ML
    • Register
    • Login
    • Search
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    1. Home
    2. Tags
    3. breach
    Log in to post
    • All categories
    • Fredtx

      Over a million GoDaddy Hosted WordPress Sites Breached
      News • security breach godaddy • • Fredtx

      2
      1
      Votes
      2
      Posts
      191
      Views

      scottalanmiller

      @fredtx This is really GoDaddy breached. That they were running WordPress is kind of an aside.

    • scottalanmiller

      Another Microsoft Breach, 92% of LinkedIn Users Compromised
      News • breach microsoft linkedin • • scottalanmiller

      5
      1
      Votes
      5
      Posts
      227
      Views

      scottalanmiller

      @nadnerb said in Another Microsoft Breach, 92% of LinkedIn Users Compromised:

      How did the 8% avoid being compromised?

      I was wondering that.

    • WrCombs

      When Anti-Virus Companies Get Hacked: Symantec, Trend Micro, and Intel McAfee
      IT Discussion • antivirus hacked breach symantec av trend micro mcafee intel • • WrCombs

      10
      0
      Votes
      10
      Posts
      305
      Views

      scottalanmiller

      @Dashrender said in When Anti-Virus Companies Get Hacked: Symantec, Trend Micro, and Intel McAfee:

      I can't recall if the bad ccleaner was signed or not?

      Even if it was, that would be a Microsoft compromise. This is about the AV vendors getting hacked.

    • JaredBusch

      Roll20.net breached
      News • security breach roll20 • • JaredBusch

      3
      3
      Votes
      3
      Posts
      235
      Views

      dafyre

      @scottalanmiller said in Roll20.net breached:

      Sucks when a site / business like that gets hit. Just people looking to have fun 😞

      Yeah. But at least they didn't store the passwords in clear text!

    • scottalanmiller

      2.7 million calls to Sweden's public healthcare hotline open to the public
      News • security breach • • scottalanmiller

      5
      0
      Votes
      5
      Posts
      280
      Views

      D

      Another day, another security breach/problem.
      Note to myself: Am I getting used to that?

    • scottalanmiller

      Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah
      IT Discussion • msp ransomware security breach • • scottalanmiller

      111
      6
      Votes
      111
      Posts
      2627
      Views

      scottalanmiller

      @PhlipElder said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:

      @Pete-S said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:

      @PhlipElder said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:

      @Dashrender said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:

      @dafyre said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:

      @PhlipElder said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:

      All it takes is one absentminded click or drive-by that's completely shielded from us as we go about the day to day stuff and it's done. Game over. Say, "Bubbye".

      There's always going to be that risk or one absentminded click.

      Granted an Air-gapped PWA is a good way to handle it.... but so is not saving passwords in RDP files (I don't do this), and if you use an app like MobaXterm that can encrypt the files for you, use a good pass phrase.

      However if your admin machine is owned, you have bigger issues to start with.

      Well, the idea is that the air-gapped machine won't ever be in a situation to become compromised, is my guess. I haven't had a chance to look at the MS link Philip sent earlier.

      There are several ways to implement with the simplest being the main machine having two VMs installed on it. One for day-to-day and one for client/systems management. Nothing is done on the machine itself with all designated tasks being done in their respective VM.

      We have a number of laptops that came back from client refreshes. So, we're using them as our dedicated management machines. Asus makes a great external USB3 DisplayLink and DisplayPort external monitor that allows for two screens. That makes the work easier.

      There is security leakage between VMs on a client machine for instance over clipboard.

      Have a look at Qubes. https://www.qubes-os.org/

      It's probably the best implementation of security separation to date.

      Using the Hyper-V VM Console without RDS pass-through eliminates any access to the VM beyond console.

      Same with KVM or whatever.

    • mlnews

      Google+ bug exposes non-public profile data for 52 million users
      News • google google+ breach exposure security ars technica • • mlnews

      1
      1
      Votes
      1
      Posts
      228
      Views

      No one has replied

    • mlnews

      Hackers breach US defense department travel records
      News • security breach dw • • mlnews

      1
      1
      Votes
      1
      Posts
      257
      Views

      No one has replied

    • mlnews

      Delta Airlines and Sears Have Large Credit Card Breach Through Third Party Shared Service Firm
      News • security breach sears delta • • mlnews

      5
      2
      Votes
      5
      Posts
      610
      Views

      JaredBusch

      @aaronstuder said in Delta Airlines and Sears Have Large Credit Card Breach Through Third Party Shared Service Firm:

      @harry-lui It is accepted everywhere...

      Not true.

    • mlnews

      Under Armor Security Breach Exposes 150 Million User Accounts
      News • breach security privacy • • mlnews

      2
      1
      Votes
      2
      Posts
      396
      Views

      Kelly

      @mlnews said in Under Armor Security Breach Exposes 150 Million User Accounts:

      Under Armor's MyFitnessPal has been compromised in a breach discovered on March 25 exposing 150 million user accounts.

      I wonder if it is a state sponsored breach trying to obtain location data for things that are officially not there.

    • mlnews

      Large Data Breach in South Africa
      News • security breach • • mlnews

      1
      2
      Votes
      1
      Posts
      435
      Views

      No one has replied

    • mlnews

      Microsoft Internal Vulnerability System Breached in 2013, Went Unreported
      News • microsoft windows security breach closed source software software • • mlnews

      6
      3
      Votes
      6
      Posts
      956
      Views

      dbeato

      Nowadays they wouldn't get away on this. Maybe Troy Hunt will say something 😛

    • mlnews

      Equifax Has 143 Million Americans Data Compromised
      News • equifax security breach • • mlnews

      57
      2
      Votes
      57
      Posts
      4810
      Views

      coliver

      @nerdydad said in Equifax Has 143 Million Americans Data Compromised:

      Because of this contract, now the government has a stake in the game. They will probably do a full investigation to see if their information was compromised, who was incompetent, who made the decisions, etc.

      https://techcrunch.com/2017/10/03/former-equifax-ceo-says-breach-boiled-down-to-one-person-not-doing-their-job/
      http://money.cnn.com/2017/10/03/news/companies/equifax-ceo-congress/index.html

      This contract with the IRS that was just rewarded on Friday?

      I doubt there will be any governmental or organizational blow back. Everyone is already on to the next big thing that comes from twitter.

    • DustinB3403

      Apache Struts - Critical Security Flaw
      News • apache struts vulnerability httpd equifax breach millions • • DustinB3403

      21
      0
      Votes
      21
      Posts
      2380
      Views

      coliver

      @jaredbusch said in Apache Struts - Critical Security Flaw:

      Was the Eqifax breech because of the march strus flaw or a more recent one?

      Just making sure the actual facts are known.

      The one from March.

    • stacksofplates

      Another Gov't (maybe) Breach
      IT Discussion • security govenment breach • • stacksofplates

      6
      1
      Votes
      6
      Posts
      999
      Views

      travisdh1

      @stacksofplates said in Another Gov't (maybe) Breach:

      @scottalanmiller said in Another Gov't Breach:

      When you hire the lowest bidder in a market segment with no pride in their work, the number of resources isn't really a factor.

      im just trying to understand from my experience with this. Money is thrown at things, not people. Very expensive things are purchased and sometimes never used and just sit there. But they can't "afford" to pay for real talent.

      That's what I meant with unlimited resources. Again only in my experience, the money is thrown in the most incorrect place possible.

      I'm seeing this all the time, everywhere right now.

    • mlnews

      Terrestrial Broadcast Television Signals Hack Smart TVs
      News • security breach samsung ars technica youtube • • mlnews

      1
      3
      Votes
      1
      Posts
      598
      Views

      No one has replied

    • scottalanmiller

      One Billion Additional Yahoo Accounts Compromised
      News • breach yahoo security bbc • • scottalanmiller

      4
      0
      Votes
      4
      Posts
      881
      Views

      Dashrender

      LOL That company just needs to turn off all of it's servers, sell off everything and divy up the money to the shareholders!

    • scottalanmiller

      HPE Laptop Compromises US Navy Sailor's Personal Data
      News • hpe security breach • • scottalanmiller

      5
      0
      Votes
      5
      Posts
      1135
      Views

      JaredBusch

      @scottalanmiller said in HPE Laptop Compromises US Navy Sailor's Personal Data:

      @DustinB3403 said in HPE Laptop Compromises US Navy Sailor's Personal Data:

      If it doesn't effect the government overall why do I really care?

      all hardware developers (and mainstream software) are culpable when it comes to this.

      Why the military hasn't moved to Linux "globally" is insane.

      I'm very lost as to what you are saying. What does the OS, hardware developers or anything else random have to do with the situation?

      ancient-aliens.jpg

    • scottalanmiller

      Yahoo Caught Giving Email Contents to Government Agencies
      Water Closet • yahoo security breach • • scottalanmiller

      22
      3
      Votes
      22
      Posts
      3049
      Views

      scottalanmiller

      @Dashrender said in Yahoo Caught Giving Email Contents to Government Agencies:

      Can't gmail act like a Pop3 client and go get the mail? So this really doesn't keep people from using another service like gmail.

      O365 does too. And any client like Thunderbird or Outlook would fix this too.

    • scottalanmiller

      Yahoo Breach Hit Half Billion Users
      News • yahoo breach security • • scottalanmiller

      10
      5
      Votes
      10
      Posts
      1570
      Views

      bbigford

      @scottalanmiller said in Yahoo Breach Hit Half Billion Users:

      Attack on Yahoo hit 500 million users
      http://www.bbc.co.uk/news/world-us-canada-37447016

      I was wondering when it was going to be confirmed. Yahoo kept wiping their brow and saying "Man, this is going to lower our value to Verizon... how do we spin this?"