Go | New | Find | Notify | Tools | Reply | |
blame canada |
I've been contacted by all my large vendors (financial institutions) multiple times over the past few weeks to batten down the hatches on cyber-security. One of my contacts recommended that businesses unplug their routers at night and when not in use. I just received another alert from a large bank client which included a link to the Known Exploited Vulnerabilities Catalog. https://www.cisa.gov/known-exp...nerabilities-catalog I was just looking through the list and saw the vulnerabilities of firefox browsers (which like many of you, I just got done installing and setting up with the blaze plugin). I don't understand much about these lists, but I know several people here do. We've had emails and calls from our vendors, and I've seen back-line banking software taken offline at night and weekends as they're constantly battling attacks. My personal contact says they're working around the clock to repel and stay ahead of attacks right now. His recommendation last week was that you change all your passwords to everything. He also recommended unplugging work servers from the interwebs at night and when closed or not needed. I've been telling my people to be especially careful what links and emails they open and click on. I've noticed my chaplain phone which has a widely disseminated number, is getting 4-5 texts and MMS' a day now that are spam and phishing. ~~~~~~~~~~~~~~~~~~~~~~~~~ "The trouble with our Liberal friends...is not that they're ignorant, it's just that they know so much that isn't so." Ronald Reagan, 1964 ~~~~~~~~~~~~~~~~~~~~~~~~~~ "Arguing with some people is like playing chess with a pigeon. It doesn't matter how good I am at chess, the pigeon will just take a shit on the board, strut around knocking over all the pieces and act like it won.. and in some cases it will insult you at the same time." DevlDogs55, 2014  ~~~~~~~~~~~~~~~~~~~~~~~~~~ www.rikrlandvs.com | ||
|
| blame canada |
This link was shared with us and encouraged to be shared: https://www.cisa.gov/shields-up I hope this helps. ~~~~~~~~~~~~~~~~~~~~~~~~~ "The trouble with our Liberal friends...is not that they're ignorant, it's just that they know so much that isn't so." Ronald Reagan, 1964 ~~~~~~~~~~~~~~~~~~~~~~~~~~ "Arguing with some people is like playing chess with a pigeon. It doesn't matter how good I am at chess, the pigeon will just take a shit on the board, strut around knocking over all the pieces and act like it won.. and in some cases it will insult you at the same time." DevlDogs55, 2014 ~~~~~~~~~~~~~~~~~~~~~~~~~~ www.rikrlandvs.com | |||
|
| Get my pies outta the oven!  |
Uhhh Doesn’t that kinda defeat the whole purpose of a router? I’ve never heard advice like that before. | |||
|
Optimistic Cynic |
Please, everyone, take a deep breath, and get a grip. If you react to the threat of a cyber attack by initiating a DoS (denial of service) on yourself, your adversary has won without firing a shot. Personal security measures (responsible password management, web surfing, and recognition of phishing and other thought-malware) has little to nothing to do with protocol-based network attacks on server software. Be suspicious of any "alert" that conflates these very different threat profiles, be aware that it is more likely an attempt to alarm and confuse, rather than a legitimate warning. A panicked response to a poorly-understood "threat" is as apt to lead to a negative outcome as the threat itself. Those of us in the self-defense community should be able to draw parallels to debates around appropriate responses to armed attackers. I am far from saying "do nothing, everything will be alright," but threats are not new, and "activity" is always there. It doesn't have to be at "threat level == midnight" for bad shit to happen, or for responsible parties to take protective measures. | |||
|
Seeker of Clarity |
1. Know every device you have (inventory). 2. Know every software you have (inventory). 3. Know every account that you have (inventory). Then: Patch like your livelihood depends upon it. Manage your lifecycle refresh (get rid of old unsupported OS that cannot be patched). Mandate Two-Factor authentication on ever web facing resource. Disable old unused accounts. Teach staff about email-based risks. There's much more that more advanced organizations can and should do, but if you're taking cybersec advice from the SF Lounge, this is probably a good enough start. I believe would eliminate 80% of your risk. Probably more. Extra-credit -- Email is your enemy. A whitelist-based border control on email is a great tool. Everything is in quarantine unless it's from a trusted domain at the org level, or it has been added to an individual's whitelist. Checkout ChoiceMail. New sender's have to apply (manual process) to ask to be delivered. User's can ignore most of it and if something seems legit, they have to allow it in. And their radar is up at that point. Solves "similar" domain spoofing.  | |||
|
quarter MOA visionary |
No doubt using good security fundamentals should are recommended. I DO NOT think that all of a sudden there is an immediate threat because all of the Ukraine mess. Remember Y2K ??? Especially for the individual. Banks and other high profile should be more cautious but who knows what is really happening. These institutions are promoting the Russia narrative because they get attention and it they don't they will be woke-shamed. Keep up with good fundamentals on everything from browsing habits, opening emails, backups, hardware and software updates >> all what everyone should be doing anyway. To be honest what concerns me the most is with all the the super-convenient IOT connections that someday.... ....you'll regret it. Maybe not today. Maybe not tomorrow, but soon and for the rest of your life.” - Rick Blaine...  ...that someday someone will figure out how to Eff us all. Everything is connected to the Internet and all that does is give someone else an opportunity (for bad). Recently, NAS's were hit hard with Ransomware > QNAP, Synology, and others. They ALL entered with remote access and easy ways to access your stuff remotely. Everyone bashes updates but it is something that needs to be done and regularly. Sure some little thing might break and it makes someone whine and complain but overall it should be done. Use common sense and limit your exposure if possible. | |||
|
| Seeker of Clarity |
There is an increased risk of collateral damage because of this conflict (example: the current wiper threat). There is an increased risk that Russia will use ransomware because of this conflict. Everyone connected to the Internet is at some risk, and now an increased risk. Targeted human driven attacks will not likely fall upon the individual home user. Agreed there. Though these guys have been known to miss. Recently read of a small biz being given the decrypt key when the bad actors realized it wasn't who they thought it was. lol I'm particularly concerned of them pulling out some shelved zero-day attacks. I'm sure they have some dandy's in their bag. | |||
|
| Member |
Banks, government agencies, and large Corporations get 1000s of attacks an hour. Everyone from children trying to get hacker creds to nation-states trying to steal money and secrets. Nothing new here. Keep your stuff up to date with patching, have a reasonable and longish password. Unless you have a reason to be targeted the chances are you will not be noticed. Random attacks happen especially if you are unpatched and have not changed default passwords. The bad guys have bots looking for that. Most decent sized ISPs have stuff in place to protect their customers, but it can't protect you from being stupid. Clicking on phishing links and downloading questionable stuff will get you compromised easily. For the most part relax they have bigger fish to try to fry. | |||
|
| Powered by Social Strata |
 | Please Wait. Your request is being processed... |
|
© SIGforum 2024