ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Miscellaneous Tech News

    Scheduled Pinned Locked Moved News
    7.4k Posts 83 Posters 3.8m Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ObsolesceO
      Obsolesce @1337
      last edited by

      @Pete-S said in Miscellaneous Tech News:

      University of California San Francisco pays ransomware gang $1.14 million.

      The University of California, San Francisco (USCF) has paid a ransomware demand of more than $1.4m. A “limited number of servers” at the public health research facility were encrypted by Netwalker ransomware. UCSF disclosed the incident on June 3. BBC News was able to observe a live chat on the dark web involving UCSF ransom negotiations.

      Comments by Neely @ SANS

      The Netwalker operators used multiple techniques to entice UCSF into paying the ransom, including making both samples of exfiltrated data and the ransom negotiations visible to the press. For UCSF reputation risk is key to continued support as they are working on research to support the public good including a cure for C-19.

      More insight into Netwalker ransomware
      https://news.sophos.com/en-us/2020/05/27/netwalker-ransomware-tools-give-insight-into-threat-actor/

      I take it they did not have any backups, and the employees use their computers for LoB data storage.

      1 1 Reply Last reply Reply Quote 0
      • 1
        1337 @Obsolesce
        last edited by

        @Obsolesce said in Miscellaneous Tech News:

        @Pete-S said in Miscellaneous Tech News:

        University of California San Francisco pays ransomware gang $1.14 million.

        The University of California, San Francisco (USCF) has paid a ransomware demand of more than $1.4m. A “limited number of servers” at the public health research facility were encrypted by Netwalker ransomware. UCSF disclosed the incident on June 3. BBC News was able to observe a live chat on the dark web involving UCSF ransom negotiations.

        Comments by Neely @ SANS

        The Netwalker operators used multiple techniques to entice UCSF into paying the ransom, including making both samples of exfiltrated data and the ransom negotiations visible to the press. For UCSF reputation risk is key to continued support as they are working on research to support the public good including a cure for C-19.

        More insight into Netwalker ransomware
        https://news.sophos.com/en-us/2020/05/27/netwalker-ransomware-tools-give-insight-into-threat-actor/

        I take it they did not have any backups, and the employees use their computers for LoB data storage.

        My guess is that they had backups for sure, probably multiple. But anyone who can do damage for a million bucks ain't no rookie. This is organized crime. People get their throats slashed for a lot less than a million. They of course had to make sure the backups couldn't be used.

        ObsolesceO 1 Reply Last reply Reply Quote 0
        • ObsolesceO
          Obsolesce @1337
          last edited by

          @Pete-S said in Miscellaneous Tech News:

          @Obsolesce said in Miscellaneous Tech News:

          @Pete-S said in Miscellaneous Tech News:

          University of California San Francisco pays ransomware gang $1.14 million.

          The University of California, San Francisco (USCF) has paid a ransomware demand of more than $1.4m. A “limited number of servers” at the public health research facility were encrypted by Netwalker ransomware. UCSF disclosed the incident on June 3. BBC News was able to observe a live chat on the dark web involving UCSF ransom negotiations.

          Comments by Neely @ SANS

          The Netwalker operators used multiple techniques to entice UCSF into paying the ransom, including making both samples of exfiltrated data and the ransom negotiations visible to the press. For UCSF reputation risk is key to continued support as they are working on research to support the public good including a cure for C-19.

          More insight into Netwalker ransomware
          https://news.sophos.com/en-us/2020/05/27/netwalker-ransomware-tools-give-insight-into-threat-actor/

          I take it they did not have any backups, and the employees use their computers for LoB data storage.

          My guess is that they had backups for sure, probably multiple. But anyone who can do damage for a million bucks ain't no rookie. This is organized crime. People get their throats slashed for a lot less than a million. They of course had to make sure the backups couldn't be used.

          Unusable backups = no backups.

          1 Reply Last reply Reply Quote 1
          • V
            VoIP_n00b @scottalanmiller
            last edited by VoIP_n00b

            @scottalanmiller said in Miscellaneous Tech News:

            I have no reason to run unsafe valueless hobby systems.

            Isn't that the same thing you said about Proxmox? Now you're the biggest Proxmox fan like your having a love affair with it or something. Maybe FreeNAS would be the same way.

            https://community.spiceworks.com/topic/273071-thinking-of-using-proxmox-do-i-need-to-pay-for-support?page=1#entry-1758737
            https://community.spiceworks.com/topic/314260-why-does-proxmox-troll-us?page=1#entry-2054440

            JaredBuschJ scottalanmillerS 2 Replies Last reply Reply Quote 0
            • JaredBuschJ
              JaredBusch @VoIP_n00b
              last edited by

              @VoIP_n00b Would you jsut STFU Aaron. That post is from 8 fucking years ago.. There is a reason that @scottalanmiller's new post is titled "reconsidering"

              FFS pull your head out of your ass.

