- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
.
Posted on 5/18/23 at 7:57 pm
Posted on 5/18/23 at 7:57 pm
.
This post was edited on 8/12/23 at 12:22 am
16
Posted on 5/18/23 at 8:00 pm to MrLSU
And the same amount of work still got done…
Posted on 5/18/23 at 8:03 pm to MrLSU
Well, we can be certain they won't go out of business.
Posted on 5/18/23 at 8:20 pm to fallguy_1978
Doesn’t the State implement MFA’s, and perform a port scan on their external facing servers and close them up to only allow specific IPs?
They need to turn on auditing for O365 or Azure, AWS, GC services (whichever they utilize as a cloud vendor) to alert when someone signs in from two different locations in a short amount of time from the US to London in one hour time frame, (as an example) could be anywhere in the world. Locking down remote tools such as TeamViewer and similar applications to cut the head off the snake. Years ago I recall Teamviewer had a vulnerability to bypass passwords. About 10 years ago VNC had a similar vulnerability.
The State needs to build an audit to report back any domain joined machines that don't have antivirus installed to prevent this shite from happening again.
They need to turn on auditing for O365 or Azure, AWS, GC services (whichever they utilize as a cloud vendor) to alert when someone signs in from two different locations in a short amount of time from the US to London in one hour time frame, (as an example) could be anywhere in the world. Locking down remote tools such as TeamViewer and similar applications to cut the head off the snake. Years ago I recall Teamviewer had a vulnerability to bypass passwords. About 10 years ago VNC had a similar vulnerability.
The State needs to build an audit to report back any domain joined machines that don't have antivirus installed to prevent this shite from happening again.
Posted on 5/18/23 at 8:27 pm to MrLSU
So what you're saying is hackers are sending emails to state agencies with this title
Update your Tigerdroppings password now!!!
And the state workers are clicking and getting the data locked
Well played hackers
Well played ??
Update your Tigerdroppings password now!!!
And the state workers are clicking and getting the data locked
Well played hackers
Well played ??
Posted on 5/18/23 at 8:29 pm to Breauxsif
quote:
Doesn’t the State implement MFA’s, and perform a port scan on their external facing servers and close them up to only allow specific IPs? They need to turn on auditing for O365 or Azure, AWS, GC services (whichever they utilize as a cloud vendor) to alert when someone signs in from two different locations in a short amount of time from the US to London in one hour time frame, (as an example) could be anywhere in the world. Locking down remote tools such as TeamViewer and similar applications to cut the head off the snake. Years ago I recall Teamviewer had a vulnerability to bypass passwords. About 10 years ago VNC had a similar vulnerability. The State needs to build an audit to report back any domain joined machines that don't have antivirus installed to prevent this shite from happening again.
Seriously
Posted on 5/18/23 at 8:31 pm to Breauxsif
quote:implementing this would line whose pockets? That’s the important thing
Doesn’t the State implement MFA’s, and perform a port scan on their external facing servers and close them up to only allow specific IPs?
Posted on 5/18/23 at 8:34 pm to Breauxsif
It's usually an email and there will always be users that click on it and get compromised.
They obviously need more east/west traffic visibility
They obviously need more east/west traffic visibility
Posted on 5/18/23 at 8:37 pm to fallguy_1978
quote:
Well, we can be certain they won't go out of business.
Yeah, they've got insurance.
"We need to raise taxes to pay for this. What do you mean you shouldn't have to pay extra tax for this?"
Posted on 5/18/23 at 8:38 pm to Breauxsif
quote:
They need to turn on auditing for O365 or Azure, AWS, GC services (whichever they utilize as a cloud vendor) to alert when someone signs in from two different locations in a short amount of time from the US to London in one hour time frame, (as an example) could be anywhere in the world. Locking down remote tools such as TeamViewer and similar applications to cut the head off the snake. Years ago I recall Teamviewer had a vulnerability to bypass passwords. About 10 years ago VNC had a similar vulnerability.
Posted on 5/18/23 at 8:41 pm to Breauxsif
quote:
Doesn’t the State implement MFA’s, and perform a port scan on their external facing servers and close them up to only allow specific IPs?
They need to turn on auditing for O365 or Azure, AWS, GC services (whichever they utilize as a cloud vendor) to alert when someone signs in from two different locations in a short amount of time from the US to London in one hour time frame, (as an example) could be anywhere in the world. Locking down remote tools such as TeamViewer and similar applications to cut the head off the snake. Years ago I recall Teamviewer had a vulnerability to bypass passwords. About 10 years ago VNC had a similar vulnerability.
The State needs to build an audit to report back any domain joined machines that don't have antivirus installed to prevent this shite from happening again.
"Sorry, we had to do some employee juggling recently. The guy that was working on it was done with his current workload before 10 this morning and the new guy we have leading this project wears a helmet. Please bear with us in these tumultuous times."
Posted on 5/18/23 at 9:07 pm to MrLSU
quote:
How in the hell does Jacques Berry still have a job?
Why would a spokesperson be in charge of internet security?
Posted on 5/18/23 at 9:10 pm to Breauxsif
quote:
Doesn’t the State implement MFA’s, and perform a port scan on their external facing servers and close them up to only allow specific IPs? They need to turn on auditing for O365 or Azure, AWS, GC services (whichever they utilize as a cloud vendor) to alert when someone signs in from two different locations in a short amount of time from the US to London in one hour time frame, (as an example) could be anywhere in the world. Locking down remote tools such as TeamViewer and similar applications to cut the head off the snake. Years ago I recall Teamviewer had a vulnerability to bypass passwords. About 10 years ago VNC had a similar vulnerability. The State needs to build an audit to report back any domain joined machines that don't have antivirus installed to prevent this shite from happening again.
I have no idea what you are saying but it sounds legit to me!!
Posted on 5/18/23 at 9:13 pm to LSUFanHouston
He's asking if the state has basic, modern security controls in place. I doubt that they do.
They probably don't have much budget for it to be honest. They might after they keep getting hit though.
They probably don't have much budget for it to be honest. They might after they keep getting hit though.
This post was edited on 5/18/23 at 9:15 pm
Posted on 5/18/23 at 9:19 pm to MrLSU
Try rebooting.
Posted on 5/18/23 at 9:22 pm to MrLSU
An automatic outcome: crawfish prices will go up
Posted on 5/18/23 at 9:45 pm to MrLSU
It wasn’t a hack
Posted on 5/18/23 at 9:46 pm to MrLSU
quote:
the Louisiana Department of Wildlife and Fisheries
Fantastic. Looks like my social is signing up for midget butthole porn.
And my identity was stolen!!
Posted on 5/18/23 at 9:48 pm to The Boat
That’s just the list of agencies that went down.
Posted on 5/18/23 at 10:08 pm to MrLSU
This was a decent post until you said the spokesperson should be fired because the internet system had an issue. Jacques Berry is just a spokesperson, he’s never really done anything to draw attention to himself and does his job. No research needed, think through it and be sure before calling for someone to be fired.
Page 1 of 2
Popular
Back to top
Follow TigerDroppings for LSU Football News