|
i think it happens a bunch, or at least ive heard about it more than once
|
# ? Jul 26, 2021 19:36 |
|
|
# ? Apr 26, 2024 08:09 |
|
yeah, every now and then there is a story about it, usually about how they arrested the guy for it
|
# ? Jul 26, 2021 19:52 |
|
Ansible Adams posted:this is a total shitpost but i wonder how many people have tried to ransomware their own employer. seems like if you were a disgruntled IT person with even a little knowledge of the network topology and worked at a company with poor security hygiene, itd be pretty easy to do. is that part of the traditional 'insider threat' threat model these days 2) don't ransomware if you don't live in RU/NK
|
# ? Jul 26, 2021 19:59 |
even if you live in russia, you’ll get popped very quickly if you ransomware an inappropriate target
|
|
# ? Jul 26, 2021 20:32 |
|
Ansible Adams posted:this is a total shitpost but i wonder how many people have tried to ransomware their own employer. seems like if you were a disgruntled IT person with even a little knowledge of the network topology and worked at a company with poor security hygiene, itd be pretty easy to do. is that part of the traditional 'insider threat' threat model these days No idea how often it actually happens, but it is certainly part of insider threat considerations.
|
# ? Jul 26, 2021 22:57 |
|
I wonder how many Intel/Google/Microsoft/etc employees are honest-to-god chinese government spies.
|
# ? Jul 27, 2021 00:13 |
|
Methanar posted:I wonder how many Intel/Google/Microsoft/etc employees are honest-to-god chinese government spies. they probably do too!
|
# ? Jul 27, 2021 00:51 |
|
Methanar posted:I wonder how many Intel/Google/Microsoft/etc employees are honest-to-god chinese government spies. Me too. i'm sure that the people whose entire job is insider threats have some estimate, but people always seem a little shocked when i say stuff about there definitely being chinese, russian, etc spies in the org
|
# ? Jul 27, 2021 02:18 |
|
CRIP EATIN BREAD posted:it was rubi-con i have never seen anyone reach for a trash can that urgently who wasn't inside their own home
|
# ? Jul 27, 2021 02:39 |
|
fisting by many posted:i have never seen anyone reach for a trash can that urgently who wasn't inside their own home the motion blur fuckin sent me
|
# ? Jul 27, 2021 02:41 |
|
What in the world warranted this?
|
# ? Jul 27, 2021 02:44 |
|
lol https://twitter.com/dangoodin001/status/1419799335206752260
|
# ? Jul 27, 2021 03:48 |
|
Proteus Jones posted:What in the world warranted this? probably the fireworks people were lighting off inside the hotel
|
# ? Jul 27, 2021 03:52 |
|
allegedly the biggest expense for the event (for the 4 years it lasted) was the bill for damages to the hotel
|
# ? Jul 27, 2021 03:54 |
|
I mean yeah, that's how OpenVPN works?
|
# ? Jul 27, 2021 06:37 |
|
CRIP EATIN BREAD posted:allegedly the biggest expense for the event (for the 4 years it lasted) was the bill for damages to the hotel thats how they get ya
|
# ? Jul 27, 2021 06:44 |
|
Mustache Ride posted:Pretty sure it was HoHoCon, which is basically the same thing but in Houston your mother runs a conference???
