hate these ads?, log in or register to hide them
Page 37 of 43 FirstFirst ... 2734353637383940 ... LastLast
Results 721 to 740 of 846

Thread: Antivirus is shit, everything is compromised, etc etc (Cybersecurity thread)

  1. #721
    Donor halbarad's Avatar
    Join Date
    April 9, 2011
    Posts
    4,999
    We've for mfa set up so that it only prompts outside the office. I'll ask how we have it configured when I'm back in town on Monday and let you know. It's probably conditional access or something, I haven't looked at mfa in O365 so I'm not sure.

  2. #722
    Lana Torrin's Avatar
    Join Date
    April 13, 2011
    Location
    Bonding around
    Posts
    19,533
    Quote Originally Posted by halbarad View Post
    We've for mfa set up so that it only prompts outside the office. I'll ask how we have it configured when I'm back in town on Monday and let you know. It's probably conditional access or something, I haven't looked at mfa in O365 so I'm not sure.
    This. We have outside of organisation completely locked out unless you are a member of a specific group. This is done with rules in ADFS so o365 has no clue who does and who doesnt have access. You need to be authing from our internal ranges or you just get a flat out no. We could modify it to use any 2FA for external that windows supports (so quite a lot) and again, its done in the ADFS part so o365 has no clue whats going on.. Works for us as we don't want "normal" staff to access their email outside of work.

    Today our new servers turned up.. Its only taken 11 months to get them approved and paid for. I can now (ok next week as its late now) start migrating away from some of these server 2003 VMs (server 2019 licences were included in the purchase).
    Quote Originally Posted by lubica
    And her name was Limul Azgoden, a lowly peasant girl.

  3. #723

    Join Date
    May 30, 2011
    Location
    asleep
    Posts
    6,592
    Quote Originally Posted by halbarad View Post
    We've for mfa set up so that it only prompts outside the office. I'll ask how we have it configured when I'm back in town on Monday and let you know. It's probably conditional access or something, I haven't looked at mfa in O365 so I'm not sure.
    Awesomesauce. I'm getting a quote for the advanced AAD stuffs now.

    Quote Originally Posted by Lana Torrin View Post
    This. We have outside of organisation completely locked out unless you are a member of a specific group. This is done with rules in ADFS so o365 has no clue who does and who doesnt have access. You need to be authing from our internal ranges or you just get a flat out no.
    I wish

    Today our new servers turned up.. Its only taken 11 months to get them approved and paid for. I can now (ok next week as its late now) start migrating away from some of these server 2003 VMs (server 2019 licences were included in the purchase).
    hooray *celebrate*
    Please don't teach me what to do with my pc.

  4. #724

    Join Date
    May 31, 2011
    Posts
    4,453
    Look Ma, I did it again. This time I've got your private keys!

    Quote Originally Posted by TFA
    In a paper scheduled for release soon, researchers document how they were able to exploit the newly discovered leak to recover an elliptic curve private key from a server running an OpenSSL-powered TLS server.
    tl;dr
    Processor side-channel vulnerability, discovered on Intel Skylake and Kaby Lake, but most likely not restricted to Intel.

  5. #725

    Join Date
    April 13, 2011
    Posts
    6,886
    Eh, it's a timing attack. They're pretty easy to guard against.

  6. #726
    Shaftoes's Avatar
    Join Date
    April 9, 2011
    Location
    Ships
    Posts
    1,761
    Another tales from tech support story cyber-security story that I found highly amusing


    Part 1: https://www.reddit.com/r/talesfromte...ppens_at_once/
    Part 2: https://www.reddit.com/r/talesfromte...ce_conclusion/

  7. #727

    Join Date
    April 13, 2011
    Posts
    6,886
    Quote Originally Posted by Shaftoes View Post
    Another tales from tech support story cyber-security story that I found highly amusing


    Part 1: https://www.reddit.com/r/talesfromte...ppens_at_once/
    Part 2: https://www.reddit.com/r/talesfromte...ce_conclusion/
    Ah, if only all security assessors were this competent.

    I received a "critical vulnerability report" last week telling us one of our products had a SQL injection vulnerability. The way this has been determined was pointing a scanner at all well-known REST endpoints and throwing the usual ';;;SELECT * FROM credentials' and other such 90s-era cruft at it.

    They reported that we were passing through SQL strings and executing them unvalidated. I found this to be unusual because the application they were testing doesn't have a SQL database attached. In fact, it's a search application using solr under the covers. Poker face applied, I asked for the details.

    They were shocked to discover that throwing 'AND 1=0' into a plain text search query does in fact change the results the search engine returns.

    They were slightly more shocked to find I'd asked their client never to employ them again.

  8. #728

    Join Date
    May 31, 2011
    Posts
    4,453
    They were shocked to discover that throwing 'AND 1=0' into a plain text search query does in fact change the results the search engine returns.

