Read through some of this and it will confirm how big a deal it is. And
if a service you were wondering about isn't working, there is a decent
chance that this is why...
https://cyber.dhs.gov/ed/21-01/
On 12/14/2020 11:52 AM, Ryan Ray wrote:
This is a big deal. Solarwinds Orion is a product used in many of the
Top 100 companies in the world. Including tons of healthcare.
I dislike Solarwinds for many reasons and refused to use them even
before this hack. Just add another reason to the list.
On Mon, Dec 14, 2020 at 11:49 AM Steve Jones <[email protected]
<mailto:[email protected]>> wrote:
So Im reading this now that Solar Winds updates have been delivering
payloads since june or july. Solar winds having crazy levels of
access to interior infrastructures.
Im not sure what this is saying, it sounds like what fireye
isnt saying outwardly is their toolset was stolen prior to that and
that was how they were able to circumvent the solarwinds security
infrastructure, as solar winds relied on fireye?
Anybody come across any good detail on solar winds impacted
software? Like if you downloaded the free subnet calculator, will
they be taking your google home account too? Imma be pretty pissed
if they mess with my google play playlists.
I wonder if the disruptions with office365 and the weird spam filter
changes lately are related to cleanup prior to publication.
We are a tiny company and got withing a hair of pulling the trigger
on various solarwinds offerings over the years. Thats with tiny
company tiny budgets. I cant imagine CTO voicemails going down
around the world today, depending on budget, you hand the keys over
to solarwinds, and by design, each key you hand over makes sense to
spend a little more and hand over another key. How would you even
begin to clean up your organization when your systems that would
provide you your forensics are the systems that did the damage?
Is this just mediahype and more russia russia russia, or is this as
big of a deal as it seems
On Mon, Dec 14, 2020 at 9:01 AM dave <[email protected]
<mailto:[email protected]>> wrote:
DA HUMANITY!!
On 12/14/20 8:58 AM, Ken Hohhof wrote:
I had a customer this morning complaining she couldn’t “sign
on” to the Internet. I mentioned that Google had an outage
this morning, but she responded that she doesn’t use any
Google services. Of course her email was from a Gmail
address.____
__ __
__ __
*From:* AF <[email protected]>
<mailto:[email protected]> *On Behalf Of *Mike Hammett
*Sent:* Monday, December 14, 2020 6:54 AM
*To:* AnimalFarm Microwave Users Group <[email protected]>
<mailto:[email protected]>
*Subject:* Re: [AFMUG] Fireye____
__ __
"I know I'm next, they're coming after my google home mini and
my netflix account."____
__ __
__ __
aaaaannnndddd Google is broken this morning.____
__ __
-----
Mike Hammett
Intelligent Computing Solutions <http://www.ics-il.com/>
<https://www.facebook.com/ICSIL><https://plus.google.com/+IntelligentComputingSolutionsDeKalb><https://www.linkedin.com/company/intelligent-computing-solutions><https://twitter.com/ICSIL>
Midwest Internet Exchange <http://www.midwest-ix.com/>
<https://www.facebook.com/mdwestix><https://www.linkedin.com/company/midwest-internet-exchange><https://twitter.com/mdwestix>
The Brothers WISP <http://www.thebrotherswisp.com/>
<https://www.facebook.com/thebrotherswisp>
<https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>____
------------------------------------------------------------------------
*From: *"Steve Jones" <[email protected]
<mailto:[email protected]>>
*To: *"AnimalFarm Microwave Users Group" <[email protected]
<mailto:[email protected]>>
*Sent: *Sunday, December 13, 2020 9:57:21 PM
*Subject: *Re: [AFMUG] Fireye____
Nope, per fireye, the toolset had to be released because of it
being stolen, was not "in the wild"____
__ __
Going to get really interesting to see what comes of this, two
federal agencies just happen to get hit shortly after. You can
do plenty when you know how you would have otherwise been
caught.____
__ __
And that's all fireye admits to having been breached. I'm
gonna go ahead and not take their word on it definitively
having been russia either. Convenient timing after iran
specifically has stated they're going to retaliate for the
dead scientist. China will probably confirm this shortly____
__ __
Pretty sure this is far from over and pretty sure this company
is just the first to go public.____
__ __
I know I'm next, they're coming after my google home mini and
my netflix account.____
__ __
On Sun, Dec 13, 2020, 9:10 PM Ken Hohhof <[email protected]
<mailto:[email protected]>> wrote:____
Not saying you are wrong.____
____
But I think I read somewhere that the Fireye tools that
were stolen were a collection of malware already in the
wild that they used for testing of client networks. So it
was stuff already available, just neatly packaged.____
____
The guys who really f’d up were the “Equation Group”
(cough, cough, NSA) who lost novel and very powerful
hacking tools like Eternal Blue to the Shadow Brokers
group.____
____
*From:*AF <[email protected]
<mailto:[email protected]>> *On Behalf Of *Steve Jones
*Sent:* Sunday, December 13, 2020 8:45 PM
*To:* AnimalFarm Microwave Users Group <[email protected]
<mailto:[email protected]>>
*Subject:* [AFMUG] Fireye____
____
These guys F'd up beyond belief.____
____
Inept as jaime would say____
--
AF mailing list
[email protected] <mailto:[email protected]>
http://af.afmug.com/mailman/listinfo/af_af.afmug.com____
--
AF mailing list
[email protected] <mailto:[email protected]>
http://af.afmug.com/mailman/listinfo/af_af.afmug.com____
__ __
--
AF mailing list
[email protected] <mailto:[email protected]>
http://af.afmug.com/mailman/listinfo/af_af.afmug.com
--
AF mailing list
[email protected] <mailto:[email protected]>
http://af.afmug.com/mailman/listinfo/af_af.afmug.com
--
AF mailing list
[email protected]
http://af.afmug.com/mailman/listinfo/af_af.afmug.com
