The Great Cyberwar Has Just Begun: You Need to Protect Yourself

"Josh Hendrickson @canterrain (twitter)
"Mar 26, 2022, 9:00 am EDT | 11 min read

Right now, more than ever, you need to secure all your online
accounts. It's long past time to embrace two-factor
authentication, stop reusing passwords, and make your online
presence hacker-resistant. Because sooner or later, the brewing
cyberwar will come for you.

While it's true that hacking and compromising personal accounts
have been a scourge of the internet for years, if not decades,
what we're starting to see dwarfs the threats we've lived
through so far. Putting politics aside, the ongoing events in
Russia and Ukraine sparked the catalyst for a mass cyber
attack. And the response from other countries will likely only
exacerbate that fact.

MORE:

https://www.reviewgeek.com/113090/the-great-cyberwar-has-just- begun-you-need-to-protect-yourself/

https://bbs.lc/yrlEq

--- OpenXP 5.0.51
* Origin: Ogg's Dovenet Point (723:320/1.9)
þ Synchronet þ CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

Re: The Great Cyberwar Has Just Begun
By: Ogg to All on Mon Mar 28 2022 05:25 pm

Right now, more than ever, you need to secure all your online
accounts. It's long past time to embrace two-factor
authentication, stop reusing passwords, and make your online
presence hacker-resistant. Because sooner or later, the brewing
cyberwar will come for you.

While it's true that hacking and compromising personal accounts
have been a scourge of the internet for years, if not decades,
what we're starting to see dwarfs the threats we've lived

it doesnt matter what we do with passwords or whatever.
our providers are the ones that arent secure.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Re: The Great Cyberwar Has Just Begun
By: MRO to Ogg on Mon Mar 28 2022 08:51 pm

Re: The Great Cyberwar Has Just Begun
By: Ogg to All on Mon Mar 28 2022 05:25 pm

Right now, more than ever, you need to secure all your online
accounts. It's long past time to embrace two-factor
authentication, stop reusing passwords, and make your online
presence hacker-resistant. Because sooner or later, the brewing
cyberwar will come for you.

While it's true that hacking and compromising personal accounts
have been a scourge of the internet for years, if not decades,
what we're starting to see dwarfs the threats we've lived

it doesnt matter what we do with passwords or whatever.
our providers are the ones that arent secure.

That is something I was thinking myself.

Heck, even if a given provider has a very secure infrastructure, most medium sized ones are going to
externalize lots of components. Say, I could have all my customer data managed by my very secure servers,
and then have part of that data processed by a third party.

For example, I may host a well secured infrastructure for managing patient data, with an application that
reports patients' visits to the insurance companies via an API (because othewise the insurance companies
won't pay us for medical services, heh). Once I send a request full of sensitive data to the insurance
company , it leaves my "very secure" infrastructure and you don't know how the insurance companies are
going to secure the data. They are probably going to be careful, but also they could just print the
patients' files and leave them laying around on the office for the cleaning staff to find :-)

--
gopher://gopher.richardfalken.com/1/richardfalken

---
þ Synchronet þ Palantir BBS * palantirbbs.ddns.net * Pensacola, FL

On 3/29/22 00:06, Arelor wrote:

it doesnt matter what we do with passwords or whatever.
our providers are the ones that arent secure.

That is something I was thinking myself.

Heck, even if a given provider has a very secure infrastructure, most
medium sized ones are going to externalize lots of components. Say, I
could have all my customer data managed by my very secure servers, and
then have part of that data processed by a third party.
...

That's generally true, but still, password re-use is a massive issue...
on compromised system/account that doesn't hash passwords and/or is a
very weak hash (md5 or sha1) means that if your email address is there, there's a much higher chance of escalating the issue(s).

Congrats, you just sent a new $HIGH_DOLLAR_ITEM$ to a hacking ring from
your online store account.
--
Michael J. Ryan - tracker1@roughneckbbs.com
---
þ Synchronet þ Roughneck BBS - roughneckbbs.com

Re: Re: The Great Cyberwar Has Just Begun
By: Tracker1 to Arelor on Wed Mar 30 2022 11:52 pm

on compromised system/account that doesn't hash passwords and/or is a
very weak hash (md5 or sha1) means that if your email address is there, there's a much higher chance of escalating the issue(s).

Congrats, you just sent a new $HIGH_DOLLAR_ITEM$ to a hacking ring from
your online store account.

the only times i have been compromised is when the actual SITE was compromised.

this is when i ordered autoparts, when i bought bitcoin, and online banking with my credit union.

i dont think most people reuse passwords for their banks and important providers.
they may reuse passwords for their junk services.

but people are stupid, but who knows.

all i know is these sites are just as stupid or worse. you dont know what they are doing with your data or how they are storing it. until it makes front page new. dropbox still won't admit to it. i get hack attempts from my dropbox alias emails all the time. for over 5 years.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Re: Re: The Great Cyberwar Has Just Begun
By: MRO to Tracker1 on Thu Mar 31 2022 11:22 am

the only times i have been compromised is when the actual SITE was compromised.

oh now i have an interesting development.
so someone is bruteforcing my namecheap account. they wont let me change my login name. it's just impossible.

so i'm talking to these indian idiots. first time is 30 mins. half an hour. asking me questions, he's going off topic, etc. i say just delete the account okay. i have to go to work.

i come back and idiot didn't delete the account. apparently there was some promo 10 years ago where i got a free cert and i never used it. they wanted to tell me i wouldnt get a refund for my free promo cert.


so i go back in there again. another 20 mins to get idiot 2 to delete the account.

whats wrong with namecheap that they cant RENAME a user account?
that's nuts.

---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Re: Re: The Great Cyberwar Has Just Begun
By: MRO to Tracker1 on Thu Mar 31 2022 01:23 pm

whats wrong with namecheap that they cant RENAME a user account?
that's nuts.

allegedly they have a huge number of outsourced ukranian staff, maybe due to the war they had to use Indians.

---
þ Synchronet þ Inland Utopia - iutopia.duckdns.org:2023

On 4/2/22 11:55, Utopian Galt wrote:

whats wrong with namecheap that they cant RENAME a user account?
that's nuts.

allegedly they have a huge number of outsourced ukranian staff,
maybe due to the war they had to use Indians.

Where I'm working now, company executives (out of pocket) paid to
relocate a few dozen families from Ukraine and Russia to Armenia... they literally only had about an hour and a half to decide. That said,
unaware of any other companies that executive staff have paid to
relocate staff and third party contractors like that. There were 70
families offered the option, and about half chose to relocate.

A friend works for a very large company, and their policy was they were blocking the IPs for the region, and if you didn't "show up" within 7
days it was considered a resignation.
--
Michael J. Ryan - tracker1@roughneckbbs.com
---
þ Synchronet þ Roughneck BBS - roughneckbbs.com