The Great Cyberwar Has Just Begun: You Need to Protect Yourselfãã "Josh Hendrickson @canterrain (twitter)ã "Mar 26, 2022, 9:00 am EDT | 11 min readããRight now, more than ever, you need to secure all your online ãaccounts. It's long past time to embrace two-factor ãauthentication, stop reusing passwords, and make your online ãpresence hacker-resistant. Because sooner or later, the brewing ãcyberwar will come for you.ããWhile it's true that hacking and compromising personal accountsãhave been a scourge of the internet for years, if not decades,ãwhat we're starting to see dwarfs the threats we've livedãthrough so far. Putting politics aside, the ongoing events inãRussia and Ukraine sparked the catalyst for a mass cyberãattack. And the response from other countries will likely onlyãexacerbate that fact.ããMORE:ããhttps://www.reviewgeek.com/113090/the-great-cyberwar-has-just- ãbegun-you-need-to-protect-yourself/ããhttps://bbs.lc/yrlEqãã--- OpenXP 5.0.51ã * Origin: Ogg's Dovenet Point (723:320/1.9)ã þ Synchronet þ CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTPã

Re: The Great Cyberwar Has Just Begunã By: Ogg to All on Mon Mar 28 2022 05:25 pmãã > Right now, more than ever, you need to secure all your onlineã > accounts. It's long past time to embrace two-factorã > authentication, stop reusing passwords, and make your onlineã > presence hacker-resistant. Because sooner or later, the brewingã > cyberwar will come for you.ã >ã > While it's true that hacking and compromising personal accountsã > have been a scourge of the internet for years, if not decades,ã > what we're starting to see dwarfs the threats we've livedãããit doesnt matter what we do with passwords or whatever.ãour providers are the ones that arent secure.ã---ã þ Synchronet þ ::: BBSES.info - free BBS services :::ã

Re: The Great Cyberwar Has Just Begunã By: MRO to Ogg on Mon Mar 28 2022 08:51 pmãã > Re: The Great Cyberwar Has Just Begunã > By: Ogg to All on Mon Mar 28 2022 05:25 pmã > ã > > Right now, more than ever, you need to secure all your onlineã > > accounts. It's long past time to embrace two-factorã > > authentication, stop reusing passwords, and make your onlineã > > presence hacker-resistant. Because sooner or later, the brewingã > > cyberwar will come for you.ã > ã > > While it's true that hacking and compromising personal accountsã > > have been a scourge of the internet for years, if not decades,ã > > what we're starting to see dwarfs the threats we've livedã > ã > ã > it doesnt matter what we do with passwords or whatever.ã > our providers are the ones that arent secure.ããThat is something I was thinking myself.ããHeck, even if a given provider has a very secure infrastructure, most medium sized ones are going toãexternalize lots of components. Say, I could have all my customer data managed by my very secure servers,ãand then have part of that data processed by a third party.ããFor example, I may host a well secured infrastructure for managing patient data, with an application thatãreports patients' visits to the insurance companies via an API (because othewise the insurance companiesãwon't pay us for medical services, heh). Once I send a request full of sensitive data to the insuranceãcompany , it leaves my "very secure" infrastructure and you don't know how the insurance companies areãgoing to secure the data. They are probably going to be careful, but also they could just print theãpatients' files and leave them laying around on the office for the cleaning staff to find :-)ãã--ãgopher://gopher.richardfalken.com/1/richardfalkenãã---ã þ Synchronet þ Palantir BBS * palantirbbs.ddns.net * Pensacola, FLã

On 3/29/22 00:06, Arelor wrote:

it doesnt matter what we do with passwords or whatever.
our providers are the ones that arent secure.

That is something I was thinking myself.

Heck, even if a given provider has a very secure infrastructure, most
medium sized ones are going to externalize lots of components. Say, I
could have all my customer data managed by my very secure servers, and
then have part of that data processed by a third party.
...

That's generally true, but still, password re-use is a massive issue...
on compromised system/account that doesn't hash passwords and/or is a
very weak hash (md5 or sha1) means that if your email address is there, there's a much higher chance of escalating the issue(s).

Congrats, you just sent a new $HIGH_DOLLAR_ITEM$ to a hacking ring from
your online store account.
--
Michael J. Ryan - tracker1@roughneckbbs.com
---
ï¿­ Synchronet ï¿­ Roughneck BBS - roughneckbbs.com

Re: Re: The Great Cyberwar Has Just Begunã By: Tracker1 to Arelor on Wed Mar 30 2022 11:52 pmãã > on compromised system/account that doesn't hash passwords and/or is aã > very weak hash (md5 or sha1) means that if your email address is there,ã > there's a much higher chance of escalating the issue(s).ã >ã > Congrats, you just sent a new $HIGH_DOLLAR_ITEM$ to a hacking ring fromã > your online store account.ããthe only times i have been compromised is when the actual SITE was compromised.ããthis is when i ordered autoparts, when i bought bitcoin, and online banking with my credit union.ããi dont think most people reuse passwords for their banks and important providers.ãthey may reuse passwords for their junk services.ããbut people are stupid, but who knows.ããall i know is these sites are just as stupid or worse. you dont know what they are doing with your data or how they are storing it. until it makes front page new. dropbox still won't admit to it. i get hack attempts from my dropbox alias emails all the time. for over 5 years.ã---ã þ Synchronet þ ::: BBSES.info - free BBS services :::ã

Re: Re: The Great Cyberwar Has Just Begunã By: MRO to Tracker1 on Thu Mar 31 2022 11:22 amãã >ã > the only times i have been compromised is when the actual SITE wasã > compromised.ããoh now i have an interesting development.ãso someone is bruteforcing my namecheap account. they wont let me change my login name. it's just impossible.ããso i'm talking to these indian idiots. first time is 30 mins. half an hour.ãasking me questions, he's going off topic, etc. i say just delete the account okay. i have to go to work.ããi come back and idiot didn't delete the account. apparently there was someãpromo 10 years ago where i got a free cert and i never used it. they wanted to tell me i wouldnt get a refund for my free promo cert.ãããso i go back in there again. another 20 mins to get idiot 2 to delete the account.ããwhats wrong with namecheap that they cant RENAME a user account?ãthat's nuts.ãã---ã þ Synchronet þ ::: BBSES.info - free BBS services :::ã

Re: Re: The Great Cyberwar Has Just Begunã By: MRO to Tracker1 on Thu Mar 31 2022 01:23 pmãã MR> whats wrong with namecheap that they cant RENAME a user account?ã MR> that's nuts.ãallegedly they have a huge number of outsourced ukranian staff, maybe due to the war they had to use Indians.ãã---ã þ Synchronet þ Inland Utopia - iutopia.duckdns.org:2023ã

On 4/2/22 11:55, Utopian Galt wrote:

whats wrong with namecheap that they cant RENAME a user account?
that's nuts.

allegedly they have a huge number of outsourced ukranian staff,
maybe due to the war they had to use Indians.

Where I'm working now, company executives (out of pocket) paid to
relocate a few dozen families from Ukraine and Russia to Armenia... they literally only had about an hour and a half to decide. That said,
unaware of any other companies that executive staff have paid to
relocate staff and third party contractors like that. There were 70
families offered the option, and about half chose to relocate.

A friend works for a very large company, and their policy was they were blocking the IPs for the region, and if you didn't "show up" within 7
days it was considered a resignation.
--
Michael J. Ryan - tracker1@roughneckbbs.com
---
ï¿­ Synchronet ï¿­ Roughneck BBS - roughneckbbs.com