In the news

I'd bet a significant sum of money that your partner doesn't know.

I'd also assume that alongside the phishing that you have seen there's user-account-compromise mail that you may not have spotted.

Attackers will compromise an account, search for (typically) a finance related conversation to piggy-back, if they find one they will copy the entire conversation and then send from an MTA they control spoofing the victims domain (if they're able), or using a look-alike domain (if they're not).

If that doesn't work, or doesn't get the results they want they'll go back into the compromised account and send from that.

It’s all so scary and horrid I’d kind of rather not know.

I had my emails got to by someone exploiting an insecure printer on our network that held my password so the printer could email scans. The idea that my whole inbox is out there in the hands of nefarious folks forever is really unsettling.

See also - those gadgets you can buy for a few hundred £ that can spoof RFIDs and get into your car / office / garage door, software that can brute force passwords in seconds.

Am I paranoid in not wanting a robot hoover or anything like it on my home Wi-Fi now?

I had my emails got to by someone exploiting an insecure printer on our network

What the fuck

held my password so the printer could email scans

Oh.

Am I paranoid in not wanting a robot hoover or anything like it on my home Wi-Fi now?

Not really, the fewer stupid wifi things the better. Especially cheap knockoffs.

Oh

Yeah. I don’t really understand what happened but I guess the printer installer must have left the factory password on it and made it accessible remotely. Or something.

I imagine it has/had an admin console which the installer configured to be accessible over the internet- then either left the default password or used one that could be brute-forced/otherwise pwned.

Or, evil fairies.

It absolutely should not have stored your password in a way that could be displayed, mind you.

held my password so the printer could email scans

Doesn't the printer just need your email to do that, not your password?

Yes and no. It can send as you by spoofing your email anddress and BCC the same address I guess, with an MTA in the printer, but without your credentials it can’t send “from” your account, only “as” your account, which might sound like a distinction without a purpose but is meaningful.

The other question is how did the attacker get into Heftys mailbox otherwise?

So basically to protect from ransomware attacks you need a gapped master server with old fashioned terminals which are all kept in a secure space. All inputs and outputs are then subject to a myriad of security checks. The general bozos use a secondary server.

Isn't that what Tom Cruise got at in Mission Impossible dangling from a rope from the ceiling while the operator was vomiting in the loo :)

I've recently had 2 phishing viruses on my PC at home. One of them was for grabbing passwords. Maybe it's because I use utorrent? They've both been very disruptive, triggering WMI Provider Host to use all my spare CPU, which was probably a good thing because otherwise I'd never have done a virus cleanup. I blame crypto. If it wasn't for stupid fucking crypto there wouldn't be a way for hackers to get rich.

So basically to protect from ransomware attacks you need a gapped master server with old fashioned terminals which are all kept in a secure space. All inputs and outputs are then subject to a myriad of security checks. The general bozos use a secondary server.

No, because then a normal business can't run. Something like a SCADA system is meant to* run the way that you describe, but that doesn't work for normal business applications.

\* But, not always how they actually do run of course

I've recently had 2 phishing viruses on my PC at home. One of them was for grabbing passwords. Maybe it's because I use utorrent? They've both been very disruptive, triggering WMI Provider Host to use all my spare CPU, which was probably a good thing because otherwise I'd never have done a virus cleanup. I blame crypto. If it wasn't for stupid fucking crypto there wouldn't be a way for hackers to get rich.

We've been tracking two threat actors who are specialising in stealing the crypto from businesses that they've put aside to pay ransomware ransoms...

That was basically my point! My view is that email should be binned. Essentially exists for the benefit of middle-aged middle managers.

And every consumer.

https://en.wikipedia.org/wiki/Air-gap_malware

^This is a thing, and it's super clever, but it's also around a thousand times more likely that an attacker would compromise someone with legitimate access to the SCADA system and get them to make the changes directly.

I don't doubt it for a moment, humans are always going to be an easily exploitable weakness in the system.

This comment was brought to you by ChatGPT.

Bring back cash savings under bed.

If someone is going to steal all my money I at least want a couple bruises for the story.

I am in the process of moving energy data into companies “clouds” for sustainability things and I reckon we are spending about 15 times more work hours on cyber security than engineering to the point we’re trying to hire three specialists as we have neither the man power or frankly surface level knowledge to deal with this.

I know longer think industry 4 is the future I think it’s the death of us. First part was also a joke no bruises please.

I use a separate SSID that can't see the rest of the network for this kind of stuff.

This comment was brought to you by ChatGPT.

Nah. It was plausible (check) but it wasn't horseshit (fail).

Printers are just old computers which never get patched running protocols from the 1990s. It is unlikely your password was even stored encrypted on the damn thing.

https://www.bbc.com/sport/golf/64673771

Watching the gymnastics people will go to in defending this is hilarious. “It’s a joke between friends” top tip if you don’t want the public to hear it you shouldn’t be saying it.

I've heard about this before I think, but still it seems odd that prostate cancer leads an american to developing what seems to be an Irish accent.

https://www.theguardian.com/us-news/2023/feb/16/us-cancer-patient-develops-uncontrollable-irish-accent-doctors-say