Replies

Um, this one covers a LOT of territory:

“Microsoft called out as big malware hoster – thanks to OneDrive and Office 365 abuse”:

https://www.theregister.com/2021/10/18/microsoft_malware_brand/

“Microsoft has been branded as “the world’s best malware hoster for about a decade,” thanks to abuse of the Office 365 and Live platform, as well as its slow response to reports by security researchers.

“Infosec expert Kevin Beaumont, who worked at Microsoft as a senior threat intelligence analyst between June 2020 and April 2021, made the comments in response to a report by “cybersec professional” TheAnalyst.

One guy commented: “I loudly protest at the claim that Office 365 is more secure than its on-premises predecessors.”

Further rambling on that last comment would destroy the supreme simplicity of this truth.

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"Sure I had a plan; Everybody's got a plan until you get hit in the teeth."

-A Very Famous Boxer

3 users thanked author for this post.

doriel, Alex5723, rontpxz81

Got some more intel on this one; it seems that a great deal of the recent recipients of this kind of phishing use, or have used a major healthcare system in SoCal that was recently ransomwared to it’s knees a few months ago. Since then they have been less than forthcoming, due to the “ongoing investigation which is still ongoing.”

Well, perhaps they really DID leak some vital info.

“Ongoing Investigation”, my er, foot. (This is a family forum.) These guys are stumbling around with one foot in a bucket of cement, and a mop over their heads while they try and find their, er, elbows in a brightly lit room with both hands to no avail.

Only educated guesses on this, but it’s looking rather poor for them.

Can you say, “Class Action? Of course you can!” (Apologies to the late Mr. Rogers)

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"Sure I had a plan; Everybody's got a plan until you get hit in the teeth."

-A Very Famous Boxer

2 users thanked author for this post.

OscarCP, wavy

Thanks for bringing this security issue out here; in our “Oh, just do this,” society it’s all too easy to play to a mark’s love of novelty and/or laziness, much to their misfortune later. It’s all too easy to insert malicious code in the things.

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"Sure I had a plan; Everybody's got a plan until you get hit in the teeth."

-A Very Famous Boxer

1 user thanked author for this post.

doriel

Very interesting thread. If this has come up in it (I searched, and it does not seem to have) I apologize: Question:

Has anyone considered that some VPN’s could be, in fact, “Honeypots”?

Sometimes the best privacy practices are in the realm of being that one drop of water in Niagara Falls, so to speak. Camouflage.  The 1″ leaf on a 400 ft. tree in a forest, etc.

Just a thought.

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"Sure I had a plan; Everybody's got a plan until you get hit in the teeth."

-A Very Famous Boxer

At the risk of being perceived as a) smug, or b) blatantly advertising a product, I must say that I think 0Patch put this mess behind it’s subscribers a/0 mid-August:

…although for reasons I fail to understand, you need a 0PatchPro now license to get it (no longer free):

https://blog.0patch.com/2021/07/free-micropatches-for-printnightmare.html

…for what it’s worth, they seem to have snuffed this devil. If they have, hats off to them!

Corrections always welcome. 🙂

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"Sure I had a plan; Everybody's got a plan until you get hit in the teeth."

-A Very Famous Boxer

“Mr. Fox, here are the keys to the hen house; now be good!”

“Checkered past,” indeed. You mean all those boot prints going down the cellar stairs?

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"Sure I had a plan; Everybody's got a plan until you get hit in the teeth."

-A Very Famous Boxer

Been reading about this one all over the place, and it only confirms my feelings on Bluetooth for years now. The protocols were designed by committees, over time:

“Oh, it can do that? Well, we can make it do THIS!”

And so the 20-layer cake was built, each layer from it’s own committee, over time, until it could practically do anything, but not a great deal very well, or anything very securely.

Personally, I always thought the safest way to pair with Bluetooth was in the middle of a desert at 4 AM with no-one around for miles.

Maybe this will prompt some standards committee somewhere to convene and set tighter standards for the future.

Maybe not.

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"Sure I had a plan; Everybody's got a plan until you get hit in the teeth."

-A Very Famous Boxer

1 user thanked author for this post.

Alex5723

Dear me….I go all the way back to Mosaic, too, and the days thereafter in which MSFT destroyed Netscape, and had a judge tell them they must never, never destroy Netscape again…. (cough)

Desktop:

I used Chrome until I found out how much of my brain they were sucking, even WITH add-ons, extensions, etc.

