LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices


Reply
  Search this Thread
Old 07-02-2021, 08:20 PM   #1
SimonDevine
Member
 
Registered: Oct 2016
Location: Surrey, UK
Distribution: Slack 14.2 64 using KDE 4.14 on Acer Aspire M3900 i3 4GB RAM with Dell E1913 monitor 1280x1024@75Hz
Posts: 88

Rep: Reputation: 68
Angry US companies hit by 'colossal' cyber-attack


https://www.bbc.co.uk/news/world-us-canada-57703836


US companies hit by 'colossal' cyber-attack


I hope no-one here has been affected. If anyone has then I hope that the FBI or whoever takes charge in cases like this gets the little sods who've perpetrated this crime and that the effects aren't a wrecking ball event.

Last edited by SimonDevine; 07-02-2021 at 08:34 PM.
 
Old 07-02-2021, 08:56 PM   #2
jefro
Moderator
 
Registered: Mar 2008
Posts: 20,973

Rep: Reputation: 3403Reputation: 3403Reputation: 3403Reputation: 3403Reputation: 3403Reputation: 3403Reputation: 3403Reputation: 3403Reputation: 3403Reputation: 3403Reputation: 3403
Was it one of the 16?

"Mr Biden said he gave Mr Putin a list of 16 critical infrastructure sectors, from energy to water, that should not be subject of hacking."

Why didn't Biden say nothing should be hacked??
 
Old 07-03-2021, 07:09 AM   #3
hazel
LQ Guru
 
Registered: Mar 2016
Location: Harrow, UK
Distribution: LFS, AntiX, Slackware
Posts: 5,569
Blog Entries: 16

Rep: Reputation: 3304Reputation: 3304Reputation: 3304Reputation: 3304Reputation: 3304Reputation: 3304Reputation: 3304Reputation: 3304Reputation: 3304Reputation: 3304Reputation: 3304
It was an infrastructure hack targetting servers, similar to SolarWind. It then spread to the customers of those servers. That's the wave of the future.

Last edited by hazel; 07-03-2021 at 07:17 AM.
 
Old 07-03-2021, 08:19 AM   #4
Turbocapitalist
LQ Guru
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 5,663
Blog Entries: 3

Rep: Reputation: 2904Reputation: 2904Reputation: 2904Reputation: 2904Reputation: 2904Reputation: 2904Reputation: 2904Reputation: 2904Reputation: 2904Reputation: 2904Reputation: 2904
Quote:
Originally Posted by SimonDevine View Post
If anyone has then I hope that the FBI or whoever takes charge in cases like this gets the little sods who've perpetrated this crime and that the effects aren't a wrecking ball event.
They won't do anything even if already know who is responsible, or at least can find out quickly and easily. The Business Software Alliance has gotten US-based businesses browbeaten into keeping detailed proof of purchase records for all M$ product deployments. On top of that, within companies, large orders are well-documented as to who signed off on each such purchase and when. However, before m$ became a cult, it was a lobbying firm. Those old political ties prevent not just prosecution of the culpable parties who have perpetrated the crime of knowingly deploying M$ products in mission critical scenarios, but will also prevent even any meaningful investigation of the same.

Cory Doctorow once compared Zuckerberg's empire to that of a collection of flammable, oily rags piled in a garage. The metaphor is even more applicable to the one Bill and his minions have built around us in spite of 25 years of warning signs and exposure of egregious design flaws.

In short, the investigators could find those responsble for having signed off on and deployed M$ products in such a way that they were connected to the Internet. But for that matter, even sneakernet is a risk for M$ products as we've seen over the last 30+ years.
 
Old 07-03-2021, 08:31 AM   #5
igadoter
Senior Member
 
Registered: Sep 2006
Location: wroclaw, poland
Distribution: many, primary Slackware
Posts: 2,463
Blog Entries: 1

Rep: Reputation: Disabled
Today install Kali read couple of books. Take into account salaries cuts for IT engineers - and you rule internet. I am afraid that just beginning. At least so far we can try to associate these attacks with someone. Tomorrow it can be just kids playground. School is boring. Besides now kids spend more time at computers due to covid. There is no more worse scenario like hacker-idiot. Person who hacks by accident. Without any understanding what it is doing. Future nightmare probably.
 