  9. #729
    Donor halbarad's Avatar
    Join Date
    April 9, 2011
    Posts
    4,999
    Quote Originally Posted by Shaftoes View Post
    Another tales from tech support story cyber-security story that I found highly amusing


    Part 1: https://www.reddit.com/r/talesfromte...ppens_at_once/
    Part 2: https://www.reddit.com/r/talesfromte...ce_conclusion/
    Lawtechie writes good stories and has quite an interesting collection of them in his history.

  10. #730

    Join Date
    November 5, 2011
    Posts
    12,021
    Quote Originally Posted by halbarad View Post
    Quote Originally Posted by Shaftoes View Post
    Another tales from tech support story cyber-security story that I found highly amusing


    Part 1: https://www.reddit.com/r/talesfromte...ppens_at_once/
    Part 2: https://www.reddit.com/r/talesfromte...ce_conclusion/
    Lawtechie writes good stories and has quite an interesting collection of them in his history.
    Yeah that shit was golden.

  11. #731
    Movember 2011Movember 2012 Nordstern's Avatar
    Join Date
    April 10, 2011
    Posts
    9,867
    tfw you spend months fixing your product and some punk researchers say "lol nope"

    "Another Meltdown, Spectre security scare: Data-leaking holes riddle Intel, AMD, Arm chips"
    https://www.theregister.co.uk/AMP/20...down_variants/
    "Holy shit, I ask you to stop being autistic and you debate what autistic is." - spasm
    Quote Originally Posted by Larkonis Trassler View Post
    WTF I hate white people now...

  12. #732
    Daneel Trevize's Avatar
    Join Date
    April 10, 2011
    Location
    T L A
    Posts
    12,459
    Another week, another dumpster fire in the JS/NPM ecosystem, with backdoored, silently-bought-out popular repos.
    Quote Originally Posted by QuackBot View Post
    Idk about that, and i'm fucking stupid.

  13. #733
    Donor Sparq's Avatar
    Join Date
    April 11, 2011
    Location
    Strayastan
    Posts
    9,673

  14. #734
    Daneel Trevize's Avatar
    Join Date
    April 10, 2011
    Location
    T L A
    Posts
    12,459
    Quote Originally Posted by Sparq View Post
    nothing appears here
    For those who have twitter embedded jsonp denied by their browser

      Spoiler:
    Quote Originally Posted by QuackBot View Post
    Idk about that, and i'm fucking stupid.

  15. #735

    Join Date
    April 13, 2011
    Posts
    6,886
    Quote Originally Posted by Daneel Trevize View Post
    Another week, another dumpster fire in the JS/NPM ecosystem, with backdoored, silently-bought-out popular repos.
    NPM need to sort their shit out. Maven Central solved all of these problems fucking years ago.

    Corollary: In retrospect, defining dependency versions by range is a disastrous idea.

  16. #736
    Donor erichkknaar's Avatar
    Join Date
    April 9, 2011
    Posts
    12,311
    Quote Originally Posted by elmicker View Post
    Quote Originally Posted by Daneel Trevize View Post
    Another week, another dumpster fire in the JS/NPM ecosystem, with backdoored, silently-bought-out popular repos.
    NPM need to sort their shit out. Maven Central solved all of these problems fucking years ago.

    Corollary: In retrospect, defining dependency versions by range is a disastrous idea.
    A brief interlude to pimp golang 1.11's module versioning support.

    Some bright sparks figured out maybe it's best to let you explicitly do it in the modules import statements,

    So, import some/library 1.0.0
    meh

  17. #737
    Daneel Trevize's Avatar
    Join Date
    April 10, 2011
    Location
    T L A
    Posts
    12,459
    Node's having a Cyber Monday week sale, 2-for-1, you didn't want Windows Update & UAC anyway...
    Quote Originally Posted by QuackBot View Post
    Idk about that, and i'm fucking stupid.

  18. #738
    Movember 2011Movember 2012 Nordstern's Avatar
    Join Date
    April 10, 2011
    Posts
    9,867
    https://www.tomshardware.com/news/vu...ers,38271.html
    Vulnerabilities Exposed in Asus and Gigabyte's RGB Managers

    People love covering their systems with enough pretty lights to make New Year's Eve in Times Square look dim by comparison. Manufacturers then have to give people ways to control those lights, which is why so many have introduced their own RGB lighting management tools. Now a researcher has ruined the festivities by exposing vulnerabilities in drivers installed by Asus Aura Sync and Gigabyte's lighting management tools.

    The security flaws in these drivers were discovered by Diego Juarez and disclosed by SecureAuth. They don't appear to reside in the lighting management tools proper--all of them were found in drivers installed by those platforms. The disclosures said the vulnerabilities affect the GLCKIo and Asusgio drivers installed by Asus Aura Sync as well as the GPCIDrv and GDrv drivers bundled with some of Gigabyte's products.

    SecureAuth said the vulnerabilities in both companies' drivers can be used by a local attacker to escalate privileges. That essentially means the flaws won't be exploited to compromise a system directly, but if someone's already gained access to a target system, they can use these RGB lighting tools to gain more power over it. It's kind of like finding a key to a safe after breaking in the front door, but with 16.8 million colors.

    It's not clear when Juarez shared the vulnerabilities with SecureAuth, but the security firm said it made initial contact with Asus in November 2017 and Gigabyte in April 2018. It then went back and forth with both companies for several months. Asus released several versions of Aura Sync in that time that didn't address the vulnerabilities or only addressed one of them; Gigabyte eventually said its products weren't affected by the flaws.

    These are the versions of both companies' utilities confirmed to be affected by the vulnerabilities:

    ASUS Aura Sync v1.07.22 and previous versions
    GIGABYTE APP Center v1.05.21 and previous
    AORUS GRAPHICS ENGINE v1.33 and previous
    XTREME GAMING ENGINE v1.25 and previous
    OC GURU II v2.08

    SecureAuth noted that other versions could be affected by the vulnerabilities, however, it simply hasn't checked. Just don't be surprised if similar vulnerabilities are discovered in other RGB lighting platforms or even these same ones. The more popular these utilities become, the more attractive they are to hackers, and right now the rush to add RGB to all of the things doesn't show any signs of slowing down.
    "Holy shit, I ask you to stop being autistic and you debate what autistic is." - spasm
    Quote Originally Posted by Larkonis Trassler View Post
    WTF I hate white people now...

  19. #739
    Smegs's Avatar
    Join Date
    April 2, 2012
    Posts
    1,042
    Quote Originally Posted by Nordstern View Post
    https://www.tomshardware.com/news/vu...ers,38271.html
    Vulnerabilities Exposed in Asus and Gigabyte's RGB Managers

    People love covering their systems with enough pretty lights to make New Year's Eve in Times Square look dim by comparison. Manufacturers then have to give people ways to control those lights, which is why so many have introduced their own RGB lighting management tools. Now a researcher has ruined the festivities by exposing vulnerabilities in drivers installed by Asus Aura Sync and Gigabyte's lighting management tools.

    The security flaws in these drivers were discovered by Diego Juarez and disclosed by SecureAuth. They don't appear to reside in the lighting management tools proper--all of them were found in drivers installed by those platforms. The disclosures said the vulnerabilities affect the GLCKIo and Asusgio drivers installed by Asus Aura Sync as well as the GPCIDrv and GDrv drivers bundled with some of Gigabyte's products.

    SecureAuth said the vulnerabilities in both companies' drivers can be used by a local attacker to escalate privileges. That essentially means the flaws won't be exploited to compromise a system directly, but if someone's already gained access to a target system, they can use these RGB lighting tools to gain more power over it. It's kind of like finding a key to a safe after breaking in the front door, but with 16.8 million colors.

    It's not clear when Juarez shared the vulnerabilities with SecureAuth, but the security firm said it made initial contact with Asus in November 2017 and Gigabyte in April 2018. It then went back and forth with both companies for several months. Asus released several versions of Aura Sync in that time that didn't address the vulnerabilities or only addressed one of them; Gigabyte eventually said its products weren't affected by the flaws.

    These are the versions of both companies' utilities confirmed to be affected by the vulnerabilities:

    ASUS Aura Sync v1.07.22 and previous versions
    GIGABYTE APP Center v1.05.21 and previous
    AORUS GRAPHICS ENGINE v1.33 and previous
    XTREME GAMING ENGINE v1.25 and previous
    OC GURU II v2.08

    SecureAuth noted that other versions could be affected by the vulnerabilities, however, it simply hasn't checked. Just don't be surprised if similar vulnerabilities are discovered in other RGB lighting platforms or even these same ones. The more popular these utilities become, the more attractive they are to hackers, and right now the rush to add RGB to all of the things doesn't show any signs of slowing down.
    Should teach the rainbow humping fags that the only colour for a PC is BLACK. Dark black. Black like a cold, dead sun. Like the eyes of my dead hamster. Black like the cinder of my heart ......
    Shitting up eve for .... well, longer than most of you scumbags.

  20. #740
    Lana Torrin's Avatar
    Join Date
    April 13, 2011
    Location
    Bonding around
    Posts
    19,533
    FINALLY... My PC is so old i dont have to worry about this vulnerability. i knew not upgrading would pay off in the end.
    Quote Originally Posted by lubica
    And her name was Limul Azgoden, a lowly peasant girl.

Bookmarks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •