wall comes to Oz

It's Australia, this is probably the real purpose of the project. Any actual security benefit would be incidental.

Bank rewrote ads for infosec jobs to stop scaring away women

simkin

Best practice

Well, if we all followed best practices we'd have a lot less need for cyber security people in the first place.

School principal resigns after writing $100,000 check to Elon Musk impersonator

simkin

Re: "I am very smart"

Sounds like a typical timeshare presentation.

If you're struggling to secure email forwarding, it's not you, it's ... the protocols

simkin

Re: DMARCrap

DMARC works fine for forwarded messages as long as you don't alter them in transit (assuming they were DKIM-signed, SPF obviously is not suitable for use).

Mailing lists can choose to either not modify the message or they should remove auth headers and replace From: with their own address to take responsibility for sending an altered message.

77% of security leaders fear we’re in perpetual cyberwar from now on

simkin

Re: MicroSerfdom

It's not pointless.

Your data - ie, the details of everything you do on or near your computer, is worth more to Microsoft and other big-tech companies than what you paid for Windows. Afaik Apple is the only big-tech company that hasn't completely embraced that model, at least on the PC front (mobile being another story of course).

Your TV does it. Even your effing car does it now. You and your behaviours are just products to be sold to advertisers, and who knows who else. Amazon is buying Roomba so they can get access to the maps and images of contents of everyone's homes (sad, I used to like my Roomba). So they can sell you more crap.

It's completely unreal.

Deluge of of entries to Spamhaus blocklists includes 'various household names'

simkin

Re: I do have legit servers on Linode

If you're not "in the industry" you probably shouldn't be running an email server on the modern Internet. Sorry, but it's no longer for amateurs.

simkin

Re: I thought that the problem was obvious....

SPF does nothing cryptographically. You're thinking DKIM, which adds a signature.

Neither actually authenticates an email or says anything about whether it is spam or not. Spammers use SPF and DKIM too. Especially the main-sleeze marketers this article is talking about.

Combined with DMARC and aligned identifiers, SPF and DKIM do make it easier to whitelist some senders and identify From: address forgeries, though.

simkin

I do have legit servers on Linode

But they send mail out through a commercial legit relay service that I pay a small amount to. Because yeah, Linode IP space is full of crud.

Twilio customer data exposed after its staffers got phished

simkin

Sophisticated

A lot of my users have been getting very targeted phishes claiming to be from managers, along with sigs matching the sender's actual titles, etc. Figured out it's just harvested from LinkedIn. Hard to protect people when they self-publish everything needed to pretend to be them.

Dear Europe, here again are the reasons why scanning devices for unlawful files is not going to fly

simkin

Unless it's on Hunter Biden's laptop. Then it's Russian propaganda.

simkin

Sure but what if it's an image of your own kid that you messengered to your wife?

Watch out for phishing emails that inject spyware trio

simkin

Re: So, you're not opening an email in Excel

What if your job is opening similar files from customers or vendors?

Microsoft, Apple, Google accelerate push to eliminate passwords

simkin

And then your fingerprint scans get stolen.

Try replacing those.

simkin

Re: coping with device loss - print out this A4 sheet of random codes and keep it safe

It's awful. Our entire industry sucks.

Internet Society condemns UK's Online Safety Bill for demonising encryption using 'think of the children' tactic

simkin

Re: So, 0.2% eh ?

Uh, huh. Sure they will. Right after the bureaucracy processes it. So never.

Thousands of internet-connected databases contain high or critical CVEs, says report by cloud security biz

simkin

Re: Port scan results

Seriously. The fact that a database is exposed to the Internet at all is a critical vulnerability.

Un-carrier? Definitely Unsecure: T-Mobile US admits 48m customers' details stolen after downplaying reports

simkin

Re: Shouldn't I be hearing this first from T-Mobile?

It probably takes a while to decide to notify millions of people that you've kept 20 years of personal information online and accessible to hackers and have therefore lost it.

Russia tells UN it wants vast expansion of cybercrime offenses, plus network backdoors, online censorship

simkin

Re: Why not go Orwellian?

They already have everyone carrying the phone and microphone with them. Why annoy people with a mandate?

SSD belonging to Euro-cloud Scaleway was stolen from back of a truck, then turned up on YouTube

simkin

Does it scream "it's mine"?

If no, why even think about touching it?

Perl.com theft blamed on social engineering attack: Registrar 'convinced' to alter DNS records by miscreants

simkin

Re: A social engineering attack

So imagine you're a customer service agent at Network Solutions.

100 times a day clueless domain owners phone you and tell you they forgot their password or for whatever other reason can't get into their accounts or change their information.

99.999% of the time it turns out they're real and just need help.

How do you as a customer service agent reliably identify the one time they aren't?

No phish for the likes of you, thank you very much! Google finds email villains are picky about demographics, country

simkin

Re: most of the spam comes from gmail addresses.

Definitely. I auto-junk anything with a google API URL in it.

simkin

Re: Who gets the least?

Russia, maybe. That's where a large proportion of phishing seems to originate.

Brit accused of spying on 772 people via webcam CCTV software tells court he'd end his life if extradited to US

simkin

Re: Team America: World Police

The individual States extradite criminals to each other all the time, usually regarding criminals who have fled jurisdiction though.

simkin

Yeah, well

The American woman's husband is a US spy doing super-secret spy stuff. Can't annoy American spies.

Rogue ADT tech spied on hundreds of customers in their homes via CCTV – including me, says teen girl

simkin

Camera in bedroom?

What morons would put a camera in a bedroom in the first place?

Encryption? This time it'll be usable, Thunderbird promises

simkin

Re: The only reason "everyone" runs Outlook is because "everyone" uses Exchange.

Samba 4+ can run as full AD directory servers or members. Windows administration tools work on them.

I wouldn't necessarily recommend it for an SMB, but if you have anyone in ops who actually knows how to run Linux it's quite possible to fully implement an AD server infrastructure using just Samba.

Ever used VFEmail? No? Well, chances are you never will now: Hackers wipe servers, backups in 'catastrophic' attack

simkin

Re: Backups?

You figure it out. Data that isn't backed up might as well not exist.

Decoding the Chinese Super Micro super spy-chip super-scandal: What do we know – and who is telling the truth?

simkin

Re: Anonymous coward

DOJ is infamous for always being able and willing to find something to indict someone for if they want. What exec is going to say no to the US government with that perpetual threat hanging over them? Not to mention national security considerations.