Well that’s just swell. I wonder how much hardware is going to have to be replaced.
Well that’s just swell. I wonder how much hardware is going to have to be replaced.CISA is now publicly admitting to the severity and ongoing difficulty in getting the hackers out of systems. This is not simply shut down/patch solarwinds and be home free, but is an advanced and persistent threat. This deep level intrusion can't be easily rooted out (if you were even a moderately high priority target that was exploited).
"CISA expects that removing this threat actor from compromised environments will be highly complex and challenging for organizations."
Compromise MitigationsAdvanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations | CISA
CISA is aware of compromises of US government agencies, critical infrastructure entities, and private sector organizations by an advanced persistent threat actor beginning in at least March 2020.us-cert.cisa.gov
If the adversary has compromised administrative level credentials in an environment—or if organizations identify SAML abuse in the environment, simply mitigating individual issues, systems, servers, or specific user accounts will likely not lead to the adversary’s removal from the network. In such cases, organizations should consider the entire identity trust store as compromised. In the event of a total identity compromise, a full reconstitution of identity and trust services is required to successfully remediate. In this reconstitution, it bears repeating that this threat actor is among the most capable, and in many cases, a full rebuild of the environment is the safest action.
Operational Security
Due to the nature of this pattern of adversary activity—and the targeting of key personnel, incident response staff, and IT email accounts—discussion of findings and mitigations should be considered very sensitive, and should be protected by operational security measures. An operational security plan needs to be developed and socialized, via out-of-band communications, to ensure all staff are aware of the applicable handling caveats.
Guys, we need to relax this is all a perfectly normal reaction to a foreign government committing an Act of War. Hell after the Japanese bombed Pearl Harbor FDR didn't even mention that it happened. Oh wait, he went before Congress and asked for a Declaration of War.
"No collusion" .... I dont know what you call it, but it *IS* something. Trump is acting scared of coming out against anything Russia... wtf is it?
He owes hundreds of millions to the Russian Mafia, Putin is the defacto head of the Russian Mafia in case there are people still out there that doesn't know this.
Yea thats the "fascinating" part of Putins Russia, he has toned it all into a singular focus, from state, intelligence, crime, economics ... its quite brilliant. Sucks to be a subject of a mafia state of course, but beyond that.
I didnt know, or I forgot, about Trumps dirty rubles?
"Shell companies put figures from Putin’s Mafia into Trump Tower. Should that be worrying?"
- Nah, nothing to see here.
I guess Barron isn't as great at the cyber as Donald thought he was.
Trump's legacy - leaving America and American industries hacked by the russians and not giving two shits.
He is the only senator to ever vote to convict an impacted president of their own party. I get guilt by association, but you should give credit where it is due.Oh how nice of him to locate his qualms all of a sudden. Fuck off collaborator
He is the only senator to ever vote to convict an impacted president of their own party. I get guilt by association, but you should give credit where it is due.
I don't think hardware, but it might prove very difficult to completely remove all the Russians decided to leave behind, once these idiots clicked "run" on the fake software updates God only knows what was installed and where it's been hidden. Complete system re-installs might be needed along with combing through databases with a fine toothed comb.Well that’s just swell. I wonder how much hardware is going to have to be replaced.
Hmm, Texas software firm formed by pair of Oklahoma brothers to exploit doomsday Y2K predictions. Texas + Russia, not good.It is very serious. From the reports so far Solarwind's Orion product was affected at such a deep level that the majority of IT people would never notice. Somehow the hackers were able to get access to Orion's code repository and compromise it with a single DLL. This was then packaged by Solarwinds and signed as officially verified and vetted software for your Orion product. As it was in an official vendor release hash verification would not have caught this. Once inside it would lay dormant for long periods of time before occasionally checking in with the command and control servers - usually immersed within legitimate Solarwinds traffic making detection difficult. Even worse Orion is so immersed in the network by design once it's compromised it's game over due to the privileged access it needs to do it's work. From there attackers would be able to forge single sign on tokens and could add access for themselves to programs, APIs, servers etc
Solarwinds has a huge customer basis. I don't know how many use Orion but 425 of the Fortune 500 companies use Solarwinds including the top 5 accounting firms and top 10 telecommunications firms. And if they could compromise Orion at such a level there is a chance they compromised their other products. Not a good time to have any Solarwind products in your environment
I'll take a flip flopper over a hard boiled party line asshole anyday.He also gave my state healthcare.that was the blueprints for the ACA, then played the whole repeal game as far back as 2012 at least.
If you think moscowmitch didn't know what was going on with the impeachment vote, then I disagree.
Edit: romney is the stereotypical flip flopper, playing the game, just check out his views on gay marriage, just like healthcare for all
I'll take a flip flopper over a hard boiled party line asshole anyday.
I'll take a flip flopper over a hard boiled party line asshole anyday.
Romney > Gaetz?
Romney > McConnell?
Romney > Graham?
Romney > Jordan?
Romney > Nunes?
Checks out.
Any dem > Romney?
Jury is out?
100%, however, whatever his motivations are, still.The difference is really that Romney doesn't seem to flip flop for any other reason than personal gain. I guess that's what I mean when I say he's the stereotypical flip flopper politician, any way the wind blows for the people he wants to pull votes from.
In this case, it's my understanding Mormon's really don't like Trump, and I saw this as a Romney play to virtue signal to his voters.
I wasn't specifically referring to Romney. I don't know that much about him and he may indeed be worse than any Democrat you can name. I was just saying that flip flopping (AKA changing your mind, in the best instances) is not necessarily a bad thing... it all depends on the circumstances. If the Democrats lose just one of those Georgia seats, I'm gonna be praying for a Republican senator who sees fit to side with the Democrats, maybe even switch parties mid stream. People might ask me what I'm smoking, but those things are possible, damn it!Ok, cool, thats up to you. He voted along party lines most of the time, and knows how to play the game. If it came down to him being the deciding vote, I'm confident he wouldn't have "voted his conscious".
He really does exude charisma like no other president, maybe ever. He still has a habit of speaking in a manner suggesting that he's ruminating, making up his mind what he thinks in the moment, which kind of irritates me. I don't know what that's about, exactly. I think he's been like that since in office. I thought his address at the Democratic Convention was very strong.100%, however, whatever his motivations are, still.
I feel like Obama was the only moral president I've ever known of the US. Guess thats why the rest of the west rallied behind him as well, and when he touches down for a convention, a talk, anywhere on EU soil he is greeted like a rock star.
I wasn't specifically referring to Romney. I don't know that much about him and he may indeed be worse than any Democrat you can name. I was just saying that flip flopping (AKA changing your mind, in the best instances) is not necessarily a bad thing... it all depends on the circumstances. If the Democrats lose just one of those Georgia seats, I'm gonna be praying for a Republican senator who sees fit to side with the Democrats, maybe even switch parties mid stream. People might ask me what I'm smoking, but those things are possible, damn it!
TBH, I have no opinion whatsoever about Romney. You clearly know the man a lot better than I do. I will say, there's not a man in America who I find more repugnant than DJT.Dare to dream, but for me....romney has a lot of making up to do before I start fist bumping him
TBH, I have no opinion whatsoever about Romney. You clearly know the man a lot better than I do. I will say, there's not a man in America who I find more repugnant than DJT.
Does this not cement the idea Trump was NEVER fit to hold office?