New DHS center countering human trafficking https://t.co/mKU6XlEsO8 via @AddThis
More from Dannielle (Dossy) Blumenthal PhD
SolarWinds follow up. Very good tweet explaining what happened.
Basically what this means is that SolarWinds itself was exploited. Someone posted an infected update as legitimate (digitally signed), leading customers to download a bad update.
“Multiple trojanized updates were digitally signed from March - May 2020 and posted to the SolarWinds updates website” https://t.co/8e3bMFWXYu
FireEye then explains that infected organizations were approached and exploited. This is a separate Step 2.
At this point, information is already going to “malicious domains” without extra intervention, after the malware does nothing for “up to two weeks”
Hackers reportedly slipped malware into prior SolarWinds software updates, which gave them access to a "God-mode" for infected networks, including the Treasury and Commerce departments.
— Wes Wilson (@weswilson4) December 14, 2020
The Pentagon is also a SolarWinds customer.https://t.co/Srcoztssol https://t.co/OgMhAjJqPx
Basically what this means is that SolarWinds itself was exploited. Someone posted an infected update as legitimate (digitally signed), leading customers to download a bad update.
“Multiple trojanized updates were digitally signed from March - May 2020 and posted to the SolarWinds updates website” https://t.co/8e3bMFWXYu
FireEye then explains that infected organizations were approached and exploited. This is a separate Step 2.
At this point, information is already going to “malicious domains” without extra intervention, after the malware does nothing for “up to two weeks”
If it’s “Russia” why are they investigating if the execs were in on it?
“HAGENS BERMAN, NATIONAL TRIAL ATTORNEYS, Investigating SolarWinds (SWI) $285 Million Insider Stock Sales, Knowledge of Hack in Orion Products, Encourages SWI Investors with Losses to Contact Firm Now”
SolarWinds report (Feb 2020): “2020 Key Findings
For the fifth year in a row, careless and untrained insiders are the leading source of security threats for public sector organizations”
https://t.co/TjgcuaBzUb
“‘Security is everyone’s job, but holding the team accountable is lacking. Until there are real individual accountability regimens in place, the network will remain at risk.’
- Division Chief, Federal Civilian”
Again insiders are the top threat, why ignoring in public rhetoric?
https://t.co/603WejHoYG
“HAGENS BERMAN, NATIONAL TRIAL ATTORNEYS, Investigating SolarWinds (SWI) $285 Million Insider Stock Sales, Knowledge of Hack in Orion Products, Encourages SWI Investors with Losses to Contact Firm Now”
SolarWinds report (Feb 2020): “2020 Key Findings
For the fifth year in a row, careless and untrained insiders are the leading source of security threats for public sector organizations”
https://t.co/TjgcuaBzUb
“‘Security is everyone’s job, but holding the team accountable is lacking. Until there are real individual accountability regimens in place, the network will remain at risk.’
- Division Chief, Federal Civilian”
Again insiders are the top threat, why ignoring in public rhetoric?
https://t.co/603WejHoYG
More from Crime
This is incredibly sad and disturbing.
Two women were killed last night by this man.
He was released last month after a burglary arrest.
(1/x)
According to the article he has a record of:
+ 2 counts of voluntary manslaughter
+ possession of a stolen vehicle
+ leaving the scene of an accident
+ burglary
+ driving while under the influence of alcohol and drugs
(2/x)
There is a question as to who is responsible here, beyond the suspect.
Apparently he was released on 12/23 for another crime.
There is an algorithm which makes suggestions, which judges and the DA office use as inputs.
(3/x)
Here is our DA's response:
It is my impression that the balance of justice is off-kilter in SF right now.
Feels like career criminals can act with virtually no consequences, until someone gets killed.
The "broken windows" theory is feeling truer and truer to me.
(5/x)
Two women were killed last night by this man.
He was released last month after a burglary arrest.
(1/x)
According to the article he has a record of:
+ 2 counts of voluntary manslaughter
+ possession of a stolen vehicle
+ leaving the scene of an accident
+ burglary
+ driving while under the influence of alcohol and drugs
(2/x)
There is a question as to who is responsible here, beyond the suspect.
Apparently he was released on 12/23 for another crime.
There is an algorithm which makes suggestions, which judges and the DA office use as inputs.
(3/x)
Is Boudin responsible for the two women killed by parole?
— Lou B (@LuigiCPA) January 1, 2021
Troy M was booked last night for stealing a car, second degree burglary, felon in possession of a firearm, large capacity magazine, meth, and voluntary manslaughter.
Boudin let the parole go as recently as Dec 23 (1/3)
Here is our DA's response:
We will make changes to ensure that people on parole receive the supervision and structure needed from parole to prevent this kind of tragedy from recurring.
— Chesa Boudin \u535a\u5fb9\u601d (@chesaboudin) January 1, 2021
https://t.co/fuUwWdxhjC
It is my impression that the balance of justice is off-kilter in SF right now.
Feels like career criminals can act with virtually no consequences, until someone gets killed.
The "broken windows" theory is feeling truer and truer to me.
(5/x)
You May Also Like
To people who are under the impression that you can get rich quickly by working on an app, here are the stats for https://t.co/az8F12pf02
📈 ~12000 vistis
☑️ 109 transactions
💰 353€ profit (285 after tax)
I have spent 1.5 months on this app. You can make more $ in 2 days.
🤷♂️
I'm still happy that I launched a paid app bcs it involved extra work:
- backend for processing payments (+ permissions, webhooks, etc)
- integration with payment processor
- UI for license activation in Electron
- machine activation limit
- autoupdates
- mailgun emails
etc.
These things seemed super scary at first. I always thought it was way too much work and something would break. But I'm glad I persisted. So far the only problem I have is that mailgun is not delivering the license keys to certain domains like https://t.co/6Bqn0FUYXo etc. 👌
omg I just realized that me . com is an Apple domain, of course something wouldn't work with these dicks
📈 ~12000 vistis
☑️ 109 transactions
💰 353€ profit (285 after tax)
I have spent 1.5 months on this app. You can make more $ in 2 days.
🤷♂️
I'm still happy that I launched a paid app bcs it involved extra work:
- backend for processing payments (+ permissions, webhooks, etc)
- integration with payment processor
- UI for license activation in Electron
- machine activation limit
- autoupdates
- mailgun emails
etc.
These things seemed super scary at first. I always thought it was way too much work and something would break. But I'm glad I persisted. So far the only problem I have is that mailgun is not delivering the license keys to certain domains like https://t.co/6Bqn0FUYXo etc. 👌
omg I just realized that me . com is an Apple domain, of course something wouldn't work with these dicks
