CoolAEW

Summary
The 24th of July 2023 the news broke that hackers had gained access to twelve departments of the Norwegian government.
The hackers gained access trough compromised SOHO routers and were able to exploit vulnerabilities of Ivanti Endpoint Manager Mobile (EPMM) to gain access to personal information including GPS position of mobile devices.
These vulnerabilities also allowed the hackers to upload and execute files on the EPMM with privileged access.
Hackers were able to roam undetected for at least 2 months before being detected. The hackers were able to compromise Ivani Sentry, an application gateway appliance that supports EPMM, to gain access to an Exchange server which was not reachable from the internet and likely installed webshells on pages related to login and outlook.
 
 
Quotes
My thoughts
I find this deeply disturbing, that hackers gained so much access for so long in the Norwegian Government without being detected. Who knows what they might have got access to, probably a lot.
With privileged access to all mobile devices they could have done literally anything and no one knows for sure. I do believe that we are going to see a lot more cases like this, but I hope that the government is more prepared next time.
 
Sources
https://www.nrk.no/norge/tolv-departementer-utsatt-for-dataangrep-1.16492816
https://www.nrk.no/norge/12-departementer-angrepet_-hackerne-kan-fortsatt-vaere-inne-i-regjeringens-systemer-1.16493620
https://www.digi.no/artikler/rapport-om-dataangrep-i-minst-to-maneder-har-hackere-beveget-seg-uoppdaget/534707
https://www.bleepingcomputer.com/news/security/norwegian-government-it-systems-hacked-using-zero-day-flaw/
 
aa23-213a_joint_csa_threat_actors_exploiting_ivanti_eppm_vulnerabilities.pdf

Summary
The 24th of July 2023 the news broke that hackers had gained access to twelve departments of the Norwegian government.
The hackers gained access trough compromised SOHO routers and were able to exploit vulnerabilities of Ivanti Endpoint Manager Mobile (EPMM) to gain access to personal information including GPS position of mobile devices.
These vulnerabilities also allowed the hackers to upload and execute files on the EPMM with privileged access.
Hackers were able to roam undetected for at least 2 months before being detected. The hackers were able to compromise Ivani Sentry, an application gateway appliance that supports EPMM, to gain access to an Exchange server which was not reachable from the internet and likely installed webshells on pages related to login and outlook.
 
 
Quotes
My thoughts
I find this deeply disturbing, that hackers gained so much access for so long in the Norwegian Government without being detected. Who knows what they might have got access to, probably a lot.
With privileged access to all mobile devices they could have done literally anything and no one knows for sure. I do believe that we are going to see a lot more cases like this, but I hope that the government is more prepared next time.
 
Sources
https://www.nrk.no/norge/tolv-departementer-utsatt-for-dataangrep-1.16492816
https://www.nrk.no/norge/12-departementer-angrepet_-hackerne-kan-fortsatt-vaere-inne-i-regjeringens-systemer-1.16493620
https://www.digi.no/artikler/rapport-om-dataangrep-i-minst-to-maneder-har-hackere-beveget-seg-uoppdaget/534707
https://www.bleepingcomputer.com/news/security/norwegian-government-it-systems-hacked-using-zero-day-flaw/
 
aa23-213a_joint_csa_threat_actors_exploiting_ivanti_eppm_vulnerabilities.pdf

Summary
The 24th of July 2023 the news broke that hackers had gained access to twelve departments of the Norwegian government.
The hackers gained access trough compromised SOHO routers and were able to exploit vulnerabilities of Ivanti Endpoint Manager Mobile (EPMM) to gain access to personal information including GPS position of mobile devices.
These vulnerabilities also allowed the hackers to upload and execute files on the EPMM with privileged access.
Hackers were able to roam undetected for at least 2 months before being detected. The hackers were able to compromise Ivani Sentry, an application gateway appliance that supports EPMM, to gain access to an Exchange server which was not reachable from the internet and likely installed webshells on pages related to login and outlook.
 
 
Quotes
My thoughts
I find this deeply disturbing, that hackers gained so much access for so long in the Norwegian Government without being detected. Who knows what they might have got access to, probably a lot.
With privileged access to all mobile devices they could have done literally anything and no one knows for sure. I do believe that we are going to see a lot more cases like this, but I hope that the government is more prepared next time.
 
Sources
https://www.nrk.no/norge/tolv-departementer-utsatt-for-dataangrep-1.16492816
https://www.nrk.no/norge/12-departementer-angrepet_-hackerne-kan-fortsatt-vaere-inne-i-regjeringens-systemer-1.16493620
https://www.digi.no/artikler/rapport-om-dataangrep-i-minst-to-maneder-har-hackere-beveget-seg-uoppdaget/534707
https://www.bleepingcomputer.com/news/security/norwegian-government-it-systems-hacked-using-zero-day-flaw/
 
aa23-213a_joint_csa_threat_actors_exploiting_ivanti_eppm_vulnerabilities.pdf

Summary
The 24th of July 2023 the news broke that hackers had gained access to twelve departments of the Norwegian government.
The hackers gained access trough compromised SOHO routers and were able to exploit vulnerabilities of Ivanti Endpoint Manager Mobile (EPMM) to gain access to personal information including GPS position of mobile devices.
These vulnerabilities also allowed the hackers to upload and execute files on the EPMM with privileged access.
Hackers were able to roam undetected for at least 2 months before being detected. The hackers were able to compromise Ivani Sentry, an application gateway appliance that supports EPMM, to gain access to an Exchange server which was not reachable from the internet and likely installed webshells on pages related to login and outlook.
 
 
Quotes
My thoughts
I find this deeply disturbing, that hackers gained so much access for so long in the Norwegian Government without being detected. Who knows what they might have got access to, probably a lot.
With privileged access to all mobile devices they could have done literally anything and no one knows for sure. I do believe that we are going to see a lot more cases like this, but I hope that the government is more prepared next time.
 
Sources
https://www.nrk.no/norge/tolv-departementer-utsatt-for-dataangrep-1.16492816
https://www.nrk.no/norge/12-departementer-angrepet_-hackerne-kan-fortsatt-vaere-inne-i-regjeringens-systemer-1.16493620
https://www.digi.no/artikler/rapport-om-dataangrep-i-minst-to-maneder-har-hackere-beveget-seg-uoppdaget/534707
https://www.bleepingcomputer.com/news/security/norwegian-government-it-systems-hacked-using-zero-day-flaw/
 
aa23-213a_joint_csa_threat_actors_exploiting_ivanti_eppm_vulnerabilities.pdf

Summary
The 24th of July 2023 the news broke that hackers had gained access to twelve departments of the Norwegian government.
The hackers gained access trough compromised SOHO routers and were able to exploit vulnerabilities of Ivanti Endpoint Manager Mobile (EPMM) to gain access to personal information including GPS position of mobile devices.
These vulnerabilities also allowed the hackers to upload and execute files on the EPMM with privileged access.
Hackers were able to roam undetected for at least 2 months before being detected. The hackers were able to compromise Ivani Sentry, an application gateway appliance that supports EPMM, to gain access to an Exchange server which was not reachable from the internet and likely installed webshells on pages related to login and outlook.
 
 
Quotes
My thoughts
I find this deeply disturbing, that hackers gained so much access for so long in the Norwegian Government without being detected. Who knows what they might have got access to, probably a lot.
With privileged access to all mobile devices they could have done literally anything and no one knows for sure. I do believe that we are going to see a lot more cases like this, but I hope that the government is more prepared next time.
 
Sources
https://www.nrk.no/norge/tolv-departementer-utsatt-for-dataangrep-1.16492816
https://www.nrk.no/norge/12-departementer-angrepet_-hackerne-kan-fortsatt-vaere-inne-i-regjeringens-systemer-1.16493620
https://www.digi.no/artikler/rapport-om-dataangrep-i-minst-to-maneder-har-hackere-beveget-seg-uoppdaget/534707
https://www.bleepingcomputer.com/news/security/norwegian-government-it-systems-hacked-using-zero-day-flaw/
 
aa23-213a_joint_csa_threat_actors_exploiting_ivanti_eppm_vulnerabilities.pdf

I think it may be named after Linus Yale jr. But it's a fitting name, Linus should make a review of it 
https://en.wikipedia.org/wiki/Linus_Yale,_Jr.

So the Google-owned company Nest is apparently working together with Yale on the "Linus Yale Lock", a smart door lock for your home. It's a keyless lock that can connect to your pre-existing nest system or as a standalone unit and let you see who is coming and leaving the house on your smartphone. Souns pretty cool The lock is coming in 2016. What do you guys think?
 

 
Links:
https://nest.com/works-with-nest/
https://yale2you.com/linuslock

I think it may be named after Linus Yale jr. But it's a fitting name, Linus should make a review of it 
https://en.wikipedia.org/wiki/Linus_Yale,_Jr.

I think it may be named after Linus Yale jr. But it's a fitting name, Linus should make a review of it 
https://en.wikipedia.org/wiki/Linus_Yale,_Jr.

I think it may be named after Linus Yale jr. But it's a fitting name, Linus should make a review of it 
https://en.wikipedia.org/wiki/Linus_Yale,_Jr.

So the Google-owned company Nest is apparently working together with Yale on the "Linus Yale Lock", a smart door lock for your home. It's a keyless lock that can connect to your pre-existing nest system or as a standalone unit and let you see who is coming and leaving the house on your smartphone. Souns pretty cool The lock is coming in 2016. What do you guys think?
 

 
Links:
https://nest.com/works-with-nest/
https://yale2you.com/linuslock

So the Google-owned company Nest is apparently working together with Yale on the "Linus Yale Lock", a smart door lock for your home. It's a keyless lock that can connect to your pre-existing nest system or as a standalone unit and let you see who is coming and leaving the house on your smartphone. Souns pretty cool The lock is coming in 2016. What do you guys think?
 

 
Links:
https://nest.com/works-with-nest/
https://yale2you.com/linuslock

Don't worry mate I was going to do that anyway!
 
