Follow

re: Cyberwar 

This year is gonna suck.

re: Cyberwar 

Advice:

If you have accounts without MFA enabled... go enable it now... preferably Authenticator App based MFA.

If You are not running some sort of endpoint security, do it now... I don't care what OS you run... find something, preferably something with predictive security modeling.

Use more scrutiny than usual with email. It's about to get really bad out there.

Show thread

re: Cyberwar 

If you run stuff on cloud platforms AWS/DO/Azure/GCP/Linode... go take a few minutes and make sure your shit is secure. No exposed access to port 22/3389/21/23 etc., reverse proxies are properly configured and such...

Please, for you and me, take some time now to reinforce your defenses, because in the next few months, teams like mine are going to be hard to find to do DFIR, and you need to avoid the situation if at all possible.

just don't be low-hanging fruit for them.

Show thread

re: Cyberwar 

Now, all that said... Let's hope we don't need the preparations. Let's hope we ride this out quietly and unscathed.

But better to be prepared than to wish you had been.

Show thread

re: Cyberwar 

@TheGibson as a professional, this year is gonna suck for you. As a helpless bystander in this endless cyber dystopian nightmare this year is gonna be hours of entertainment

re: Cyberwar 

@Mainebot I'm days away from setting up something big... I just hope we manage to get it in under the wire before the fireworks begin.

re: Cyberwar 

@TheGibson Really seems to me like these guys are going to push their luck until someone decides the best defense is to just find them and blow out their kneecaps

re: Cyberwar 

@thegibson Ohh, we will need the preparation.

re: Cyberwar 

@TheGibson
I figure only keep required ports for service open. BSD jails are your friend!

re: Cyberwar 

@dukeofpearldiving @thegibson Never not default deny network ACLs.

re: Cyberwar 

@thegibson is there a resource you know about for people who are self hosting off an old tower in their basement running yunohost?

Or are these too small and unlikely to pay up to be worth targeting?

(If my home server got owned I’d probably toss it than pay a bitcoin to retrieve the data!)

re: Cyberwar 

@dustin updates, reverse proxy, endpoint sec.

That’s your play.

re: Cyberwar 

@TheGibson Can confirm. On the job hunt. Got a very valid looking offer from the job board in my email. Applied off site. Next day my email was chock full of spam and phish.

I nuked the job hunt email rather than deal with the bullshit. I'd like to think I'm pretty vigilant about this sort or crap, but it only takes one fuckup.

re: Cyberwar 

@sleepychris This is exactly it... people aren't dumb... that's not why this happens...

Sign in to participate in the conversation
hackers.town

A bunch of technomancers in the fediverse. Keep it fairly clean please. This arcology is for all who wash up upon it's digital shore.