• The Great Cyberwar Has Just Begun

    From Ogg@VERT/CAPCITY2 to All on Monday, March 28, 2022 17:25:00
    The Great Cyberwar Has Just Begun: You Need to Protect Yourself

    "Josh Hendrickson @canterrain (twitter)
    "Mar 26, 2022, 9:00 am EDT | 11 min read

    Right now, more than ever, you need to secure all your online
    accounts. It's long past time to embrace two-factor
    authentication, stop reusing passwords, and make your online
    presence hacker-resistant. Because sooner or later, the brewing
    cyberwar will come for you.

    While it's true that hacking and compromising personal accounts
    have been a scourge of the internet for years, if not decades,
    what we're starting to see dwarfs the threats we've lived
    through so far. Putting politics aside, the ongoing events in
    Russia and Ukraine sparked the catalyst for a mass cyber
    attack. And the response from other countries will likely only
    exacerbate that fact.

    MORE:

    https://www.reviewgeek.com/113090/the-great-cyberwar-has-just- begun-you-need-to-protect-yourself/

    https://bbs.lc/yrlEq

    --- OpenXP 5.0.51
    * Origin: Ogg's Dovenet Point (723:320/1.9)
    ■ Synchronet ■ CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP
  • From MRO@VERT/BBSESINF to Ogg on Monday, March 28, 2022 20:51:33
    Re: The Great Cyberwar Has Just Begun
    By: Ogg to All on Mon Mar 28 2022 05:25 pm

    Right now, more than ever, you need to secure all your online
    accounts. It's long past time to embrace two-factor
    authentication, stop reusing passwords, and make your online
    presence hacker-resistant. Because sooner or later, the brewing
    cyberwar will come for you.

    While it's true that hacking and compromising personal accounts
    have been a scourge of the internet for years, if not decades,
    what we're starting to see dwarfs the threats we've lived


    it doesnt matter what we do with passwords or whatever.
    our providers are the ones that arent secure.
    ---
    ■ Synchronet ■ ::: BBSES.info - free BBS services :::
  • From Arelor@VERT/PALANT to MRO on Tuesday, March 29, 2022 02:06:30
    Re: The Great Cyberwar Has Just Begun
    By: MRO to Ogg on Mon Mar 28 2022 08:51 pm

    Re: The Great Cyberwar Has Just Begun
    By: Ogg to All on Mon Mar 28 2022 05:25 pm

    Right now, more than ever, you need to secure all your online
    accounts. It's long past time to embrace two-factor
    authentication, stop reusing passwords, and make your online
    presence hacker-resistant. Because sooner or later, the brewing
    cyberwar will come for you.

    While it's true that hacking and compromising personal accounts
    have been a scourge of the internet for years, if not decades,
    what we're starting to see dwarfs the threats we've lived


    it doesnt matter what we do with passwords or whatever.
    our providers are the ones that arent secure.

    That is something I was thinking myself.

    Heck, even if a given provider has a very secure infrastructure, most medium sized ones are going to
    externalize lots of components. Say, I could have all my customer data managed by my very secure servers,
    and then have part of that data processed by a third party.

    For example, I may host a well secured infrastructure for managing patient data, with an application that
    reports patients' visits to the insurance companies via an API (because othewise the insurance companies
    won't pay us for medical services, heh). Once I send a request full of sensitive data to the insurance
    company , it leaves my "very secure" infrastructure and you don't know how the insurance companies are
    going to secure the data. They are probably going to be careful, but also they could just print the
    patients' files and leave them laying around on the office for the cleaning staff to find :-)

    --
    gopher://gopher.richardfalken.com/1/richardfalken

    ---
    ■ Synchronet ■ Palantir BBS * palantirbbs.ddns.net * Pensacola, FL
  • From Tracker1@VERT/TRN to Arelor on Wednesday, March 30, 2022 23:52:53
    On 3/29/22 00:06, Arelor wrote:
    it doesnt matter what we do with passwords or whatever.
    our providers are the ones that arent secure.

    That is something I was thinking myself.

    Heck, even if a given provider has a very secure infrastructure, most
    medium sized ones are going to externalize lots of components. Say, I
    could have all my customer data managed by my very secure servers, and
    then have part of that data processed by a third party.
    ...

    That's generally true, but still, password re-use is a massive issue...
    on compromised system/account that doesn't hash passwords and/or is a
    very weak hash (md5 or sha1) means that if your email address is there, there's a much higher chance of escalating the issue(s).

    Congrats, you just sent a new $HIGH_DOLLAR_ITEM$ to a hacking ring from
    your online store account.
    --
    Michael J. Ryan - tracker1@roughneckbbs.com
    ---
    þ Synchronet þ Roughneck BBS - roughneckbbs.com
  • From MRO@VERT/BBSESINF to Tracker1 on Thursday, March 31, 2022 11:22:41
    Re: Re: The Great Cyberwar Has Just Begun
    By: Tracker1 to Arelor on Wed Mar 30 2022 11:52 pm

    on compromised system/account that doesn't hash passwords and/or is a
    very weak hash (md5 or sha1) means that if your email address is there, there's a much higher chance of escalating the issue(s).

    Congrats, you just sent a new $HIGH_DOLLAR_ITEM$ to a hacking ring from
    your online store account.

    the only times i have been compromised is when the actual SITE was compromised.

    this is when i ordered autoparts, when i bought bitcoin, and online banking with my credit union.

    i dont think most people reuse passwords for their banks and important providers.
    they may reuse passwords for their junk services.

    but people are stupid, but who knows.

    all i know is these sites are just as stupid or worse. you dont know what they are doing with your data or how they are storing it. until it makes front page new. dropbox still won't admit to it. i get hack attempts from my dropbox alias emails all the time. for over 5 years.
    ---
    ■ Synchronet ■ ::: BBSES.info - free BBS services :::
  • From MRO@VERT/BBSESINF to Tracker1 on Thursday, March 31, 2022 13:23:56
    Re: Re: The Great Cyberwar Has Just Begun
    By: MRO to Tracker1 on Thu Mar 31 2022 11:22 am


    the only times i have been compromised is when the actual SITE was compromised.

    oh now i have an interesting development.
    so someone is bruteforcing my namecheap account. they wont let me change my login name. it's just impossible.

    so i'm talking to these indian idiots. first time is 30 mins. half an hour. asking me questions, he's going off topic, etc. i say just delete the account okay. i have to go to work.

    i come back and idiot didn't delete the account. apparently there was some promo 10 years ago where i got a free cert and i never used it. they wanted to tell me i wouldnt get a refund for my free promo cert.


    so i go back in there again. another 20 mins to get idiot 2 to delete the account.

    whats wrong with namecheap that they cant RENAME a user account?
    that's nuts.

    ---
    ■ Synchronet ■ ::: BBSES.info - free BBS services :::
  • From Utopian Galt@VERT/IUTOPIA to MRO on Saturday, April 02, 2022 11:55:43
    Re: Re: The Great Cyberwar Has Just Begun
    By: MRO to Tracker1 on Thu Mar 31 2022 01:23 pm

    whats wrong with namecheap that they cant RENAME a user account?
    that's nuts.
    allegedly they have a huge number of outsourced ukranian staff, maybe due to the war they had to use Indians.

    ---
    ■ Synchronet ■ Inland Utopia - iutopia.duckdns.org:2023
  • From Tracker1@VERT/TRN to Utopian Galt on Monday, April 04, 2022 17:43:16
    On 4/2/22 11:55, Utopian Galt wrote:
    whats wrong with namecheap that they cant RENAME a user account?
    that's nuts.

    allegedly they have a huge number of outsourced ukranian staff,
    maybe due to the war they had to use Indians.

    Where I'm working now, company executives (out of pocket) paid to
    relocate a few dozen families from Ukraine and Russia to Armenia... they literally only had about an hour and a half to decide. That said,
    unaware of any other companies that executive staff have paid to
    relocate staff and third party contractors like that. There were 70
    families offered the option, and about half chose to relocate.

    A friend works for a very large company, and their policy was they were blocking the IPs for the region, and if you didn't "show up" within 7
    days it was considered a resignation.
    --
    Michael J. Ryan - tracker1@roughneckbbs.com
    ---
    þ Synchronet þ Roughneck BBS - roughneckbbs.com