David E. Sanger / New York Times: The CrowdStrike debacle may have accidentally provided cybercriminals and countries like China a more detailed road map to disrupt US critical infrastructure  —  With each cascade of digital disaster, new vulnerabilities emerge.  The latest chaos wasn’t caused by an adversary …

31 points

Yeah “target Windows”.

permalink
report
reply
13 points
*

Worse… target CrowdStrike or any other security monitoring system… which means being able to get in anything, Windows, Linux, MacOS… not that they don’t already do that. Because they definitely do.

permalink
report
parent
reply
1 point

If it’s specifically allowed, yes. Windows is swiss cheese with tons of contaminants in.

permalink
report
parent
reply
4 points

Any remote monitoring software is a swiss cheese opening into your system.

permalink
report
parent
reply
4 points

It had already been done see: SolarWinds

Somehow they are still in business

permalink
report
parent
reply
4 points
*

My point exactly. What good is a dozen docker containers nested in four VMs if you can slap all of it aside with the giant ROOT SHELL hand because you hacked into the remote monitoring software to take control of the system.

The remote management system is now the weaket link in the system’s security chain.

permalink
report
parent
reply
6 points

Oh, great

permalink
report
reply
2 points

I mean, isn’t this also a problem in other Western countries? Australia got it bad.

permalink
report
reply
3 points

Yes, but only country that matters is US /s

Also, they are likely the primary targets (certainly not the only ones) for bad actors.

permalink
report
parent
reply
7 points

What do you mean “may have”

permalink
report
reply
1 point

Depends on if they already knew this information or not.

permalink
report
parent
reply
2 points

way to go a**holes!

permalink
report
reply

Pulse of Truth

!pulse_of_truth@infosec.pub

Create post

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

Community stats

  • 1.3K

    Monthly active users

  • 885

    Posts

  • 721

    Comments

Community moderators