Old 07-05-2021, 07:49 AM   #6
teckk
Senior Member
 
Registered: Oct 2004
Distribution: FreeBSD Arch
Posts: 3,563

Rep: Reputation: 1121Reputation: 1121Reputation: 1121Reputation: 1121Reputation: 1121Reputation: 1121Reputation: 1121Reputation: 1121Reputation: 1121
REvil's ransomware attack

https://apnews.com/article/joe-biden...f936ca24bb5cbe

https://news.trust.org/item/20210703144707-t9mti

https://news.trust.org/item/20210705044556-8apae
 
Old 07-09-2021, 02:34 PM   #7
GentleThotSeaMonkey
Member
 
Registered: Dec 2016
Posts: 118
Blog Entries: 3

Rep: Reputation: 38
Yup: M$ dll (.exe) hacked.
https://www.schneier.com/blog/archiv...re-attack.html

Restart delayed again!
https://www.securityweek.com/restart...-software-firm

A naive curiosity: on-site systems are (I guess) vastly M$
but the OS used in 'the cloud' is vastly Linux (I think);
In 'the cloud', *as a percentage of each* (to make comparison fair),
Do a lot more of M$ instances get hacked, vs. Linux (proportionally factored)
? (if anyone has any specific insight/info/statitics)
 
Old 07-11-2021, 02:01 AM   #8
cynwulf
Senior Member
 
Registered: Apr 2005
Location: Walsall, UK
Posts: 2,642
Blog Entries: 7

Rep: Reputation: 2167Reputation: 2167Reputation: 2167Reputation: 2167Reputation: 2167Reputation: 2167Reputation: 2167Reputation: 2167Reputation: 2167Reputation: 2167Reputation: 2167
Not a huge surprise that the kaseya software could be an attack vector. IT support companies are addicted this crap as it allows them to easily monitor and manage client workstations. I've never trusted remote monitoring/control software from either a security or a privacy standpoint.

"spoofed malicious DLL file in a Windows’ WinSxS directory so that the operating system loads the spoof instead of the legitimate file"

And "Windows side by side", that awful mess was always an open invitation to this kind of thing. Windows is full of these rats nests and they keep building more.

Sounds like a typical Windows cluster ****...
 
Old 07-19-2021, 05:53 PM   #9
GentleThotSeaMonkey
Member
 
Registered: Dec 2016
Posts: 118
Blog Entries: 3

Rep: Reputation: 38
Wider & deeper (news today includes cellphones)

In today's news, hacks seem more widespread & deeper....

https://www.zdnet.com/article/uk-whi...e-server-hack/

I think back to the days of the beginnings of Unix at UCB:
Infinitesimal in size (compared to massive even Android)
But it's small & open footprint made it relatively impenetrable.

Some abstract philosophical analogy comes to my mind:
without 'human decency', your physical 'space'
can totally&'easily' be invaded/trashed.
 
Old 07-19-2021, 06:58 PM   #10
dugan
LQ Guru
 
Registered: Nov 2003
Location: Canada
Distribution: distro hopper
Posts: 10,046

Rep: Reputation: 4620Reputation: 4620Reputation: 4620Reputation: 4620Reputation: 4620Reputation: 4620Reputation: 4620Reputation: 4620Reputation: 4620Reputation: 4620Reputation: 4620
Quote:
Originally Posted by GentleThotSeaMonkey View Post
I think back to the days of the beginnings of Unix at UCB:
Infinitesimal in size (compared to massive even Android)
But it's small & open footprint made it relatively impenetrable.
Uh, you mean back when UCB was hacked?

https://youtu.be/MAFFjZn8f70?t=1246

...

Back when the Internet worm used what we would now call a series of zero-day exploits to hack into every system on the Internet, and ended up crashing the entire Internet due to a bug of its own?

Back when systems had no security at all and the 414s just walked right in?

Yeah, the systems back then were IMPENETRABLE. Sure.

Last edited by dugan; 07-19-2021 at 08:47 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Seminal game 'Colossal Cave Adventure' released onto GitHub LXer Syndicated Linux News 1 05-30-2017 11:39 AM
LXer: Windows 10 collects colossal 0.375 per cent market share in July LXer Syndicated Linux News 0 08-02-2015 10:06 PM
IMF hit by 'very major' cyber security attack Jeebizz Linux - News 0 06-12-2011 11:17 AM
US defence firm Lockheed Martin hit by cyber-attack Jeebizz Linux - News 0 05-30-2011 08:56 AM
did Colossal Cave invent IF sarcasm? newbiesforever General 3 07-31-2009 10:47 PM

LinuxQuestions.org > Forums > Non-*NIX Forums > General

All times are GMT -5. The time now is 06:03 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration