If you have accounts without MFA enabled... go enable it now... preferably Authenticator App based MFA.
If You are not running some sort of endpoint security, do it now... I don't care what OS you run... find something, preferably something with predictive security modeling.
Use more scrutiny than usual with email. It's about to get really bad out there.
If you run stuff on cloud platforms AWS/DO/Azure/GCP/Linode... go take a few minutes and make sure your shit is secure. No exposed access to port 22/3389/21/23 etc., reverse proxies are properly configured and such...
Please, for you and me, take some time now to reinforce your defenses, because in the next few months, teams like mine are going to be hard to find to do DFIR, and you need to avoid the situation if at all possible.
just don't be low-hanging fruit for them.
Now, all that said... Let's hope we don't need the preparations. Let's hope we ride this out quietly and unscathed.
But better to be prepared than to wish you had been.
@TheGibson Really seems to me like these guys are going to push their luck until someone decides the best defense is to just find them and blow out their kneecaps
@thegibson Ohh, we will need the preparation.
I figure only keep required ports for service open. BSD jails are your friend!
@thegibson is there a resource you know about for people who are self hosting off an old tower in their basement running yunohost?
Or are these too small and unlikely to pay up to be worth targeting?
(If my home server got owned I’d probably toss it than pay a bitcoin to retrieve the data!)
@dustin updates, reverse proxy, endpoint sec.
That’s your play.
@TheGibson Can confirm. On the job hunt. Got a very valid looking offer from the job board in my email. Applied off site. Next day my email was chock full of spam and phish.
I nuked the job hunt email rather than deal with the bullshit. I'd like to think I'm pretty vigilant about this sort or crap, but it only takes one fuckup.
@sleepychris This is exactly it... people aren't dumb... that's not why this happens...
A bunch of technomancers in the fediverse. Keep it fairly clean please. This arcology is for all who wash up upon it's digital shore.