Log4J flaw

[GaryAnderson]

So, a new Java based vulnerability is being exploited by hackers (mainly Chinese hackers) and is running rampant around the world.
Hospitals have now been affected in their Kronos system which is a time tracking software where people are eventually paid. The Kronos system is considering of paying the ransomware despite the advice of the fbi to not pay it.
IT in America. Amateur hour.
I know our defenses are pretty weak but I honestly believe that we don’t have any offensive capabilities against China or Russia. Or, they’re better at defense cos they don’t argue like us. They know objective truth and execute it. In here we have meetings.

Hackers launch over 840,000 attacks through Log4J flaw

 

[dev553344]

I'm not into Java. I mostly program in C#. I used to program in C++ but it got too cumbersome. C# is an excellent software system together with the IDE it works great. I need to upgrade my software though. I'm still running older programming software.

Well I don't know if it's Chinese but some time ago I was hacked and my files were encoded with Chinese letters. I was running physics experimentation and recording data. The data was what was encrypted.

 

[GaryAnderson]

I'm not into Java. I mostly program in C#. I used to program in C++ but it got too cumbersome. C# is an excellent software system together with the IDE it works great. I need to upgrade my software though. I'm still running older programming software.

Well I don't know if it's Chinese but some time ago I was hacked and my files were encoded with Chinese letters. I was running physics experimentation and recording data. The data was what was encrypted.

Crap. I posted another thread here regarding network-level security at home but you should also invest in a NAS which is segregated from the rest of your network where you house your critical files which will remain almost untouchable in case of a catastrophic ransomware affecting your home network.

 

[dev553344]

Crap. I posted another thread here regarding network-level security at home but you should also invest in a NAS which is segregated from the rest of your network where you house your critical files which will remain almost untouchable in case of a catastrophic ransomware affecting your home network.

I've taken measures to protect my files in other ways. I also have an offline memory card.

 

[GaryAnderson]

Devin, I don’t know if you looked up the reasons why the gas pipeline was hacked last year but it was a single VPN account which was shared among employees without MFA. I laughed very hard.
That’s like leaving your house keys under the front door rug and then complain about being broken into.

 

[dev553344]

Devin, I don’t know if you looked up the reasons why the gas pipeline was hacked last year but it was a single VPN account which was shared among employees without MFA. I laughed very hard.
That’s like leaving your house keys under the front door rug and then complain about being broken into.

Sure but hackers are annoying and damaging. I'm not into hacking as it is against my morals. Fwew, after getting hacked I was super upset. Months of logged data destroyed.

 

[GaryAnderson]

Sure but hackers are annoying and damaging. I'm not into hacking as it is against my morals. Fwew, after getting hacked I was super upset. Months of logged data destroyed.

Oh I hear you on the personal note, I’m just amazed at these so-called “professionals” in these high-profile jobs making amateurish mistakes.
I bet you that they didn’t even change the defaults and the password was “password” or “admin”.

 

[dev553344]

Oh I hear you on the personal note, I’m just amazed at these so-called “professionals” in these high-profile jobs making amateurish mistakes.
I bet you that they didn’t even change the defaults and the password was “password” or “admin”.

Yes but these hackers are better than that. From what I read, they've been hacking sensitive information from the mil and gov sites which do have safeguards. But yeah, not using your passwords on your phone or computer is just not wise, and the passwords should be appropriately complex.

 

[dev553344]

Oh I hear you on the personal note, I’m just amazed at these so-called “professionals” in these high-profile jobs making amateurish mistakes.
I bet you that they didn’t even change the defaults and the password was “password” or “admin”.

Ya know what I've noticed. Back when we had IBM 486 and 386 computer processors windows was slow. And I thought if we had faster computers it would improve the performance of windows. But all microsoft did was make the OS more and more complex and ate up all the compute cycles. Sometimes I wish I could just run DOS again, haha

 

[GaryAnderson]

Yes but these hackers are better than that. From what I read, they've been hacking sensitive information from the mil and gov sites which do have safeguards. But yeah, not using your passwords on your phone or computer is just not wise, and the passwords should be appropriately complex.

Trust me, I’ve done contracting jobs with GOV and I worked for them for a few years. The amount of compartmentalization and bureaucracy has reached astonishing harmful levels where we leave ourselves open on many vulnerabilities.

 

[dev553344]

Trust me, I’ve done contracting jobs with GOV and I worked for them for a few years. The amount of compartmentalization and bureaucracy has reached astonishing harmful levels where we leave ourselves open on many vulnerabilities.

Yeah I wasn't aware of that. My brother does a lot of school and gov jobs but he does network wiring stuff.

 

[GaryAnderson]

Ya know what I've noticed. Back when we had IBM 486 and 386 computer processors windows was slow. And I thought if we had faster computers it would improve the performance of windows. But all microsoft did was make the OS more and more complex and ate up all the compute cycles. Sometimes I wish I could just run DOS again, haha

I miss those days too. Back when you wanted a printer driver, the manufacturer shipped you a floppy. Lol