Because of this contract, now the government has a stake in the game. They will probably do a full investigation to see if their information was compromised, who was incompetent, who made the decisions, etc.
Ya, so there must have been a change at some point. Setting the zone to drop and then adding services allows those services through. Firewalld site shows what your book says is correct and what (I'm 99% sure) I saw when I initially started with the SCAP stuff last year:
When you hire the lowest bidder in a market segment with no pride in their work, the number of resources isn't really a factor.
im just trying to understand from my experience with this. Money is thrown at things, not people. Very expensive things are purchased and sometimes never used and just sit there. But they can't "afford" to pay for real talent.
That's what I meant with unlimited resources. Again only in my experience, the money is thrown in the most incorrect place possible.
I'm seeing this all the time, everywhere right now.
@scottalanmiller While I think the scope of the request is a bit broad and has privacy concerns for other people not related to those arrested. I do not believe that there is an issue with the government trying to see if the people that were arrested did go to that website and did plan. It changes what charges and what sentencing can be rendered so it is pertinent to the case. I believe it should be a more narrow request than what it was.
Right, a narrow, appropriate request would be for the court case. This is not what a warrant related to the court case would look like.
I also know though you always ask for the moon and then settle for what you really want.
If they get the chance to do that. And you don't ask for the moon when it makes it into a court case exposing your department for corruption and an attack on the American people and the appearance of attempting to stifle free speech in order to promote a political agenda.
Most of the time it is just cheaper to pay the fine rather than practice good security. I recently read about a health organization that had a million records compromised. They were fined $3.5 million, so about $3.50 a record. Alot of companies figure it is better to just take the chance and even if you do get hacked it is still cost less than having a good security program.
That's often the case. Same thing with credit cards. Cheaper to pay for bad transactions than to pay for better security in the cards.
Yeah. These companies get rewarded for not having security. Just because you have terrible security, doesnt mean you will get breached either. How many are flying under the radar that we don't know about?
No the bigger question is, how many have been breached that they aren't aware of it, and the effects are low enough that it's not tripping any alarms?
Any good breach will be that way - no one knows except that data is out there, somewhere.
Agent based network abstraction is an interesting alternative to traditional VPN.
It's still traditional VPN, though. Other than automating the configuration, it's all stuff you could have done with OpenVPN or whatever decades ago. It's nice that it auto-configures and it is a great product (or was, appears mostly abandoned now) but it's not an alternative or new VPN, it's just a mesh VPN setup.
Sure, but the SMM issue is really outside of Lenovo because all PC makers can use it.
Can use it and do use it are different issues, but both are important as well.
Many do use it to deploy Compu Trace as previously mentioned.
Right, as an exploit as is very clear. All kinds of well intentioned software can be exploited by bad actors. In fact, at the base of it, all code is based on chips and languages that were intended for good but exploited for other purposes.
After monitoring this new outbreak for 24 hours, I came to the conclusion we were dealing with cyber warfare, and not ransomware. Two separate reports coming from Comae Technologies and Kaspersky Lab experts confirm this now.
NotPetya is a destructive disk wiper similar to Shamoon which has been targeting Saudi Arabia in the recent past. Note that Shamoon actually deleted files, NotPetya goes about it slightly different, it does not delete any data but simply makes it unusable by locking the files and then throwing away the key. The end result is the same.
Someone is hijacking known ransomware families and using them to attack Ukrainian computer systems. Guess who.
You never had a chance to recover your files. There are several technical indicators that NotPetya was only made to look as ransomware as a smoke screen:
It never bothers to generate a valid infection ID
The Master File Table gets overwritten and is not recoverable
The author of the original Petya also made it clear NotPetya was not his work
This has actually happened earlier. Foreshadowing the NotPetya attack, the author of the AES-NI ransomware said in May he did not create the XData ransomware, which was also used in targeted attacks against Ukraine. Furthermore, both XData and NotPetya used the same distribution vector, the update servers of a Ukrainian accounting software maker.
Catalin Cimpanu, the Security News Editor for Bleepingcomputer stated: "The consensus on NotPetya has shifted dramatically in the past 24 hours, and nobody would be wrong to say that NotPetya is on the same level with Stuxnet and BlackEnergy, two malware families used for political purposes and for their destructive effects. Evidence is clearly mounting that NotPetya is a cyber-weapon and not just some overly-aggressive ransomware."
Cybersecurity has moved from tech to a CEO and Board-level business issue
You did not sign up for this, but today it is abundantly clear that as an IT pro you are have just found yourself on the front line of 21-st century cyber war. Cybersecurity has moved from tech to a CEO and Board-level business issue. I strongly suggest you have another look at your defense-in-depth, and make sure to:
Have weapons-grade backups
Step users through new-school security awareness training.