https://haveibeenpwned.com
- Josh On May 23, 2017 1:04 AM, "Steve Jones" <thatoneguyst...@gmail.com> wrote: > I have had the same Hotmail password for 23 years, that account has become > the primary Microsoft account, ive changed it two times, back to the > original in that time. > > Its really not that hard to be safe, I'm not very diligent. Its very hard > to give up your info, yet people do and the media makes it sound like all > :hackers" are "tunneling in" > > the truth is humans are just stoopid > > On Tue, May 23, 2017 at 12:49 AM, Josh Reynolds <j...@kyneticwifi.com> > wrote: > >> >> https://fossbytes.com/hacking-windows-login-details-using-go >> ogle-chrome-sfc-files/ >> >> 6 days ago >> - Josh >> >> On May 23, 2017 12:46 AM, "Steve Jones" <thatoneguyst...@gmail.com> >> wrote: >> >>> when this hit, that's what they said, then when they realized it was >>> like every other malware, the news tried the "wannacry not delivered via >>> attachements" headlines for like 40 seconds til the tech community lashed >>> out (btw the tech community is the only legitimately non partisan community >>> out there) and they STFU. >>> I never understood when our customers get het with malware, why the >>> people who don't use UPS insist on always opening the UPS attachments >>> granted, this propagates from an infected machine to others if you >>> didn't apply the three month old patch, so "technichally it doesn't have >>> user interaction" but unless its dropping an executable in a startup >>> folder, does it really? >>> >>> I just wonder if I'm missing something. I sat through a UTM webinar the >>> other day on this, expecting to gain insight. The gist of this one is "yer >>> fukt" because it was distributed by what equates to a 3 year old with an >>> iPhone, and paying the ransom doesn't get you a key. There was a post >>> webinar Q&A that disconnected because the UTM vendor didn't realize the guy >>> who started the session had to actually stay in it to keep it going.... >>> that's the level of non starter I perceive wannacry as. >>> >>> On Tue, May 23, 2017 at 12:25 AM, Josh Reynolds <j...@kyneticwifi.com> >>> wrote: >>> >>>> It's very possible, I've just never heard of an exploit that doesn't >>>> actually require you to run the payload >>>> >>>> - Josh >>>> >>>> On May 23, 2017 12:22 AM, "Steve Jones" <thatoneguyst...@gmail.com> >>>> wrote: >>>> >>>>> that's like super old (not that wannacry is all that new) >>>>> its amazing to me that malware is such a thing >>>>> fuckballs stuxnet is still live >>>>> are humans retarded? >>>>> >>>>> On Tue, May 23, 2017 at 12:15 AM, Josh Reynolds <j...@kyneticwifi.com> >>>>> wrote: >>>>> >>>>>> I don't know which one that you are talking about, but there is a >>>>>> much more advanced exploit floating around. One of the infection methods >>>>>> is >>>>>> to auto download a file when loading a web page... When the user opens >>>>>> the >>>>>> folder, the windows handler that loads the file icon from inside the >>>>>> program, which then silently transmits that users credentials to a remote >>>>>> SMB server. >>>>>> >>>>>> Nasty stuff. >>>>>> >>>>>> - Josh >>>>>> >>>>>> On May 23, 2017 12:03 AM, "Steve Jones" <thatoneguyst...@gmail.com> >>>>>> wrote: >>>>>> >>>>>>> lol, better not be another one >>>>>>> just seems like this wannacry thing is way blown out of proportion, >>>>>>> I haven't seen anything to indicate its any more virulent or invasive >>>>>>> than >>>>>>> the standard malware, just happens it did a targeted phish of known >>>>>>> unprotected targets >>>>>>> >>>>>>> On Mon, May 22, 2017 at 10:16 PM, Jay Weekley < >>>>>>> par...@cyberbroadband.net> wrote: >>>>>>> >>>>>>>> Is this a new way of announcing your wife is having a baby? >>>>>>>> >>>>>>>> Steve Jones wrote: >>>>>>>> >>>>>>>>> I not an absurd lack of hype over this on this list when every >>>>>>>>> other list is popping off >>>>>>>>> Am I the only one that sees this as similar to the whole UBNT >>>>>>>>> mishap? don't follow standard practices, pay the price? >>>>>>>>> I'm inclined to block the ports as a mechanism of being a good >>>>>>>>> steward of the interwebs, but shouldn't I have already been dropping >>>>>>>>> those? >>>>>>>>> as an ISP >>>>>>>>> I'm tempted to push OS migration, but shouldn't I have already >>>>>>>>> been doing so as an IT services guy. >>>>>>>>> I'm tempted to keep current patches, but shouldn't I have already >>>>>>>>> been doing so? >>>>>>>>> I have no expectation that none of my contact customers will not >>>>>>>>> be impacted... by choices they made in our contract. >>>>>>>>> This doesn't seem like its a NEW thing >>>>>>>>> >>>>>>>>> <http://www.avg.com/email-signature?utm_medium=email&utm_sou >>>>>>>>> rce=link&utm_campaign=sig-email&utm_content=emailclient> >>>>>>>>> Virus-free. www.avg.com <http://www.avg.com/email-sign >>>>>>>>> ature?utm_medium=email&utm_source=link&utm_campaign=sig-emai >>>>>>>>> l&utm_content=emailclient> >>>>>>>>> >>>>>>>>> <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2> >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> >>>>> >>> >
