- May 31, 2017
- 1,657
Thank goodness our Zune accounts are all safe.
SolarWinds hackers accessed Microsoft source code
Microsoft says customer data wasn't compromised.
LMAO
Last edited by a moderator:
Thank goodness our Zune accounts are all safe.
SolarWinds hackers accessed Microsoft source code
Microsoft says customer data wasn't compromised.
LMAO
Just so that everyone is aware, JT, aka mazskolnieces, aka hjlbx, aka Jeff_T - Testing Group, aka Lockdown, aka Unrealistic, aka Pixy Stix, aka Bittricks, aka .\urbeat.ps1, aka youbelonginanoven (along with many other aliases), has been stalking me for over 4 years, which is why you will see him reply to many of my posts in many different threads. I believe his goal is to make me look as bad as possible and to eventually win an argument against me. But the thing is, I do not argue when I do not have evidence to back up my claims and also, I am man enough to admit when I am wrong.For the typical home user, there is no evidence that anyone can provide that irrefutably proves that your typical Windows user is the epidemic that the click-bait IT security news and security software publishers would want everyone to believe. Afterall, fear mongering is the number 1 marketing tactic. For home users, the threat of malware is blown out of proportion to real world experience. The user sitting in front of the PC has much more to do with their security than the security strategy or software, to the extent that the user's choice of security software is essentially irrelevant.
Just like this latest Microsoft network compromise. There is no proof whatsoever that any part of the Windows OS (which parts of the kernel have been open source since XP) nor Windows Defender has been undermined. And open source professionals have stated themselves that open source is not the answer to the malware problem.
As it stands, solid security tweaks (made possible by and endorsed by Microsoft) of Windows remain the single most effective method to keep the local host secure.
You mean you didn't know that Microsoft made the Windows kernel code available going all the way back to XP era ?That's odd... I thought you were the MT's resident all-knowing Enterprise expert, but yet you do not understand the significance of a SolarWinds software breach?
I guess ultimately what really matters is if MS followed MS's best practices and permanently blocked rundll32.exe and regsvr32.exe.
The source code was leaked. I am sorry you are not a dev, but to most dev's this means one thing and one thing only. They most likely had access to the entire code base.
I don't know what you're talking about.Just so that everyone is aware, JT, aka mazskolnieces, aka hjlbx, aka Jeff_T - Testing Group, aka Lockdown, aka Unrealistic, aka Pixy Stix, aka Bittricks, aka .\urbeat.ps1, aka youbelonginanoven (along with many other aliases), has been stalking me for over 4 years, which is why you will see him reply to many of my posts in many different threads. I believe his goal is to make me look as bad as possible and to eventually win an argument against me. But the thing is, I do not argue when I do not have evidence to back up my claims and also, I am man enough to admit when I am wrong.
JT STOP CYBERSTALKING ME!
Dan, just let it go, be the wiser one.Just so that everyone is aware, JT, aka mazskolnieces, aka hjlbx, aka Jeff_T - Testing Group, aka Lockdown, aka Unrealistic, aka Pixy Stix, aka Bittricks, aka .\urbeat.ps1, aka youbelonginanoven (along with many other aliases), has been stalking me for over 4 years, which is why you will see him reply to many of my posts in many different threads. I believe his goal is to make me look as bad as possible and to eventually win an argument against me. But the thing is, I do not argue when I do not have evidence to back up my claims and also, I am man enough to admit when I am wrong.
JT STOP CYBERSTALKING ME!
JT is the guy who puts a space between then end of a sentence and the question mark, as you so elegantly did in this post.I don't know what you're talking about.
Who is JT ?
Yeah, I am going to ignore him from now on... I just wanted to make sure outsiders were aware.Dan, just let it go, be the wiser one.
Do not take everything somebody post in a forum so personal.
I was really enjoying your participation in the testing done by @harlan4096 and hope to see more of those constructive posts.
With some few glitches, VS performance was fantastic. Maybe I’d use it if I didn’t know malware as soon as I see itDo not take everything somebody post in a forum so personal.
I was really enjoying your participation in the testing done by @harlan4096 and hope to see more of those constructive posts.
Thank you, I appreciate that!With some few glitches, VS performance was fantastic. Maybe I’d use it if I didn’t know malware as soon as I see it
This is universally true. Blue teams always assume the red team has full access. It would be silly for the blue team to pretend that they did not.The Solorigate incident has nothing to do with hardening the system. The malicious DLLs in malicious SolarWinds applications were digitally signed as a part of the application update. It was not a direct attack, but the update was inadvertently downloaded by the user. The incident was related to compromising one internal account which was next used to view some source code.
Anyway, Microsoft admits that the internal security model is not perfect:
"At Microsoft, we have an inner source approach – the use of open source software development best practices and an open source-like culture – to making source code viewable within Microsoft. This means we do not rely on the secrecy of source code for the security of products, and our threat models assume that attackers have knowledge of source code. So viewing source code isn’t tied to elevation of risk.
As with many companies, we plan our security with an “assume breach” philosophy and layer in defense-in-depth protections and controls to stop attackers sooner when they do gain access. We have found evidence of attempted activities which were thwarted by our protections, so we want to re-iterate the value of industry best practices such as outlined here, and implementing Privileged Access Workstations (PAW) as part of a strategy to protect privileged accounts. We will provide additional updates if and when we discover new information to help inform and enable the community. As we learn more from our own internal investigation, and from helping customers, we will continue to improve our security products and share these learnings with the community. For the up-to-date information and guidance, please visit our resource center at https://aka.ms/solorigate."