Kevin Beaumont 的推文 & 回复 - GossiTheDog@cyberplace.social

@GossiTheDog@cyberplace.social

I do not think it is appropriate any more for the NCA to saying it’s up to the victim orgs if they want to pay extortions, and/or being in the room during negotiations and payment.

It’s leading to boards assuming they can just pay criminal gangs to make problems go away.

It isn’t normal and needs to change.

Corporations shouldn’t be directly funding organised crime with the support of the National Crime Agency and their insurance. Break the cycle.

@GossiTheDog@cyberplace.social

If you want an lol - Microsoft have implemented Copilot on its own GitHub repos and it’s a clusterfuck, you can see MS engineers publicly begging Copilot to work.

www.reddit.com/r/Ex...

@GossiTheDog@cyberplace.social

You may have seen the fancy AI video unveil of Sora earlier this year, from OpenAI - showing absolutely incredible footage.

Well, they allowed people to use it this week - and it’s terrible. Laughably poor, people with 4 arms etc etc. I might have to do a thread of videos it spits out.

Between Apple Intelligence being kinda crap, OpenAI overhype and burning money like a furnace, and Copilot+ PCs not exactly flying off the shelves, the shareholder value train is going to crash at some point.

@GossiTheDog@cyberplace.social

I haven't been able to assess the security of the public build of Microsoft Recall as the processes keep crashing on my Copilot+ PC out of the box, it helps if the product would work at least.

@GossiTheDog@cyberplace.social

ENGlobal Corporation, an energy company, have filed an 8K with the SEC for ransomware (missing the word ransomware). www.sec.gov/ix?doc=...

#threatintel #ransomware

@GossiTheDog@cyberplace.social

NoName057(16) back to targeting UK this week, they're going to run all week. Thread for the week.

Current DDoS config, 17 orgs, UK councils and transport. Approx 70% success rate.

@GossiTheDog@cyberplace.social

Also if anybody is wondering it's less than a thousand attacking IPs, and they're largely volunteer's PCs and mobile phones - this isn't an infected router botnet.

A group of us has been aggressively taking down the config C2s for about a year which cuts off the volunteers, the numbers are down about 8 times from a year ago, but NoName have become better at their target config.

@GossiTheDog@cyberplace.social

To bring this to life btw about why NoName is so successful in terms of bringing things down - this is entire config for eastsuffolk.gov.uk, which has been down since 7am UK time.

There's no packet flood. There's no large packets. There's nothing like that. It's a layer 7, application layer attack.

All they do is send lots of web search requests with gibberish -- $_1 and $_5 are just large random strings. It's enough to CPU and memory exhaust most webservers.

@GossiTheDog@cyberplace.social

So far every council you've mentioned the issues has pretended it's a generic issue, lol

Edit: although in fairness I guess some of these councils might not actually know the cause

@GossiTheDog@cyberplace.social

UK Councils doing a much better job at coming back online this time around compared to last month's NoName attacks - 8 out of the 9 targeted (which are still in the botnet DDoS config, so attacks continue) are back online, only eastsuffolk.gov.uk remains down.

@GossiTheDog@cyberplace.social

Council websites generally host this kind of thing, if you want to know why they get targeted - it's local support basically.

@GossiTheDog@cyberplace.social

Here's the NoName blurb to go with the DDoS. #NoName #threatintel

@GossiTheDog@cyberplace.social

Tracking for UK councils stats.uptimerobot.c...

@GossiTheDog@cyberplace.social

NoName057(16) back to targeting UK this week, they're going to run all week. Thread for the week.

Current DDoS config, 17 orgs, UK councils and transport. Approx 70% success rate.

@GossiTheDog@cyberplace.social

dear lord

@GossiTheDog@cyberplace.social

oh thank the lord, the Enron thing is a parody at least HT @molly0xfff

@GossiTheDog@cyberplace.social

dear lord

@GossiTheDog@cyberplace.social

oh thank the lord, the Enron thing is a parody at least HT @molly0xfff

@GossiTheDog@cyberplace.social

dear lord

@GossiTheDog@cyberplace.social

oh thank the lord, the Enron thing is a parody at least HT @molly0xfff

@GossiTheDog@cyberplace.social

dear lord

@GossiTheDog@cyberplace.social

oh thank the lord, the Enron thing is a parody at least HT @molly0xfff

@GossiTheDog@cyberplace.social

dear lord

@GossiTheDog@cyberplace.social

oh thank the lord, the Enron thing is a parody at least HT @molly0xfff

@GossiTheDog@cyberplace.social

dear lord

@GossiTheDog@cyberplace.social

oh thank the lord, the Enron thing is a parody at least HT @molly0xfff

@GossiTheDog@cyberplace.social

dear lord

@GossiTheDog@cyberplace.social

oh thank the lord, the Enron thing is a parody at least HT @molly0xfff

@GossiTheDog@cyberplace.social

Poland’s former spy chief was detained and dragged before parliament on Monday as part of a probe into whether the previous rightwing government misused spyware to put its opponents under surveillance.

Piotr Pogonowski, who ran Poland’s internal security agency under the administration of the Law and Justice (PiS) party and is currently a member of the central bank’s management board, was arrested after ignoring three summons from the parliamentary inquiry committee. www.ft.com/content/...

Poland’s former spy chief arrested over refusal to testify to parliament

Piotr Pogonowski forcibly taken to parliamentary hearing over alleged government misuse of spyware

@GossiTheDog@cyberplace.social

oh thank the lord, the Enron thing is a parody at least HT @molly0xfff