Welcome to Thunderdome

Leisher wrote: ↑Fri Oct 07, 2022 12:27 pm That's behind a paywall.

weird. you might be able to google it as "ft ransomware game"

Worked for me that way

I had to pay $800K.

Leisher wrote: ↑Fri Oct 07, 2022 12:59 pm I had to pay $800K.

Did you get fired?

No, they were pretty happy with me and I remained on as CEO or whatever.

MGM gets shut down.

How'd they do it?

Social engineering man. One nice thing about my company: We're still small, and everyone except the SWE team works in one place. Far less likely to fall for this stuff.

SMBs definitely have a huge advantage in this area.

Leisher wrote: ↑Thu Sep 14, 2023 9:52 am SMBs definitely have a huge advantage in this area.

We've been getting the "I need to change my payroll information" emails, and, they are obviously fake - But the COO can just yell "Hey, Bob, you send this?" "No" The end.

TheCatt wrote: ↑Thu Sep 14, 2023 9:57 am

Leisher wrote: ↑Thu Sep 14, 2023 9:52 am SMBs definitely have a huge advantage in this area.

We've been getting the "I need to change my payroll information" emails, and, they are obviously fake - But the COO can just yell "Hey, Bob, you send this?" "No" The end.

Can you fish them in reverse, get some identifying info, and turn them in?

GORDON wrote: ↑Thu Sep 14, 2023 10:06 am

TheCatt wrote: ↑Thu Sep 14, 2023 9:57 am

Leisher wrote: ↑Thu Sep 14, 2023 9:52 am SMBs definitely have a huge advantage in this area.

We've been getting the "I need to change my payroll information" emails, and, they are obviously fake - But the COO can just yell "Hey, Bob, you send this?" "No" The end.

Can you fish them in reverse, get some identifying info, and turn them in?

I wish. If they're half-smart, they're 1) international and 2) using VPNs.

Can you send the phone spiders?

Transunion. The most insidious part of these hacks isn't the actual hacker, it's the company not telling employees, vendors, and customers their PI has been compromised.

Sony again.

Did I mention the stat I saw on T-Mobile? How many times do you think they've been hacked since 2018?

Leisher wrote: ↑Tue Sep 26, 2023 11:53 pm How many times do you think they've been hacked since 2018?

Google: # of days since 2018

TheCatt wrote: ↑Wed Sep 27, 2023 8:34 am

Leisher wrote: ↑Tue Sep 26, 2023 11:53 pm How many times do you think they've been hacked since 2018?

Google: # of days since 2018

That's funny.

It's 8 times. 8 fucking times for a big corporation!

1. At some point it would really be great if those worthless bags of mostly water in DC would start treating hacks seriously. This is not a D or R thing. Resolving this should have bipartisan support, and Wall St support.
2. Can any IT department really protect themselves? Is anyone "hack proof"?

Leisher wrote: ↑Wed Sep 27, 2023 11:06 am 2. Can any IT department really protect themselves? Is anyone "hack proof"?

I figure it's like secrets. 3 people can keep a company secure, if 2 of them are dead.

Social engineering is harder with fewer people. And that's a primary vector.

Air gap everything so in order to access data you need an air duct, pulleys, and Tom Cruise.

GORDON wrote: ↑Wed Sep 27, 2023 12:32 pm Air gap everything so in order to access data you need an air duct, pulleys, and Tom Cruise.

Good thing we can't clone Tom Cruise... yet.