|
# ? Jul 27, 2021 11:11 |
|
lol but also lol @ using a vpn for anything more than hiding your IP from hbo
|
# ? Jul 27, 2021 12:19 |
|
Wait i had it on good authority from mister taviso that browsers are the best way to store passwords https://threatpost.com/npm-package-steals-chrome-passwords/168004/ Ansible Adams posted:this is a total shitpost but i wonder how many people have tried to ransomware their own employer. seems like if you were a disgruntled IT person with even a little knowledge of the network topology and worked at a company with poor security hygiene, itd be pretty easy to do. is that part of the traditional 'insider threat' threat model these days Maybe but most people are loving terrible at crime, and it's something you can only do once before you become un-hire-able ever again or move to Russia
|
# ? Jul 27, 2021 13:07 |
|
Ansible Adams posted:this is a total shitpost but i wonder how many people have tried to ransomware their own employer. seems like if you were a disgruntled IT person with even a little knowledge of the network topology and worked at a company with poor security hygiene, itd be pretty easy to do. is that part of the traditional 'insider threat' threat model these days narc
|
# ? Jul 27, 2021 13:13 |
|
ate poo poo on live tv posted:No idea how often it actually happens, but it is certainly part of insider threat considerations. junior narc
|
# ? Jul 27, 2021 13:14 |
|
Methanar posted:I wonder how many Intel/Google/Microsoft/etc employees are honest-to-god chinese government spies. 🥇 gold narc has to go to this one though for the switcharoo. international snitch disinformation secures the win
|
# ? Jul 27, 2021 13:18 |
|
Methanar posted:I wonder how many Intel/Google/Microsoft/etc employees are honest-to-god chinese government spies. this was kind of the kickoff event from that show devs. Russian spy gets access to super secret program at some tech company, gets killed, and the show goes from there. I liked it a lot, super moody
|
# ? Jul 27, 2021 13:50 |
|
ewiley posted:Wait i had it on good authority from mister taviso that browsers are the best way to store passwords once you're running exploited code locally i don't think anything is all that secure for password storage, the second you unlock your vault if it's being targeted it's game over
|
# ? Jul 27, 2021 13:51 |
|
operating systems have the concept of secure memory and any decrypted passwords should be stored there and not to disk anything else is clown poo poo for idiots (like web devs)
|
# ? Jul 27, 2021 14:18 |
|
CRIP EATIN BREAD posted:operating systems have the concept of secure memory and any decrypted passwords should be stored there and not to disk
|
# ? Jul 27, 2021 14:23 |
|
CRIP EATIN BREAD posted:operating systems have the concept of secure memory and any decrypted passwords should be stored there and not to disk "should" is doing a lot of heavy lifting there. a few years ago i remember reading that all the major pwm vendors did a poo poo job at it, hopefully they've improved. i use a pwm (bitwarden these days) but i still assume if i get tricked into running a compromised executable i'm hosed
|
# ? Jul 27, 2021 14:28 |
|
malware doesn’t have to hide execution if it can trick the user into doing it for them
|
# ? Jul 27, 2021 14:38 |
|
yeah, as a matter of defense in depth it is good if passwords are not lying around, but as always you can assume that there's a hundred kinds of local privilege escalation in the wild at every point, and this is not even that firm a boundary.
|
# ? Jul 27, 2021 14:41 |
|
spankmeister posted:I mean yeah, that's how OpenVPN works?
|
# ? Jul 27, 2021 14:45 |
|
mystes posted:Chrome isn't storing decrypted passwords to disk. This is running a program that decrypts them. lmao this is even worse then. chrome just keeps getting worse and worse.
|
# ? Jul 27, 2021 14:51 |
|
CRIP EATIN BREAD posted:lmao this is even worse then.
|
# ? Jul 27, 2021 14:56 |
|
You all should really read this articlequote:Using static analysis, researchers found the Win32.Infostealer.Heuristics file in several versions of the nodejs_net_server package. Its metadata showed that the file’s original name was “a.exe” and that it was located inside the “lib” folder. A single-letter filename with an extension like that raises a red flag to threat hunters, the researchers noted. Sure enough, a.exe turned out to be a utility called ChromePass: a legitimate tool used to recover passwords stored inside of a Chrome web browser. quote:ReversingLabs analysts dug up a development “fun fact” when picking through nodejs_net_server code: Its author, chrunlee, not only authored a credential-stealer but also accidentally published their own, stored login credentials, cheek-to-jowl with the password grabber, opening the author themself up to attack. ewiley fucked around with this message at 15:13 on Jul 27, 2021 |
# ? Jul 27, 2021 15:11 |
|
ngl chrunlee is a p good username
|
# ? Jul 27, 2021 15:19 |
|
Shame Boy posted:ngl chrunlee is a p good username Same, I thought chrun was some obscure Unix command and that this was a pro tier choice.
|
# ? Jul 27, 2021 16:50 |
|
Methanar posted:I wonder how many Intel/Google/Microsoft/etc employees are honest-to-god chinese government spies. that story about the twitter tech support guy being a saudi asset was cool
|
# ? Jul 27, 2021 17:14 |
|
ewiley posted:Wait i had it on good authority from mister taviso that browsers are the best way to store passwords that movie is exactly what made me think of it lol. perfect angle for a reboot
|
# ? Jul 27, 2021 17:15 |
|
i think there would be way more people who are unwitting or blackmailed co-operators of state actors than people who join companies with the express intent to be a spy (those definitely exist too). in the end modern large scale software development almost always have a bunch of known gaps and it's just a matter of some dev pointing out where to start looking which is why trainings are all about "no matter how silly or pointless the information may be, don't share it with random people"
|
# ? Jul 27, 2021 17:34 |
|
If it's an actual government you're probably screwed anyway.
|
# ? Jul 27, 2021 17:46 |
|
|
# ? Apr 26, 2024 08:09 |
|
Then again, ransoming your own company could also make you rich
|
# ? Jul 27, 2021 17:52 |