And I’m just enough of an iconoclast to want to not do something just because the Herd is doing it. 🙂

I use Firefox; it’s like flying a P-38; you can customize the heck out of it with add-ons, and achieve a very good level of privacy, but it’s funky, has fits and kludges (the latest is bogus HTTPS warnings), and you have to hit it certain places with a hammer once in a while to get it running right. It’s a geek’s browser, but it really is worth the learning curve. Lotsa switches,  toggles, bells, bling, and under-the-hood duct-tape like things you can do with it. 🙂

DuckDuckGo has their own “Privacy Simplified” browser, but it’s so simple, they don’t bother explain exactly why it’s the best. “Just trust us,” doesn’t cut it for me.

Vivaldi wants to update itself every 72 hours. No thanks.

Brave? Too much clutter, updates forced on you.

Android: I refuse to use Chrome, and DuckDuckGo is buggy, and won’t import Firefox bookmarks, so I suffer with FF on Android, which is truly horrible. No programmers up there, just “Devs”, a creature I suspect is proof of a much lower order of Nerd. (Anyone that can’t provide a “home” button is an idiot, IMHO.)

/gasbag mode

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"Sure I had a plan; Everybody's got a plan until you get hit in the teeth."

-A Very Famous Boxer

I would think that “Due Diligence” would be:

1. Scanning the file(S) in question with your native AV software
2. Letting Malwarebytes have a look
3. If anything pops up,or if you’re still unsure, load it up to virustotal.com and have scores of engines look at it.

Unfortunately, there are something called “Polymorphic Viruses” that change just enough with every installation to hide from AV “definitions”. If it ain’t on the “definitions” list, and the AV doesn’t have good Heuristic capabilities (most do), it still might miss it.

But it takes some skill to craft a really stealthy polymorphic piece of malware…but it can be done.

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"Sure I had a plan; Everybody's got a plan until you get hit in the teeth."

-A Very Famous Boxer

1 user thanked author for this post.

oldfry

Strongly and respectfully disagree. As a semi-retired freelance writer, I have used LibreOffice for years, and never had an issue with a publisher, especially using MSFT format files, PDF’s, or what have you.

YMMV, but I used to make a living using it.

According to Wikipedia:

LibreOffice uses a “Time-based release schedule” for predictability (Nice, instead of having an unwanted or unnecessary update rammed down your throat)

There are now over 200 million ACTIVE LibreOffice users. Pretty good for an outfit that started with 25 million in 2011.

https://en.wikipedia.org/wiki/LibreOffice#Release_history

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"Sure I had a plan; Everybody's got a plan until you get hit in the teeth."

-A Very Famous Boxer

Just looked, and…yup. Wow. That brings it up to 23 individual 0patch elements to deal with this bugger.

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"Sure I had a plan; Everybody's got a plan until you get hit in the teeth."

-A Very Famous Boxer

I can hear the folks at 0Patch screaming now…they just recently put out patches 618-633 (in their system catalog sequence)…gad, that’s what, 15 patches, to deal with this monster?

Redmond, hang thy head in shame.

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"Sure I had a plan; Everybody's got a plan until you get hit in the teeth."

-A Very Famous Boxer

1 user thanked author for this post.

rc primak

You don’t really need any of these “password generators” at all. Just think of a person, place or thing, translate it into some weird language that uses Latin script, then stick some squirrel noises in there with it.

Easy-Peasy.

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"Sure I had a plan; Everybody's got a plan until you get hit in the teeth."

-A Very Famous Boxer

1 user thanked author for this post.

doriel

“FYI, For what it’s worth dept.”…..0patch did issue a patch for this on July 5th.

Sorry for the late report, have had my hands full.

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"Sure I had a plan; Everybody's got a plan until you get hit in the teeth."

-A Very Famous Boxer

This is now in the “confirmed” category, as it’s on one other (at least) site as well:

https://borncity.com/win/2021/06/30/700-millionen-linkedin-benutzerdatenstze-in-untergrundforum-angeboten/#more-20507 (I always look for two sources.)

—

OK, this is it, I’ve had enough, and more than enough; we need a federal prosecution, and if negligence was found, a hefty fine and prison time for some MSFT officers for “Breach of the Public Trust”, if nothing else. How about “Criminal Neglect?”

This needs to be prosecuted from the highest levels. This is no longer a civil matter, this is CRIMINAL.

In the meantime, boycott LinkedIn; starve the beast.

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"Sure I had a plan; Everybody's got a plan until you get hit in the teeth."

-A Very Famous Boxer

3 users thanked author for this post.

oldfry, Moonbear, Alex5723