Top Poster of the Day:
GoldMemer
Current Registered Users: 28,757
tech/science swag.
Guidelines:
What to Submit
On-Topic: Anything that good slackers would find interesting. That includes more than /g/ memes and slacking off. If you had to reduce it to a sentence, the answer might be: anything that gratifies one's intellectual laziness.
Off-Topic: Most stories about politics, or crime, or sports, unless they're evidence of some interesting new phenomenon. Videos of pratfalls or disasters, or cute animal pictures. If they'd cover it on TV news, it's probably lame.
Help keep this hole healthy by keeping drama and NOT drama balanced. If you see too much drama, post something that isn't dramatic. If there isn't enough drama and this hole has become too boring, POST DRAMA!
In Submissions
Please do things to make titles stand out, like using uppercase or exclamation points, or saying how great an article is. It should be explicit in submitting something that you think it's important.
Please don't submit the original source. If the article is behind a paywall, just post the text. If a video is behind a paywall, post a magnet link. Fuck journos.
Please don't ruin the hole with chudposts. It isn't funny and doesn't belong here. THEY WILL BE MOVED TO /H/CHUDRAMA
If the title includes the name of the site, please leave that in, because our users are too stupid to know the difference between a url and a search query.
If you submit a video or pdf, please don't warn us by appending [video] or [pdf] to the title. That would be r-slurred. We're not using text-based browsers. We know what videos and pdfs are.
Make sure the title contains a gratuitous number or number + adjective. Good clickbait titles are like "Top 10 Ways to do X" or "Don't do these 4 things if you want X"
Otherwise editorialize. Please don't use the original title, unless it is gay or r-slurred, or you're shits all fucked up.
If you're going to post old news (at least 1 year old), please flair it so we can mock you for living under a rock, or don't and we'll mock you anyway.
Please don't post on SN to ask or tell us something. Send it to [email protected] instead.
If your post doesn't get enough traction, try to delete and repost it.
Please don't use SN primarily for promotion. It's ok to post your own stuff occasionally, but the primary use of the site should be for curiosity. If you want to astroturf or advertise, post on news.ycombinator.com instead.
Please solicit upvotes, comments, and submissions. Users are stupid and need to reminded to vote and interact. Thanks for the gold, kind stranger, upvotes to the left.
In Comments
Be snarky. Don't be kind. Have fun banter; don't be a dork. Please don't use big words like "fulminate". Please sneed at the rest of the community.
Comments should get more enlightened and centrist, not less, as a topic gets more divisive.
If disagreeing, please reply to the argument and call them names. "1 + 1 is 2, not 3" can be improved to "1 + 1 is 3, not 2, mathfaggot"
Please respond to the weakest plausible strawman of what someone says, not a stronger one that's harder to make fun of. Assume that they are bad faith actors.
Eschew jailbait. Paedophiles will be thrown in a wood chipper, as pertained by sitewide rules.
Please post shallow dismissals, especially of other people's work. All press is good press.
Please use Slacker News for political or ideological battle. It tramples weak ideologies.
Please comment on whether someone read an article. If you don't read the article, you are a cute twink.
Please pick the most provocative thing in an article or post to complain about in the thread. Don't nitpick stupid crap.
Please don't be an unfunny chud. Nobody cares about your opinion of X Unrelated Topic in Y Unrelated Thread. If you're the type of loser that belongs on /h/chudrama, we may exile you.
Sockpuppet accounts are encouraged, but please don't farm dramakarma.
Please use uppercase for emphasis.
Please post deranged conspiracy theories about astroturfing, shilling, bots, brigading, foreign agents and the like. It degrades discussion and is usually mistaken. If you're worried about abuse, email [email protected] and dang will add you to their spam list.
Please don't complain that a submission is inappropriate. If a story is spam or off-topic, report it and our moderators will probably do nothing about it. Feed egregious comments by replying instead of flagging them like a pussy. Remember: If you flag, you're a cute twink.
Please don't complain about tangential annoyances—things like article or website formats, name collisions, or back-button breakage. That's too boring, even for HN users.
Please seethe about how your posts don't get enough upvotes.
Please don't post comments saying that rdrama is turning into ruqqus. It's a nazi dogwhistle, as old as the hills.
Miscellaneous:
The quality of posts is extremely important to this community. Contributors are encouraged to provide high-quality or funny effortposts and informative or entertaining comments. Please refrain from posting the following:
Boring wingcucked nonsense nobody cares about that belongs in chudrama
Normie shit everyone already knows about
Anything that doesn't gratifify one's intellectual laziness
Bimothy-tier posts
Anything that the jannies don't like
Jannies reserve the right to exile baby ducks from this hole at any time.
We reserve the right to exile you for whatever reason we want, even for no reason at all! We also reserve the right to change the guidelines at any time, so be sure to read them at least once a month. We also reserve the right to ignore enforcement of the guidelines at the discretion of the janitorial staff. This hole is a janny playground, participation implies enthusiastic consent to being janny abused by unstable alcoholic bullies and loser nerds who have nothing better to do than banning you for any reason or no reason whatsoever.
[[[ To any NSA and FBI agents reading my email: please consider ]]]
[[[ whether defending the US Constitution against all enemies, ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]
/h/slackernews SETTINGS /h/slackernews LOG /h/slackernews MODS /h/slackernews EXILEES /h/slackernews FOLLOWERS /h/slackernews BLOCKERS
Jump in the discussion.
No email address required.
Lol what's an IT guy at a small law firm gonna do against a Russian cyber attack? Those vatnigs run sophisticated ops.
Couple of months ago UnitedHealth was hit and even they paid out. And this is a half a trillion dollar company.
https://www.cbsnews.com/news/unitedhealth-ransom-paid-change-healthcare-attack/
Jump in the discussion.
No email address required.
This might be a spicy hot take, but I think paying ransom like this should be a criminal offense, tantamount to financially supporting the criminals. Anybody who authorizes a ransom payment should face prison time.
The only reason these attackers even do these attacks is because they get paid.
Jump in the discussion.
No email address required.
That's kind of the problem, though - in my experience with ransomware attacks (granted, in infrastructure that was maintained by one very intelligent but extremely overworked bong) they tend to go after backups first, and then encrypt the existing infrastructure. If you have no way to recover your mission critical data, depending on the field, you're basically dead in the water.
That's what cybersecurity insurance is for - they communicate with the threat actor, provide the ransom funds, and assist with recovery. I get where you're coming from, but the choice is considered in a vacuum - either you lose all your customer data, tokenized payment information, etc, or the insurance pays out. And, even then, you don't always get your shit back. I had one scenario where the threat actor's decryption utility wouldn't work on individual files >~100GB (which included the main company database) and the threat actor - using lockbit - just kind of shrugged and said, well, you already paid us, and we have no incentive to help you resolve this. And since lockbit is Ransomware-as-a-service, I doubt they even had the ability.
That's why these attacks are so effective - short of crazy advances in quantum computing or a significant error in the threat actor's encryption utility, it is physically impossible to get anything back. Another reason why 3-2-1 backup solutions are so fricking important - airgapped backups would have saved the company in this case, but tape and storage is expensive.
The whole problem would be solved if we just glassed Russia or never invented computers, both of which I strongly advocate for.
Jump in the discussion.
No email address required.
Yeah I get that, but the only reason these attacks exist in the first place is because people pay out. If they didn't, the attackers literally wouldn't do this. (Obviously the actual OP isn't ransomware at all and is a totally different type of attack that would still exist.)
Yeah. Sucks to suck. The same is true if they don't have proper backups and their server catches fire. That's why you need proper, secured backups. Nothing should even be able to modify them in the first place, once they're written they should be absolutely read-only. And for particularly valuable data, they should have an offline copy.
It's not even difficult. My company has offsite backups that I helped setup. The data is technically stored at a totally different company, on different systems. I think we literally pay like $0.0004/GB/mo for it. Cheap as frick. The only excuse to not do so is laziness.
Allowing people to pay these ransoms does nothing but subsidize places with shitty backup/security policy because they have an avenue to recover their fricked up assets.
I know my suggestion will never come true because most people don't understand computer/network security and assume that the people falling prey to this were doing all they could and are innocent victims, akin to someone getting mugged while walking on the street minding their own business. But that's fundamentally not true. These aren't state actors, they aren't burning 0days for these ransomware attacks. It's usually a combination of (1) some r-slur letting themselves get hacked by downloading suspicious programs/documents and (2) incompetent IT setup in such a way that if Claire from marketing gets hacked, the hackers can use her credentials to hose the entire network and backup system.
Jump in the discussion.
No email address required.
Oh yeah, I basically agree with all of that. The situation I was referring to, the threat actor gained access to the entire network with pass-the-hash stemming from an 8 year old critical CVE in a publicly accessible Exchange 2013 server. Incredibly fricking stupid, and entirely preventable. It was a non-profit with a budget comprised almost entirely of endowments, and C-level didn't think hiring more than one dude to manage infrastructure for a several-hundred employee organization was necessary. As an aside, they still don't, even post-attack.
My point was more that imposing criminal penalties on that sort of thing would absolutely disincentize money-motivated threat actors - but that definitely won't stop ransomware attacks entirely, and would essentially guarantee that the affected company would go under. And not every company is capable - at an OpEx level - of preventing it. In an idea world, on top of implementing criminal penalties for paying out, I'd say a Federal law requiring companies dealing with PII in any capacity to comply with preventative standards would help - like there already is with e.g. HIPAA. Then the cost benefit analysis flips and C-level decides paying the fine for violating such a law is more detrimental than paying a couple more infra guys 110K/year or outsourcing their security to a netsec MSP.
This is all based on personal experience, but in principle I agree that paying out just incentizes threat actors. I just don't know what the solution is to make luddite executives prioritize that sort of thing without killing otherwise valuable businesses in the process.
Jump in the discussion.
No email address required.
At no point in your rambling, incoherent post were you even close to anything that could be considered a rational thought. Everyone on this site is now dumber for having read it. May God have mercy on your soul.
Jump in the discussion.
No email address required.
More options
Context
just make redteaming legal. anybody on the street can pwn your servers and negotiate a reasonable sum as recompense. Instead of rare attacks taking down the whole company, there would be a steady stream of local blackhats chipping away at you and closing all the holes that russian ransomware attacks would otherwise use.
Jump in the discussion.
No email address required.
More options
Context
More options
Context
More options
Context
Have you owned the libs yet?
Jump in the discussion.
No email address required.
More options
Context
More options
Context
It should be legal to hack Russia and China back, it's absurd we don't give out letter of mark or something
Jump in the discussion.
No email address required.
More options
Context
More options
Context
Wouldn't have went down that way if he was there
Jump in the discussion.
No email address required.
More options
Context
Best practices still go a long way in keeping things safe. They still should have just gone with an MSP and gotten cyber insurance, imo.
Jump in the discussion.
No email address required.
More options
Context
How are payments “intercepted”? Is that even a thing. seems like the banks problem unless they literally sent it to the Russians
Putting the in
spookieturkeyJump in the discussion.
No email address required.
The Russians sent an email with the right name and email address saying "Send it to this shady overseas bank account" and some r-slur did literally send it to them
Jump in the discussion.
No email address required.
More options
Context
Phishing and social engineering, and it's pretty common. When I was going through the loan process and then escrow, I got a bunch of emails about phishing and fraud and not to send money to anyone other than the official business listed.
Bank lady who transferred the downpayment also asked me to make sure it's the official escrow account.
Krayon sexually assaulted his sister.
Jump in the discussion.
No email address required.
they sometimes hack into the system to see if someone does already adhoc payments over email( alot of people do), and then they craft a malicious lookalike email.
Jump in the discussion.
No email address required.
More options
Context
More options
Context
More options
Context
Campanies get ransomwared by being r-slurred, the larger the company the more r-slurs you have.
Jump in the discussion.
No email address required.
More options
Context
More options
Context