              1 Reply Last reply Reply Quote 1
              • black3dynamiteB
                black3dynamite
                last edited by

                https://youtube.googleblog.com/2020/06/youtube-tv-update.html
                Now it will cost $64.99

                1 Reply Last reply Reply Quote 0
                • scottalanmillerS
                  scottalanmiller @VoIP_n00b
                  last edited by

                  @VoIP_n00b said in Miscellaneous Tech News:

                  Isn't that the same thing you said about Proxmox?

                  No, did you not read the links you provided? FreeNAS is a problem because it is fundamentally flawed conceptually. That's why we say ad nauseum that NAS OSes are the problem, and FreeNAS is an example. That's 100% different than saying that hypervisor stacks are good, but Proxmox was a vendor acting badly.

                  It's honestly shocking that you could confuse those two things. The degree to which they are unrelated is... well dramatic.

                  You seem to have put a lot of effort into trying to either defend FreeNAS based on things that misdirection rather than actually showing how it would have value; or putting in a lot of effort to try to discredit me doing evaluations of products that had you put half that effort into thinking about IT concepts, you'd have come to the same conclusions and understood the products for yourself.

                  Even just the titles of the links you used tell you everything that you need to know. You didn't even read the titles! WTF dude, lol.

                  GreyG 1 Reply Last reply Reply Quote 0
                  • GreyG
                    Grey @scottalanmiller
                    last edited by

                    @scottalanmiller said in Miscellaneous Tech News:

                    @VoIP_n00b said in Miscellaneous Tech News:

                    Isn't that the same thing you said about Proxmox?

                    No, did you not read the links you provided? FreeNAS is a problem because it is fundamentally flawed conceptually. That's why we say ad nauseum that NAS OSes are the problem, and FreeNAS is an example. That's 100% different than saying that hypervisor stacks are good, but Proxmox was a vendor acting badly.

                    It's honestly shocking that you could confuse those two things. The degree to which they are unrelated is... well dramatic.

                    You seem to have put a lot of effort into trying to either defend FreeNAS based on things that misdirection rather than actually showing how it would have value; or putting in a lot of effort to try to discredit me doing evaluations of products that had you put half that effort into thinking about IT concepts, you'd have come to the same conclusions and understood the products for yourself.

                    Even just the titles of the links you used tell you everything that you need to know. You didn't even read the titles! WTF dude, lol.

                    I posted the news to keep people apprised, not to start a flame war.

                    1 Reply Last reply Reply Quote 0
                    • mlnewsM
                      mlnews
                      last edited by

                      Loot boxes: Lords call for 'immediate' gambling regulation

                      The House of Lords Gambling Committee says video game loot boxes should be regulated under gambling laws.
                      The Lords say loot boxes should be classified as "games of chance" - which would bring them under the Gambling Act 2005. "If a product looks like gambling and feels like gambling, it should be regulated as gambling," their report says. And they warn that such a change should not wait. "The Government must act immediately to bring loot boxes within the remit of gambling legislation and regulation," said a statement accompanying the report. Loot boxes have long been controversial in video games. They offer players a chance at a randomised reward when opened. To further complicate matters, boxes can often be bought for real money, and the rewards can sometimes be traded.

                      1 Reply Last reply Reply Quote 0
                      • scottalanmillerS
                        scottalanmiller
                        last edited by

                        https://www.techradar.com/news/heres-why-tape-will-always-surpass-hard-drives-and-ssds-in-storage

                        1 Reply Last reply Reply Quote 1
                        • black3dynamiteB
                          black3dynamite
                          last edited by

                          https://xen-orchestra.com/blog/xen-orchestra-5-48/

                          1 Reply Last reply Reply Quote 0
                          • mlnewsM
                            mlnews
                            last edited by

                            Zuckerberg: Advertisers will be back to Facebook 'soon enough'

                            As the ads boycott grows, Mark Zuckerberg shows no sign of backing down.
                            "My guess is that all these advertisers will be back on the platform soon enough" the Facebook chief executive has said. Campaigners accuse the tech firm of being too slow and reluctant to remove some hateful content. But Zuckerberg added: "We're not going to change our policies or approach on anything because of a threat to a small percent of our revenue." The comments were made to Facebook staff at a private meeting last Friday, and were subsequently leaked to the Information news site. The social network has confirmed they are accurate and also announced a fresh development: its chief executive is to meet the organisers of the boycott - Stop Hate for Profit.

