This is not tec news. it belongs in the non-it thread.

Also, a lawsuit against Facebook is pointless. The CA stuff was an exploit that was resolved and CA lied about removing the data they obtained. So sue CA, not FB. FB has no way to know that CA lied about something like that. They have no access to CA servers.

Not saying FB hasn't done other shit worthy of a lawsuit, but not for this instance.

@dbeato said in City of Atlanta Shuts Down Due to Ransomware:

I don't even understand why Cisco needed to be involved let alone Microsoft... I guess they don't have an IT Team.

Yeah, pretty weird. No wonder these companies get compromised, they don't have any relevant staff. It's like getting robbed and realizing you have no facilities people locking the front door!

@bnrstnr said in Tamper Proof Currency Wallet Pwned by Fifteen Year Old:

@travisdh1 This one?
F2EnQhB.gif

That's the one, my search skills are lacking today apparently.

Not particularly good, actually. Good to spread awaremenss, but the information was mostly spotty with a chance of confusion.

I've been dreaming of creating my own RD gateway authentication plugin - but I doubt I will ever find the time.

@travisdh1 said in MoviePass CEO Backpedals After Accidentally Admitting to Spying on Customers:

@dustinb3403 said in MoviePass CEO Backpedals After Accidentally Admitting to Spying on Customers:

@scottalanmiller said in MoviePass CEO Backpedals After Accidentally Admitting to Spying on Customers:

Movie theaters love it since all the profit is in the food anyway.

That'll be $22 please.

For a goddamn popcorn and a small soda!?

$22? Ouch, I'd so much rather be unemployed and living here then employed in most other areas of the country. That's like $9 here.

Got to be $40 here.

More remote code vulnerabilities. Haven't had time to look at what product(s) yet.
https://tools.cisco.com/security/center/publicationListing.x

It’s coincidental. Not visiting them 🙂

@momurda said in Only 50% of Cyber Security Attacks Target Small Businesses:

What are you defining as a cyberattack?

Where "you" = "National CyberSecurity Alliance"

PTT is a way of provider TPM, they are not two separate things. PTT is a non-dedicated hardware approach to TPM 2.0. PTT is designed for low power devices, often used in industrial computing.

Traditionally TPM requires a TPM module, a dedicated hardware processor and firmware for security. With TPM 2.0 dedicated hardware is no longer required. PTT is Intel's implementation of TPM 2.0 for low power systems.

@black3dynamite said in Meltdown Shows Why to Avoid LTS Releases:

What makes Red Hat and SUSE exempt compare to CentOS and OpenSUSE leap? Because we are paying for the support?

Nothing makes them exempt, they ARE CentOS and Leap, just paid for instead of free. They suffer just the same.

Here’s mine based off of the DISA STIGS.

https://mangolassi.it/topic/15041/ansible-hardening-role

@scottalanmiller said in What does Quad9 do the Pihole does not:

@thwr said in What does Quad9 do the Pihole does not:

@jaredbusch said in What does Quad9 do the Pihole does not:

@thwr said in What does Quad9 do the Pihole does not:

Just from reading I would say he's using Quad9 as upstream DNS for his PiHole (which is used by clients)

I know that. I mean, what is the service Quad9 doing.

It's another "privacy" friendly DNS driven by IBM, Packet Clearing House (PCH) and Global Cyber Alliance (GCA). Placed as an alternative to Google's DNS

"Privacy friendly" is what we are worried about. It's from the US gov't so we really don't trust it.

I'm sure you've noticed the quotes around "privacy".

@black3dynamite said in Least Privilege Accounts Setup:

@zachary715 said in Least Privilege Accounts Setup:

@jaredbusch said in Least Privilege Accounts Setup:

@jaredbusch said in Least Privilege Accounts Setup:

@zachary715 said in Least Privilege Accounts Setup:

@jaredbusch said in Least Privilege Accounts Setup:

I create an AD account specifically for local admin rights.

This account information is ususally given to department managers.
So if software or something needs installed, and they choose not to contact me, they can.

They are also warned that fixing something will be billed...

So you have one AD account setup that multiple department managers use when they need something that requires admin privileges? And then what you give that account local admin rights on each machine, or give it some sort of admin authority within the domain itself?

That account gets local admin rights only. No other access.

If I was an on site IT department, I woudl probably do it a bit different. I would have time to experiment and setup better methods.

Yeah this is what I'm going through now and why I'm coming to the community to get input. Trying to think through this carefully and make sure I do it right and the way I want it done the first time.

With the help of GPO Preferences, you could take advantage of using Item-level targeting for Local Users and Groups to fine tune who should have local admin privileges depending on the user, groups and/or computers.

This is what I do. Works like a champ.

@scottalanmiller said in Cisco: we're not competent.:

https://arstechnica.com/information-technology/2018/02/that-mega-vulnerability-cisco-dropped-is-now-under-exploit/

They can own all the ASAs!

@scottalanmiller said in Botnet Security Alert on Sonicwall:

@tim_g said in Botnet Security Alert on Sonicwall:

@scottalanmiller said in Botnet Security Alert on Sonicwall:

@tim_g said in Botnet Security Alert on Sonicwall:

@scottalanmiller said in Botnet Security Alert on Sonicwall:

@jaredbusch said in Botnet Security Alert on Sonicwall:

@scottalanmiller said in Botnet Security Alert on Sonicwall:

@jaredbusch said in Botnet Security Alert on Sonicwall:

@scottalanmiller said in Botnet Security Alert on Sonicwall:

@tim_g said in Botnet Security Alert on Sonicwall:

Latest news is saying a half million sized botnet is mining line to, and one of the targets are Linux SQL servers.

What's a Linux SQL server? Anything running a relational database? How do they target them?

I assumed that one meant Linux servers running MS SQL.

I had thought of that, but that seemed so unlikely.

Not really. I mean you know how good Windows people patch right?

That's true. But it seems like a worthless target. How many of these can there be yet?

Probably nothing outside of labs / testing.

Why would you run MS SQL on Linux when an MS SQL license includes an OS license?
Why would you run MS SQL on Linux when there are better options to run on Linux?

MS SQL licenses include an OS license?

Maybe not. I thought about it again and I think I got that mixed with System Center including an MS SQL license.

Ah, okay. I was really confused there. I've always priced it out with Server + SQL Server licenses and CALs. Was hoping I hadn't been adding all that in extra all this time 🙂

You were not doing it wrong.

Like I said, it was a couple years ago. Make sure to go through their documentation well.