this post was submitted on 20 Jul 2024
120 points (96.9% liked)

Pulse of Truth

473 readers
71 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 1 year ago
MODERATORS
 

David E. Sanger / New York Times: The CrowdStrike debacle may have accidentally provided cybercriminals and countries like China a more detailed road map to disrupt US critical infrastructure  —  With each cascade of digital disaster, new vulnerabilities emerge.  The latest chaos wasn't caused by an adversary …

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 32 points 3 months ago (1 children)

Yeah “target Windows”.

[–] [email protected] 11 points 3 months ago* (last edited 3 months ago) (2 children)

Worse... target CrowdStrike or any other security monitoring system... which means being able to get in anything, Windows, Linux, MacOS... not that they don't already do that. Because they definitely do.

[–] [email protected] 4 points 3 months ago (1 children)

It had already been done see: SolarWinds

Somehow they are still in business

[–] [email protected] 4 points 3 months ago* (last edited 3 months ago)

My point exactly. What good is a dozen docker containers nested in four VMs if you can slap all of it aside with the giant ROOT SHELL hand because you hacked into the remote monitoring software to take control of the system.

The remote management system is now the weaket link in the system's security chain.

[–] [email protected] 1 points 3 months ago (1 children)

If it’s specifically allowed, yes. Windows is swiss cheese with tons of contaminants in.

[–] [email protected] 4 points 3 months ago (1 children)

Any remote monitoring software is a swiss cheese opening into your system.

[–] [email protected] 1 points 3 months ago

Not necessarily. Proper permissions and lack of system bugs are ok to monitor, it doesn’t mean the system is less secure.