What Are You Doing Right Now
-
Can't reach Synology support, "all circuits are busy now".
-
@scottalanmiller said in What Are You Doing Right Now:
Can't reach Synology support, "all circuits are busy now".
Got through, their support is closed (off hours.)
-
Another fun day of ransomware remediation.
-
Doing a Unifi install.
-
@scottalanmiller said in What Are You Doing Right Now:
@scottalanmiller said in What Are You Doing Right Now:
Can't reach Synology support, "all circuits are busy now".
Got through, their support is closed (off hours.)
Yes, you might get lucky and send an email too.
-
@scottalanmiller said in What Are You Doing Right Now:
Another fun day of ransomware remediation.
Another one?
-
late monday morning & ready to knock off already.
-
Public holiday here. Yay for long weekends.
However that makes Tuesday that horrid beast Muesday... where ALL of the problems from Monday AND Tuesday combine into one terrrible mess... As punishment for having time off. -
@nadnerB said in What Are You Doing Right Now:
Public holiday here. Yay for long weekends.
However that makes Tuesday that horrid beast Muesday... where ALL of the problems from Monday AND Tuesday combine into one terrrible mess... As punishment for having time off.we have next monday off. daughter's coming home so that'll be great to see her.
-
@dbeato said in What Are You Doing Right Now:
@scottalanmiller said in What Are You Doing Right Now:
Another fun day of ransomware remediation.
Another one?
Same one, got hit again because they didn't go to full scorched earth. It was a calculated risk. They know the attack vector now, though, it was identified as one of their non-IT vendors who is also in the same boat.
Internally, it was AD to spread. So they've removed AD to secure the environment.
-
@scottalanmiller said in What Are You Doing Right Now:
@dbeato said in What Are You Doing Right Now:
@scottalanmiller said in What Are You Doing Right Now:
Another fun day of ransomware remediation.
Another one?
Same one, got hit again because they didn't go to full scorched earth. It was a calculated risk. They know the attack vector now, though, it was identified as one of their non-IT vendors who is also in the same boat.
Internally, it was AD to spread. So they've removed AD to secure the environment.
which ransomeware is it?
-
@scottalanmiller said in What Are You Doing Right Now:
@dbeato said in What Are You Doing Right Now:
@scottalanmiller said in What Are You Doing Right Now:
Another fun day of ransomware remediation.
Another one?
Same one, got hit again because they didn't go to full scorched earth. It was a calculated risk. They know the attack vector now, though, it was identified as one of their non-IT vendors who is also in the same boat.
Internally, it was AD to spread. So they've removed AD to secure the environment.
If you mark admin accounts as sensetive in AD, you CAN slow it down/ stop it in its tracks as it can't impersonate admins and spread further/as fast
-
Just hung up the phone. My part is done, at least for now.
-
@scottalanmiller said in What Are You Doing Right Now:
@dbeato said in What Are You Doing Right Now:
@scottalanmiller said in What Are You Doing Right Now:
Another fun day of ransomware remediation.
Another one?
Same one, got hit again because they didn't go to full scorched earth. It was a calculated risk. They know the attack vector now, though, it was identified as one of their non-IT vendors who is also in the same boat.
Internally, it was AD to spread. So they've removed AD to secure the environment.
AD like a VPN or RDS?
-
@dbeato said in What Are You Doing Right Now:
@scottalanmiller said in What Are You Doing Right Now:
@dbeato said in What Are You Doing Right Now:
@scottalanmiller said in What Are You Doing Right Now:
Another fun day of ransomware remediation.
Another one?
Same one, got hit again because they didn't go to full scorched earth. It was a calculated risk. They know the attack vector now, though, it was identified as one of their non-IT vendors who is also in the same boat.
Internally, it was AD to spread. So they've removed AD to secure the environment.
AD like a VPN or RDS?
Nope, Just AD.
-
@scottalanmiller said in What Are You Doing Right Now:
@dbeato said in What Are You Doing Right Now:
@scottalanmiller said in What Are You Doing Right Now:
@dbeato said in What Are You Doing Right Now:
@scottalanmiller said in What Are You Doing Right Now:
Another fun day of ransomware remediation.
Another one?
Same one, got hit again because they didn't go to full scorched earth. It was a calculated risk. They know the attack vector now, though, it was identified as one of their non-IT vendors who is also in the same boat.
Internally, it was AD to spread. So they've removed AD to secure the environment.
AD like a VPN or RDS?
Nope, Just AD.
a non-IT vendor I get it but it is so vague lol
-
Just getting back in due to being out sick for last 3 days last week, Had my brothers wedding this last weekend.
-
@WrCombs said in What Are You Doing Right Now:
Just getting back in due to being out sick for last 3 days last week, Had my brothers wedding this last weekend.
Hope you are feeling better!
-
@dafyre said in What Are You Doing Right Now:
@WrCombs said in What Are You Doing Right Now:
Just getting back in due to being out sick for last 3 days last week, Had my brothers wedding this last weekend.
Hope you are feeling better!
lots better, I started feeling better Friday , after i was up half the night Thursday. Crazy stomach bug.
-
@scottalanmiller said in What Are You Doing Right Now:
@dbeato said in What Are You Doing Right Now:
@scottalanmiller said in What Are You Doing Right Now:
@dbeato said in What Are You Doing Right Now:
@scottalanmiller said in What Are You Doing Right Now:
Another fun day of ransomware remediation.
Another one?
Same one, got hit again because they didn't go to full scorched earth. It was a calculated risk. They know the attack vector now, though, it was identified as one of their non-IT vendors who is also in the same boat.
Internally, it was AD to spread. So they've removed AD to secure the environment.
AD like a VPN or RDS?
Nope, Just AD.
How was this and AD issue?