Most chip companies show signs of active compromise

[Letgomyleghoe]

On 4/5/2021 at 10:14 PM, arkscout said:

 

What This Really, Probably, and With Malice, Means:

While this is pretty astonishing to most, this is actually normal across all industry. Definitely not OK, but pretty standard. While RDP and other ports are definite targets as there are many vulnerabilities linked to almost any protocol on any port. I need to look through this whole article, but my first thoughts here is to tell everyone to slow down and take a breath. Open ports, even unpatched vulnerability does NOT mean active compromise. If left open long enough, there will most definitely at least be indexing/scanning and it will be noticed, but that doesn't mean anything open is hacked. There are a lot of steps AFTER finding an open port one has to go through to even get to anything worth while. Most of these companies with open ports like this are paying for very expensive teams that either know full well they are open and are monitoring, don't know and will know before it's terrible, or... don't know and are about to have a really bad day. Anyway... in secuirty there is not always fire where there is smoke.

That said, this is a great conversation and the pressure needs to be put on companies to strengthen security. It is too easy to lock ports down, employ strong vulnerability/patch management, and enforce secure coding practice... but that ease costs a lot of money they might not have, or don't want to spend on something that "generates no revenue".

So hey. Check out Shodan or Greynoise if you are really interested. My go to news source is the guys over at Security Affairs, they do great work.

watch it just be a bunch of tcpwrapped "open ports'

[Bombastinator]

48 minutes ago, Tellos said:

Its a mistake made by those who keep thinking China is some backwater country and do not realize it is a very big global player. We need to respect what China CAN do and has done. Not pretend like their still some farming community.

Parts of it still are.  Get rural enough and you can go pretty far back in specific technologies.  Not all of them though, and a lot of it is simply not. 

[Tellos]

3 minutes ago, Bombastinator said:

Parts of it still are.  Get rural enough and you can go pretty far back in specific technologies.  Not all of them though, and a lot of it is simply not. 

Parts yes but not the government and not the number of larger heavily populated cities. Parts of the US are super rural. Again this is syaing because parts of a state are not technological hubs none of it is. 

[Bombastinator]

On 4/6/2021 at 12:14 AM, arkscout said:

 

What This Really, Probably, and With Malice, Means:

While this is pretty astonishing to most, this is actually normal across all industry. Definitely not OK, but pretty standard. While RDP and other ports are definite targets as there are many vulnerabilities linked to almost any protocol on any port. I need to look through this whole article, but my first thoughts here is to tell everyone to slow down and take a breath. Open ports, even unpatched vulnerability does NOT mean active compromise. If left open long enough, there will most definitely at least be indexing/scanning and it will be noticed, but that doesn't mean anything open is hacked. There are a lot of steps AFTER finding an open port one has to go through to even get to anything worth while. Most of these companies with open ports like this are paying for very expensive teams that either know full well they are open and are monitoring, don't know and will know before it's terrible, or... don't know and are about to have a really bad day. Anyway... in secuirty there is not always fire where there is smoke.

That said, this is a great conversation and the pressure needs to be put on companies to strengthen security. It is too easy to lock ports down, employ strong vulnerability/patch management, and enforce secure coding practice... but that ease costs a lot of money they might not have, or don't want to spend on something that "generates no revenue".

So hey. Check out Shodan or Greynoise if you are really interested. My go to news source is the guys over at Security Affairs, they do great work.

One way to think about the “generates no revenue” thing is that it may not produce profit, but it negates negative income that may be outlandishly large.   Risk is worth money and therefore managing it is too.  Companies can get completely destroyed by hacks.   Fire was a real danger that could beggar an owner. The early sprinkler systems were not government mandated.  They were simply such an obviously good idea that they became the law.  That the law is badly lagging in internet communication is well known.

[Bombastinator]

13 minutes ago, Tellos said:

Parts yes but not the government and not the number of larger heavily populated cities. Parts of the US are super rural. Again this is syaing because parts of a state are not technological hubs none of it is. 

Nothing tier III or lower and sometimes not higher either.  It depends.

[comander]

On 4/3/2021 at 12:09 PM, Lurick said:

Solarwinds!23 now

That reminds me of the default password at a Fortune 100 company I once worked at.