sylver_dragon
This is a good example of why a zero trust network architecture is important. This attack would require the attacker to be able to SSH to the management interface of the device. Done right, that interface will be on a VLAN which has very limited access (e.g. specific IPs or a jumphost). While that isn’t an impossible hurdle for an attacker to overcome, it’s significantly harder than just popping any box on the network. People make mistakes all the time, and someone on your network is going to fall for a phishing attack or malicious redirect or any number of things. Having that extra layer, before they pop the firewall, gives defenders that much more time to notice, find and evict the attacker.
Also, Whiskey, Tango, Foxtrot Cisco?
This article brought to you by the manufacturers of the interceptor missiles.
If we were actually in a hot war or expecting one very soon, yes we would want to ramp production like the US did during WWII. Right now, the excessive costs of wartime production should not be considered. It’s always best to remember Eisenhower’s words:
Every gun that is made, every warship launched, every rocket fired signifies, in the final sense, a theft from those who hunger and are not fed, those who are cold and are not clothed. This world in arms is not spending money alone. It is spending the sweat of its laborers, the genius of its scientists, the hopes of its children. The cost of one modern heavy bomber is this: a modern brick school in more than 30 cities. It is two electric power plants, each serving a town of 60,000 population. It is two fine, fully equipped hospitals. It is some fifty miles of concrete pavement. We pay for a single fighter with a half-million bushels of wheat. We pay for a single destroyer with new homes that could have housed more than 8,000 people. . . . This is not a way of life at all, in any true sense. Under the cloud of threatening war, it is humanity hanging from a cross of iron.
Seen this one in my work environment. Confusing as heck the first time. It looks like explorer.exe in the context of the local user starts PowerShell.exe with a command line involving an Invoke-WebRequest
piping the download into an Invoke-Expression
(usually the shorter iex
alias). No .lnk or .js file involved. Just explorer, PowerShell, infected.
Absolutely. I’m a fan of a team which is not in my “local market”. As best I can tell, there isn’t actually a way for me to stream all of the games for that team. Even looking at the Sunday Ticket service, it seemed like it was a mess of “you can stream some games, except for cases A, B, C and when the Moon is in the House of Scorpio on the third Sunday after Venus transits Leo”. And there seemed to be weird device restrictions with similarly arcane timing.
I’d be happy to pay for “Steam all games of Team X for $Y on any device”. Even if the only choice was “Pay $Z to stream all the games on any device”. But, being dicked around to actually follow one team has meant that I only watch games when they randomly line up with streaming services I do have. Otherwise, I catch the highlights the next day on Youtube (the NFL’s official channel posts them).
I can absolutely understand folks using pirate streams. The official service is pretty terrible versus the pirates services, which are pretty functional.
Chilean Sea Bass Crackers
Hmm, sounds fishy.
Ya, in fairness to MS, Windows XP was a good release (post SP1, like most “good” MS releases). But, the fact is that MS is going to push the latest version, regardless of how ready it is for use. MS was hot for folks to switch to Windows ME. And holy fuck was that a terrible OS. MS also did everything short of bribery to get folks to switch to Vista (anyone remember Windows Mojave?). The “upgrade, or else” mantra has always been their way. Not that I blame them too much, it does need to happen. It just sucks when the reason for the new OS is more intrusive ads and user tracking.