                            1 Reply Last reply Reply Quote 0
                            • scottalanmillerS
                              scottalanmiller
                              last edited by

                              https://www.zdnet.com/article/hacker-ransoms-23k-mongodb-databases-and-threatens-to-contact-gdpr-authorities/

                              DustinB3403D 1 Reply Last reply Reply Quote 0
                              • DustinB3403D
                                DustinB3403 @scottalanmiller
                                last edited by

                                @scottalanmiller said in Miscellaneous Tech News:

                                https://www.zdnet.com/article/hacker-ransoms-23k-mongodb-databases-and-threatens-to-contact-gdpr-authorities/

                                Bunch of dumbass people who are setting up servers without any security in place.

                                scottalanmillerS 1 Reply Last reply Reply Quote 0
                                • scottalanmillerS
                                  scottalanmiller @DustinB3403
                                  last edited by

                                  @DustinB3403 said in Miscellaneous Tech News:

                                  @scottalanmiller said in Miscellaneous Tech News:

                                  https://www.zdnet.com/article/hacker-ransoms-23k-mongodb-databases-and-threatens-to-contact-gdpr-authorities/

                                  Bunch of dumbass people who are setting up servers without any security in place.

                                  It's more than that. It's not a lack of security. It's actively publishing the database publicly!

                                  ObsolesceO jmooreJ 2 Replies Last reply Reply Quote 0
                                  • ObsolesceO
                                    Obsolesce @scottalanmiller
                                    last edited by

                                    @scottalanmiller said in Miscellaneous Tech News:

                                    @DustinB3403 said in Miscellaneous Tech News:

                                    @scottalanmiller said in Miscellaneous Tech News:

                                    https://www.zdnet.com/article/hacker-ransoms-23k-mongodb-databases-and-threatens-to-contact-gdpr-authorities/

                                    Bunch of dumbass people who are setting up servers without any security in place.

                                    It's more than that. It's not a lack of security. It's actively publishing the database publicly!

                                    Exactly, if the DB is running on a server, that server should not be publicly accessible.

                                    scottalanmillerS 1 Reply Last reply Reply Quote 0
                                    • jmooreJ
                                      jmoore @scottalanmiller
                                      last edited by

                                      @scottalanmiller said in Miscellaneous Tech News:

                                      @DustinB3403 said in Miscellaneous Tech News:

                                      @scottalanmiller said in Miscellaneous Tech News:

                                      https://www.zdnet.com/article/hacker-ransoms-23k-mongodb-databases-and-threatens-to-contact-gdpr-authorities/

                                      Bunch of dumbass people who are setting up servers without any security in place.

                                      It's more than that. It's not a lack of security. It's actively publishing the database publicly!

                                      So they had a database seen by everyone? I don't understand. Hardening servers should be your first plan before it even goes active.

                                      scottalanmillerS 2 Replies Last reply Reply Quote 0
                                      • scottalanmillerS
                                        scottalanmiller @jmoore
                                        last edited by

                                        @jmoore said in Miscellaneous Tech News:

                                        @scottalanmiller said in Miscellaneous Tech News:

                                        @DustinB3403 said in Miscellaneous Tech News:

                                        @scottalanmiller said in Miscellaneous Tech News:

                                        https://www.zdnet.com/article/hacker-ransoms-23k-mongodb-databases-and-threatens-to-contact-gdpr-authorities/

                                        Bunch of dumbass people who are setting up servers without any security in place.

                                        It's more than that. It's not a lack of security. It's actively publishing the database publicly!

                                        So they had a database seen by everyone? I don't understand. Hardening servers should be your first plan before it even goes active.

                                        Shouldn't need to HARDEN something like that. For some reason, people actually disable their firewalls AND install a database AND set the database to listen publicly, be default!

                                        1 Reply Last reply Reply Quote 1
                                        • scottalanmillerS
                                          scottalanmiller @Obsolesce
                                          last edited by

                                          @Obsolesce said in Miscellaneous Tech News:

                                          @scottalanmiller said in Miscellaneous Tech News:

                                          @DustinB3403 said in Miscellaneous Tech News:

                                          @scottalanmiller said in Miscellaneous Tech News:

                                          https://www.zdnet.com/article/hacker-ransoms-23k-mongodb-databases-and-threatens-to-contact-gdpr-authorities/

                                          Bunch of dumbass people who are setting up servers without any security in place.

                                          It's more than that. It's not a lack of security. It's actively publishing the database publicly!

                                          Exactly, if the DB is running on a server, that server should not be publicly accessible.

                                          Or have no firewall. Or use "bind 0.0.0.0" as the default.

                                          1 Reply Last reply Reply Quote 0
                                          • scottalanmillerS
                                            scottalanmiller @jmoore
                                            last edited by

                                            @jmoore said in Miscellaneous Tech News:

                                            So they had a database seen by everyone?

                                            Yes. MongoDB presents as a web server. So by default, it's just a web server serving up all your data.

                                            jmooreJ DashrenderD 2 Replies Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 372
                                            • 373
                                            • 3 / 373
                                            • First post
                                              Last post