It is not that the water would go down to the pumps easier, it is to make it so the Reservoirs are more full and don't have a big air bubble along the top :)

what we first start off with is making some guideline holes so that we are able to do better cuts with the jigsaw allowing us to change angles easily.

 
 
Mid way cutting.

 
 
now time to lay it on, and all is good.

 
 
a wild cat appears! "hmmmm, can i fit through here?"

 
 
"Why yes! of course I can!"

 
 
marking out the other side, and repeating the process

 

 
 
both sides have been completed and look very nice. they are BOTH yet to be routered so that the grill sits in flush. but that is next days off job.

 
 
I quickly decided that I would do my 5.25" holes, one for a Blu Ray drive (basically just incase i need it for whatever case. And no, I couldn't be bothered getting a USB one), and also will be fitted with a Fan Controller too.
Here is the plan...

 
 
Holes done

 
 
all cut out

 
with a bit of extra little rasping (wood equivalent of a file) they fit nice and snug! Though like the rad grills. Will router a recess for them to sit flush in. If some may notice, the drives are sitting lower then centre, this is because I will probably put my power/reset buttons above the 5.25" area. 
and ps, yes I know the middle piece between each 5.25" slot is weak as hell, and I understand that. If it breaks it breaks, if it doesn't it doesn't! it looks nicer with it though 

 
 
Oh, and this is the glass installed 
easy to remove to, simply put fingers between the two glass sheets and lift the top one up! the front bit is siliconed in place

 
Next update will be Wednesday of everything routered
and then theres only two holes left to do (PSU, I/O shield) and its time to d-d-d-d-d-drop the hardware in!!
 
 
Here is how I will be spacing my UP7 to the desk itself. just a few rubber spacers, that will be screwed into the desk, will have to go find some nice long thin srews while I think about it!

 
We start with the routering of the 480 grill rebate, so that the grill can sit nice and flush

 
 
The middle bits had to be done also, and were very difficult too as after a few cm's the router wasn't sitting flush anymore so would 'dip' as you can see in the picture where it dipped a little bit. but that's okay! it's not seen 

 
 
Thinking about how I could find a packer to use that allowed an extra bit of width... duh, why not use the template to rest the router on!

 
 

 
Now, this is what it looked like! the rebate for the grill was done, and also i further rebated in a rectangle for the actual little hex-hole grills to sit in too

 
 
Then there was about a 2 week period where I did nothing in life but work/sleep. UNTIL my parts arrived! and I will also be getting another GTX 680 4GB too 
 

 
After thinking and googling, I figured a way that I could mount my power supply tidily, by making a metal template I guess you'd call it. where you would screw the thin sheet steel to the desk so you could then be able to screw the psu in! 

 

 

 
And then there she was. the template to cut out the... template :B

 
Mid way cutting it out, realised I shouldn't have cut the paper up so much as it was so hard to get the small rectangle square again! 

 

 
And there it is. Not the tidiest and 100% most beautiful, but it will be painted, not seen. It will serve the purpose it was made to do _b

 
Time to mark out where the IO shield will be put, and also where my PSU hole will be too.

 
Time to do my preliminary guide holes for the jigsaw

 
And there it is, all nice and square!

 
The PSU Template works well too

 
Now, the one thing that bugged me the most... The PCI holes. How do do them? Do I rebate them? Do I cut out one big hole instead? I will do it individually instead and rebate me thinks..

 
I then proceeded to use the smallest router bit I had and rebate the groove for the PCI brackets to sit in.
Also, the top L piece of the bracket needed somewhere to sit in, so I marked the lowest point the bracket could sit, otherwise the card when in the motherboard will be on a lean and could have a dodgy connection to the PCI/E Lane

 
Making sure my depth was correct, I used a test bit of wood to make sure that when it came to the final piece, it was done properly.

 
A Perfect fit!

 

 
 
Just a FYI, to prevent any scratching this is how I lay the top down to do any cutting/routering etc

 
Now that the first PCI slots had been cut, it was time to finish the rest off

 
Here is how I measured the spacings for where the slots went, just an old case I chopped up!

 
All cuts done

 
Next, to square all the holes out I figured, what better way to do that, than with a Router! Least that's what I thought. The insertion of the bit went well, as soon as I itched it to the right BOOM. the middle piece of the PCI slots just snapped off.. I said a naughty word beginning with F. the next one began with C. hehe

 
It was time to resort to Plan B. Cut the whole damn thing out and chop the PCI bracket bit out of that old case that was in the pic above

 
it looks a lot tidier this way anyway, so while I am not happy the slot snapped out, I am happy with the result I guess!

 
So after cutting the PCI Bracket out, i gave it a quick sand and a quick paint with orange and will continue to polish it up over the next week but just wanted to test it out for the time being to make sure all was well... Guess I was just impatient and wanted to see if when everything was laid out in the desk it would all look pretty is more appropriate
 
PS- Hello Vita! (sheep)

 

 

 
After the day, I moved everything to it's little box. and covered it. Until tomorrow