lol, my gmail is on like 7 the Hotmail is on rivercity, On Tue, May 23, 2017 at 1:18 AM, Josh Reynolds <[email protected]> wrote:
> https://haveibeenpwned.com > > - Josh > > On May 23, 2017 1:04 AM, "Steve Jones" <[email protected]> wrote: > >> I have had the same Hotmail password for 23 years, that account has >> become the primary Microsoft account, ive changed it two times, back to the >> original in that time. >> >> Its really not that hard to be safe, I'm not very diligent. Its very hard >> to give up your info, yet people do and the media makes it sound like all >> :hackers" are "tunneling in" >> >> the truth is humans are just stoopid >> >> On Tue, May 23, 2017 at 12:49 AM, Josh Reynolds <[email protected]> >> wrote: >> >>> >>> https://fossbytes.com/hacking-windows-login-details-using-go >>> ogle-chrome-sfc-files/ >>> >>> 6 days ago >>> - Josh >>> >>> On May 23, 2017 12:46 AM, "Steve Jones" <[email protected]> >>> wrote: >>> >>>> when this hit, that's what they said, then when they realized it was >>>> like every other malware, the news tried the "wannacry not delivered via >>>> attachements" headlines for like 40 seconds til the tech community lashed >>>> out (btw the tech community is the only legitimately non partisan community >>>> out there) and they STFU. >>>> I never understood when our customers get het with malware, why the >>>> people who don't use UPS insist on always opening the UPS attachments >>>> granted, this propagates from an infected machine to others if you >>>> didn't apply the three month old patch, so "technichally it doesn't have >>>> user interaction" but unless its dropping an executable in a startup >>>> folder, does it really? >>>> >>>> I just wonder if I'm missing something. I sat through a UTM webinar the >>>> other day on this, expecting to gain insight. The gist of this one is "yer >>>> fukt" because it was distributed by what equates to a 3 year old with an >>>> iPhone, and paying the ransom doesn't get you a key. There was a post >>>> webinar Q&A that disconnected because the UTM vendor didn't realize the guy >>>> who started the session had to actually stay in it to keep it going.... >>>> that's the level of non starter I perceive wannacry as. >>>> >>>> On Tue, May 23, 2017 at 12:25 AM, Josh Reynolds <[email protected]> >>>> wrote: >>>> >>>>> It's very possible, I've just never heard of an exploit that doesn't >>>>> actually require you to run the payload >>>>> >>>>> - Josh >>>>> >>>>> On May 23, 2017 12:22 AM, "Steve Jones" <[email protected]> >>>>> wrote: >>>>> >>>>>> that's like super old (not that wannacry is all that new) >>>>>> its amazing to me that malware is such a thing >>>>>> fuckballs stuxnet is still live >>>>>> are humans retarded? >>>>>> >>>>>> On Tue, May 23, 2017 at 12:15 AM, Josh Reynolds <[email protected] >>>>>> > wrote: >>>>>> >>>>>>> I don't know which one that you are talking about, but there is a >>>>>>> much more advanced exploit floating around. One of the infection >>>>>>> methods is >>>>>>> to auto download a file when loading a web page... When the user opens >>>>>>> the >>>>>>> folder, the windows handler that loads the file icon from inside the >>>>>>> program, which then silently transmits that users credentials to a >>>>>>> remote >>>>>>> SMB server. >>>>>>> >>>>>>> Nasty stuff. >>>>>>> >>>>>>> - Josh >>>>>>> >>>>>>> On May 23, 2017 12:03 AM, "Steve Jones" <[email protected]> >>>>>>> wrote: >>>>>>> >>>>>>>> lol, better not be another one >>>>>>>> just seems like this wannacry thing is way blown out of proportion, >>>>>>>> I haven't seen anything to indicate its any more virulent or invasive >>>>>>>> than >>>>>>>> the standard malware, just happens it did a targeted phish of known >>>>>>>> unprotected targets >>>>>>>> >>>>>>>> On Mon, May 22, 2017 at 10:16 PM, Jay Weekley < >>>>>>>> [email protected]> wrote: >>>>>>>> >>>>>>>>> Is this a new way of announcing your wife is having a baby? >>>>>>>>> >>>>>>>>> Steve Jones wrote: >>>>>>>>> >>>>>>>>>> I not an absurd lack of hype over this on this list when every >>>>>>>>>> other list is popping off >>>>>>>>>> Am I the only one that sees this as similar to the whole UBNT >>>>>>>>>> mishap? don't follow standard practices, pay the price? >>>>>>>>>> I'm inclined to block the ports as a mechanism of being a good >>>>>>>>>> steward of the interwebs, but shouldn't I have already been dropping >>>>>>>>>> those? >>>>>>>>>> as an ISP >>>>>>>>>> I'm tempted to push OS migration, but shouldn't I have already >>>>>>>>>> been doing so as an IT services guy. >>>>>>>>>> I'm tempted to keep current patches, but shouldn't I have already >>>>>>>>>> been doing so? >>>>>>>>>> I have no expectation that none of my contact customers will not >>>>>>>>>> be impacted... by choices they made in our contract. >>>>>>>>>> This doesn't seem like its a NEW thing >>>>>>>>>> >>>>>>>>>> <http://www.avg.com/email-signature?utm_medium=email&utm_sou >>>>>>>>>> rce=link&utm_campaign=sig-email&utm_content=emailclient> >>>>>>>>>> Virus-free. www.avg.com <http://www.avg.com/email-sign >>>>>>>>>> ature?utm_medium=email&utm_source=link&utm_campaign=sig-emai >>>>>>>>>> l&utm_content=emailclient> >>>>>>>>>> >>>>>>>>>> <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2> >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>> >>>> >>
