Re: Hmmm
And Brian Krebs put the boot in Twilio for lack of MFA nearly 2 years ago to the day:
https://krebsonsecurity.com/2020/08/sendgrid-under-siege-from-hacked-accounts/
51 posts • joined 7 Jul 2020
Complete with Specialix paddles supporting up to 16 users on RS-232 to dumb terminals, I imagine.
As Comart was about the size of large microwave oven (but heavier), it would be left on an office side bench with the paddle trailing underneath. Needless to say, that became a complete rats' nest rather quickly.
The survey omits two favourites, "we've just bought them so go support their tech" (I wonder why the business was for sale in the first place?) and the truly worrying "we've just bought them for their tech". And that is without going through the "two CIOs enter, one CIO leaves" which normally accompanies mergers and, I hear, can be quite traumatic.
"falsely claiming an endorsement by a third party; misrepresenting that an endorser is an actual user, a current user, or a recent user; continuing to use an endorsement without good reason to believe that the endorser continues to subscribe to the views presented; misrepresenting that an endorsement represents the experience, views, or opinions of users or purported users; using an endorsement to make deceptive performance claims"
lying, or
"failing to disclose an unexpected material connection with an endorser; and misrepresenting that the experience of endorsers represents consumers' typical or ordinary experience."
cheating.
BBC story clarifies that Wallace was not aware of leak of 55 names when he announced disciplining of an official for the leak of 250+ names. However, it is not clear in what order those breaches occurred. It could still be the same chump responsible for both. Investigation of 250+ leak may have led to second discovery.
ARAP covers a problem that did not exist two months ago so was probably thrown together using whatever and whoever was available.
Am still not impressed by any mail system that accepts a very large number of recipients for a single message, regardless of address mode.
Makes you wonder if the "small group of specialists" was being progressively diverted to tackle a rising number of fraud cases, leading to a backlog of queries. They couldn't recruit more? Now the department owes GBP 1B, with an additional 15k cases reckoned untraceable and data on the deceased deleted after 4 years due to convenient data protection.
The oldest cases go back to 1985, so it sounds as if the problem really is procedural rather than due to a coding error. I suppose there is some excellent reason why on retirement the NICS record of a taxpayer could not just be copied over to the DWP in a "thats-all-folks" file. Give it the data and a VME box will happily chomp through a lot of complex rules, batch or interactive.
Then drop the ranges indicated by https://mxtoolbox.com/SuperTool.aspx?action=mx%3amcsv.net&run=toolpage and remember that they will include all of the Mandrill space which is notionally transactional. In practice RSG's toleration for bulk from those blocks has varied over the years. Any commentards managing mailservers for others would be better advised to conditionally deliver (i.e. place in junk) with a prior policy announcement to recipients.
For those suggesting / requesting free services, my experience is that any sort of entry level / taster service will be abused.
In other news, Scurvy Monkey are renaming themselves. The damage to simian-themed poo-slinging brands appears to be irreparable. Did I just muddle that last sentence?
So the council received legal advice that a legal advisor would need to charge £8k of legal fees to reverse the inadvertent publication of test data. Unless the maligned system automatically poked records into other systems, I suspect that the council received advice from a local outside body.
Half a kilometre of ice and pumice is hardly Earth-shattering (though still capable of wrecking a small nation).
https://impact.ese.ic.ac.uk/ImpactEarth/cgi-bin/crater.cgi, I went with 535m diameter, 1190 density and typical cometary velocity and theta.
By 2182 we may be looking at ways to hard-land it in an unpopulated area. Fresh water! Reverse global warming!
Now if NASA or any other agency really wants to push the CPU boat out, how about calculating the "billiards" scenario whereby one of these near-misses slingshots around either the Earth or the Moon?
That would be PCL5e if driving the traditional herd of Heaving Packhorses in the corporate Windows space. To hell with whatever the badge says on the hardware.
Allowing end users to install some driver they found on the internet is hardly a recipe for system stability, is it? I don't know why some IT teams put up with it.
Salesperson, we want a standard driver. One that runs anything we are likely to order from your brochure. Here, we've ticked them for you. If anyone wants to call off anything else from your product range, speak to us first because accounts payable have /very/ strict instructions.
Naturally we're talking exclusivity. Here's an inventory giving you some idea of the size of the existing estate. Still interested? Good. Sign here, please, in blood.
The lowest I heard of were a pack of data thieves who went after a Florida hospice, deliberately looking for the personal details of the recently deceased. That gave them the widest window for identify theft, with the bonus that the crime might never be discovered by the executors.
Would any of these prospective data consumers sign a contract saying "You accept full liability for any costs, fines or compensatory payments arising from public identification of any subject in this data"?
I thought so. Problem solved.
If they think they can get away with professing ignorance, add a few unique fictional records to each set so you know who leaked.
If they are incompetent, how is the situation deliberate? That would be malice...
But yes, paying ransoms is massively fuelling the fire, and taking funds away from correcting the faults that led to the opportunity in the first place.
Hit any beancounter budgeting for ransoms with the Colonial Pipeline case: the victims paid and the gang gave a valid decryption program that performed so slowly it was quicker to restore anyway.
A breached Constant Contact account is only a security risk if it has any deliverability... which around here it doesn't.
Unlike Sendgrid and Mailchimp / Mandrill, there is no transactional meat shield that I was aware of.
Besides, I thought all of the respectable US agencies were with GovDelivery?
A money service bureau [bank] unknowingly accepts the business of a fraudster. The MSB takes its usual fees. The victims lose, but the MSB profits [unknowingly] from the crimes. The fraud is detected and the account is frozen. The MSB holds the funds until the allegations are proven and the moneys are returned to the victims or the allegations are disproven and the account unfrozen. This may take some time, during which the balance remains with the MSB. Stage 3 applies.
Possibly correct if your honeypot is in Chennai.
Elsewhere in the world, other nets are likely to figure. For botnets, Stiff's scurvy crew say CN 1st, IN 2nd and US 3rd: https://www.spamhaus.org/statistics/botnet-cc/
I am surprised the ratio of encrypted traffic is not higher. SSL is free, domains and hosting are cheap and no-one seems to think it is their problem if a fraudster tells lies when applying for any of these.
I will be interested to see what is finally offered, but:
US products are often notoriously US-centric but sold as-is to other English-speaking nations. Never mind about different cultural values and the resulting false positives; these dictionaries will miss a lot of unpleasant local vernacular that could potentially get your senders in trouble. If you work in healthcare, also beware these dictionaries picking up "clinically correct" expressions.
A lot of Eastern European profanity is, I understand, euphemistic and only profane in context. It would take a fairly impressive AI to get that right. Other languages may pose similar problems.
As other posters have pointed out, legal and HR teams often need to handle statements verbatim. You can typically exempt their mailboxes, but that leaves them unscreened and what about shared storage? In personal communication, what is acceptable amongst friends is not so acceptable from enemies and strangers. Again, it's a matter of context.
You have a hit. You, or an automated rule, tells the sender / author not to. It doesn't take long for that person to adopt obfuscation, after which you are in a labour-intensive and ultimately fruitless loop as the possible permutations spiral beyond your product limits. Alternatively you can drop / delete / quarantine the content and create a support burden there instead.
The case for URL shortening services in an era when a URL can be conveniently represented by a short hyperlinked word is indeed marginal. SMS is regrettably one case where it is justifiable, though the [redacted] responsible for the site mentioned in the article could have done better even so. I would be curious to know if misrepresentations were made to the councils in question, or whether IT project staff on the ground failed to read the small print or possibly even the large print written in friendly crayon colours. Capita, as always, remain the clerical omelette.
To judge the worth of a shortening service, see if it offers a convenient reverse service whereby the recipient can input a link and see what it would expand to.
There appears to be a lack of detail (in the original press release, so we cannot blame El Reg) as to how the split will work. Presumably whatever laboratory capability McAfee have will go with the consumer business, and STG have no security capacity themselves with the singular exception of RSA. The nearest product they offer is a SIEM and that won't stand in for an endpoint solution.
"Until closing, McAfee will continue to conduct and operate the Enterprise business, while McAfee, STG, and the Enterprise business’ leadership team will partner to plan for a successful transition for the business, its employees, and its customers." That suggests to me that there is no plan as yet. A lot of McAfee enterprise customers must be worried.
Uservoice was useful for seeing that a problem one had discovered was in fact general, that others were complaining about it and it had not been fixed since {yore}.
With its closure, the quality of Techcommunity may go down unless the moderation becomes highly partisan.
This would also be a blow for "Microsoft Product Support" if their remuneration depended on not forwarding irate customers to Microsoft proper.
EXO message tracking will give you a quick response on anything up to 10 days ago. After that, you are in "post a request and we might get an answer today" territory - which is something you would do if you are looking for a long-standing problem, or want to know if the latest phish is from a regular correspondent.
Now if you were complaining that EXO message tracking is not real-time... which would be a near-impossible goal for any cloud solution, let alone something the size of O365. Even on-premises solutions normally have a latency of a minute or so. What annoys me about all of O365's tracking, exploring, hunting and scripting alternatives are that the results are variable, and do not say "this is up to 5 minutes ago", "up to an hour ago" or whether the results you are seeing are not in fact inclusive of the last day and a half.
Incorrect. An unaddressed spam problem will gradually rise to the point where the mailbox is unusable. I have taken over the administration of domains where the worst-case mailbox inflows were easily 80% junk if the more borderline grey mail was included.
Regarding the original article and phishing, I currently assist in the administration of a domain covering the UK, Eire and a number of other European nations. The anglophone nations appear to get more of their fair share of phishes, and can see threat patterns weeks, months or even a year before they appear in other linguospheres (if that's a word). Even other nations with a high proportion of english-speakers are left behind, and some of the phishes they do get... are in English.
Take that thought a step further, Prof. Fox.
Given the management magic quadrant of benign/malignant vs competent/incompetent (after Adams?) how long will it take one quadrant to realise that there there /is/ an inverse correlation between these metrics and actual results? Better draft that response carefully: you are now only allowed 3 posts and 3 sent mails per day!
Gaming was my first thought too - Reno is / was the registration of choice / necessity for a number of outfits?
However, see https://www.zippia.com/company/best-biggest-companies-in-reno-nv/ - there are a number of medicals there too.
Looking down the scale, isn't there also a certain ranch in Nevada? Be fscked if I can remember the name.
Thinking back to the browser wars, which ironically Microsoft appear to have finally lost with the adoption of Chromium "Edge", one of the arguments was that they were cross-subsidizing IE development with Office revenues.
Before that we had grumblings that Office enjoyed unfair access to the undocumented lower levels of Windows which its erstwhile competitors did not.
So there isn't any conflict of interest between being the auctioneer of expired domain names and running the dispute process?
Given the types of mischief that a previously-active domain can be used for, the non-profit solution would be to lock expired domains until such time as a new customer could make a good case for using an old name AND pass some sort of effective diligence. That would of course exclude 95% of the average registry's customer base.
Biting the hand that feeds IT © 1998–2022