[AusNOG] Something else to be worried about
James Hodgkinson
yaleman at ricetek.net
Sun Jun 25 14:11:40 EST 2017
"I spent a million bucks buying things to sign off on a list and still
allowed an uncontrolled device to send SMB via VPN to my network".
Doesn't matter how much shiny vendor-tin you buy, process failure's
going to get you every time.
James
On Sun, 25 Jun 2017, at 13:58, Jason Ross wrote:
> This is just the first on many such attacks IMHO.
>
> I’ve been saying for quite a while that next generation AV and
> firewalls are not going to save/protect you. I wonder how many people
> listen to the vendor hype around some of these solutions and leave it
> at that.>
> FWIW, I believe that multiple vendors is a good approach, still not
> enough for emerging threats though.>
> Six years ago, Mr. Ben-Oni had a chance meeting with an N.S.A.
> employee at a conference and asked him how to defend against modern-
> day cyberthreats. The N.S.A. employee advised him to “run three of
> everything”: three firewalls, three antivirus solutions, three
> intrusion detection systems. And so he did.>
> But in this case, modern-day detection systems created by Cylance,
> McAfee and Microsoft and patching systems by Tanium did not catch the
> attack on IDT. Nor did any of the 128 publicly available threat
> intelligence feeds that IDT subscribes to. Even the 10 threat
> intelligence feeds that his organization spends a half-million dollars
> on annually for urgent information failed to report it. He has since
> threatened to return their products.>
>
>
>> On 24 Jun 2017, at 2:51 pm, Mark Prior <mrp at mrp.net> wrote:
>>
>> <https://www.nytimes.com/2017/06/22/technology/ransomware-attack-nsa-cyberweapons.html>>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
> _________________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20170625/7570fa90/attachment.html>
More information about the AusNOG
mailing list