LOL - It's relative :)
My dad always joked that he graduated in the top 90% of his class.
On 8/15/2023 11:02 PM, Timothy Sipples wrote:
Tom Brennan wrote:
Thanks Timothy. I've been saying this for years but this might be
the first time I've heard a top IBMer say it.
Did I just get a
Tom Brennan wrote:
>Thanks Timothy. I've been saying this for years but this might be
>the first time I've heard a top IBMer say it.
Did I just get a promotion? :-)
Jon Perryman wrote:
>I hear that AI is getting good results using the microphone to get
>keystrokes.
Yes, it seems possible that
> Timothy Sipples wrote:
> If an attacker inserts a keylogger or gets an adequate view of the keyboard
I hear that AI is getting good results using the microphone to get keystrokes.
On Monday, August 14, 2023 at 10:17:36 PM PDT, Timothy Sipples
wrote:
Tony Thigpen wrote:
> And, that
They say the great wall of China was breached because the hordes bribed the
gate keeper to let them through! Humans - the weakest part of any system.
On Tue, 15 Aug 2023 at 07:09, Tom Brennan
wrote:
> Thanks Timothy. I've been saying this for years but this might be the
> first time I've
Thanks Timothy. I've been saying this for years but this might be the
first time I've heard a top IBMer say it.
On 8/14/2023 10:17 PM, Timothy Sipples wrote:
Tony Thigpen wrote:
And, that I can agree with. Especially when the admin stores passwords
in their browser.
Yes, but not required.
Tony Thigpen wrote:
> And, that I can agree with. Especially when the admin stores passwords
>in their browser.
Yes, but not required. If an attacker inserts a keylogger or gets an adequate
view of the keyboard it's probably "game over."
—
Timothy Sipples
Senior Architect
Digital Assets,
And, that I can agree with. Especially when the admin stores passwords
in their browser.
Tony Thigpen
Timothy Sipples wrote on 8/14/23 12:51 AM:
Responding primarily to Tony, I'll just say that when an adversary (internal or external)
gains control over the PC that the privileged storage
Responding primarily to Tony, I'll just say that when an adversary (internal or
external) gains control over the PC that the privileged storage administrator
uses, particularly when there's no true multi-factor authentication in the
loop, then it's probably "game over."
—
Timothy Sipples
Mixing fact & fiction. Interesting.
Sent from Yahoo Mail for iPhone
On Sunday, August 13, 2023, 2:23 PM, Bob Bridges wrote:
Seems likely to me that every half-decent scam, without exception, will find
gulls in every new generation.
Not quite the same thing, but I remember a comment on a
Seems likely to me that every half-decent scam, without exception, will find
gulls in every new generation.
Not quite the same thing, but I remember a comment on a bulletin board
during one of the wars that sprang up in southern Africa after the white
government in South Africa fell and was taken
Charles Mills added:
>The long periods of bad guy access are typical. You read most of the
>breach stories the attack unfolded over weeks or months. The hackers
>talk about pwning (owning) a group of servers.
Oh, I know. I was just noting that I cannot imagine dealing with that kind of
ongoing
From: IBM Mainframe Discussion List [IBM-MAIN@LISTSERV.UA.EDU] on behalf of Bob
Bridges [robhbrid...@gmail.com]
Sent: Sunday, August 13, 2023 12:24 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: ransomware on z
I've a favorite author who points out that criminals mostly
Bob,
Few days ago a hospital in central Israel got a ransomware attack by a
group of hackers named Block Shadow. Two years ago another hospital was
attacked. The total cost of recovering (nothing paid to the attacking group
afaik) was estimated about 36 million ILS, about $10 Million USD.
I used the generic term DS8000, but I don't recall the exact device type. I
think that, as other mentioned, the point is that you do not need to access
the mainframe itself in order to damage the data.
ITschak
ITschak Mugzach
*|** IronSphere Platform* *|* *Information Security Continuous
I've a favorite author who points out that criminals mostly are optimists.
They think everyone else is a sucker and they're smarter than everyone else,
they therefore think they can't get caught, and they risk 12 years in prison
for a haul they could get with a mere eight months of honest work.
If we're still talking about the Logica hack, the reading I did on it says they
got their hands on an ID that had read access to the RACF database. So the
initial entry was the same as it almost always is; someone was careless with a
password. After that they did other things, mostly in OMVS
Agreed, and it's not shown how it fits into the category of "ransomware"
either.
cheers,
Peter
On 13/08/2023 10:00 am, Tony Thigpen wrote:
I still think that the store is BS because the script could not be ran
remotely during the time-frame the story was stated to have occurred in.
Other
I still think that the store is BS because the script could not be ran
remotely during the time-frame the story was stated to have occurred in.
Other things in the store don't make sense. It's either BS or the hacker
was given special access to the facility.
Tony Thigpen
Grant Taylor wrote
On 8/12/23 4:49 PM, Tony Thigpen wrote:
You can not run that script remote without the Remote-CE option enabled.
And, that option was not available until the DS8870. And, to run it you
have to first log in as CE. A password that should have been changed at
installation.
Do you want to hang
Well, I will be the one to call this story BS.
You can not run that script remote without the Remote-CE option enabled.
And, that option was not available until the DS8870. And, to run it you
have to first log in as CE. A password that should have been changed at
installation.
Tony Thigpen
Agree. my point is that a mainframe is just another server and that
you don't need to login into to damage the data.
ITschak
ITschak Mugzach
*|** IronSphere Platform* *|* *Information Security Continuous Monitoring
for z/OS, x/Linux & IBM I **| z/VM coming soon *
On Sat, Aug 12, 2023 at
The long periods of bad guy access are typical. You read most of the breach
stories the attack unfolded over weeks or months. The hackers talk about pwning
(owning) a group of servers.
CM
On Sat, 12 Aug 2023 16:13:12 -0400, Phil Smith III wrote:
>ITschak Mugzach wrote, in part:
>>Remember
ITschak Mugzach wrote, in part:
>Remember that when pirate bay penetrated Logica, he had
>no clue on mainframes, but was able to stay for almost 1.5 years.
This falls into the category of "things I just don't get": if that had been me,
I'd've woken up every single morning wondering if this was
Few days ago, I don't remember who and if it was here or at racf-l, someone
asked about a known case of a mainframe ransomware attack by encrypting the
disks.
Few years ago we performed a whitehat attack at a large insurance company.
WE started with the DS8xxx HMC server. A short RTFM showed that
24 matches
Mail list logo
