Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Russia Hacked Clinton's Computers Five Hours After Trump's Call
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
4/25/2019 | 8:50:11 AM
Re: Correlation or Causality
Here we go - discussion has gone off the rails for technical issue and become more general.  Regret this, Linkedin is going political and so is this thread.  But there is a huge difference between 5 hours and 5 days. 
PaulV972
50%
50%
PaulV972,
User Rank: Strategist
4/24/2019 | 6:04:06 PM
Correlation or Causality
If one believes that Trump's challenge triggered the Russian's actions, it should be terrifying that they could gain full access within 5 hours. 

Once agin, we've gone beyond absurd.  I for one welcome the day when our Gov't and our Politicians take a matter like information security seriously.  Sadly, the dumb show about Facebook is a useful distraction from the failngs of the government to NOT collect obscene amounts of data on their citizens, abuse access to that data, or purely secure that data from outside influences.

I suspect that element that upset the policians most was that their campaign didn't have access. 

 

 
bwilkes8@gmail.com
100%
0%
[email protected],
User Rank: Moderator
4/24/2019 | 9:11:15 AM
Re: Russia Hacked Clinton's Computers Five Hours After Trump's Call
Point - individuals within the Clinton Campaign should have been more aware of phishing attempts, especially the campaign manager.

Point - individuals within the Clinton Campaign should have been reminded or even briefed basic security practices.

The report does not go into detail about what those individuals did other than to say they all opened phishing emails.  Vigilance was not part of their protocol.
bwilkes8@gmail.com
100%
0%
[email protected],
User Rank: Moderator
4/24/2019 | 9:06:39 AM
Re: Poor Editorial Choice
The actual time period is five days not five hours, which is stated in the Mueller Report.
RonR726
100%
0%
RonR726,
User Rank: Strategist
4/24/2019 | 8:56:10 AM
Re: Russia Hacked Clinton's Computers Five Hours After Trump's Call
If you are seeking a forensic analysis, look no furhter than Bill Binney's assessment who concluded:

Former NSA experts say it wasn't a hack at all, but a leak—


Hard science now demonstrates it was a leak—a download executed locally with a memory key or a similarly portable data-storage device. In short, it was an inside job by someone with access to the DNC's system.
REISEN1955
100%
0%
REISEN1955,
User Rank: Ninja
4/24/2019 | 8:29:23 AM
Re: Russia Hacked Clinton's Computers Five Hours After Trump's Call
Interesting but I would consult more directed source books on cybersecurity - doubt Mueller gets into testing requirements for CIISP cert. 
bwilkes8@gmail.com
0%
100%
[email protected],
User Rank: Moderator
4/23/2019 | 10:26:37 AM
Re: Russia Hacked Clinton's Computers Five Hours After Trump's Call
I've finished Volume I of the "Mueller Report" and there are many teaching points that cybersecurity professionals can use for points of education to end-users.

As someone who is wanting to learn more about cybersecurity this volume of the report is textbook material justifying IT secuirty training within the workplace. 
AndrewfOP
100%
0%
AndrewfOP,
User Rank: Moderator
4/23/2019 | 9:45:25 AM
Poor Editorial Choice
All news organization engaged in attention-grabbing headlines.  This article is not only the norm, but also pushes the boundary.  The relevant content for the headline did not appear until the last paragraph and even then, it barely has more information than the headline.  The headline description at most should be part of the lead sentence, and regardless of the headline problem, there should be more elaboration of the five hour hack.  Terrible execution overall.

 
PanamaVet
100%
0%
PanamaVet,
User Rank: Strategist
4/23/2019 | 8:45:01 AM
Re: Russia Hacked Clinton's Computers Five Hours After Trump's Call
 Well said.  The content of the article does not validate the headline.

I believe they underestimate their audience.

I fully support their rights to free speech in the USA.

I am free to choose where I go for trustworth information security content.

I dropped an email to a friend of mine in sales at Cylance asking if they know about this editorial shift at DarkReading.  I know they take their marketing strategy seriously.  I included a link to this article. 

 

I have seen other technology publishers make the switch to politics.  I don't want my friends to suffer because of it.

The problem in this case is not just politics.  It is the inability to draw a reliable conclusion that includes the editorial hierarchy.  It is sensational misinformation on the front page.

 

 

 

 

 

 

 

 
bwilkes8@gmail.com
100%
0%
[email protected],
User Rank: Moderator
4/22/2019 | 9:56:32 AM
Russia Hacked Clinton's Computers Five Hours After Trump's Call
This article should address

- Use of spearphishing

- Lack of IT security training

- Patterns of hacking

However, its title is inaccurate based upon the report's content and its subject matter tarnishes this sites creditbility. 
Page 1 / 2   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-41106
PUBLISHED: 2021-09-28
JWT is a library to work with JSON Web Token and JSON Web Signature. Prior to versions 3.4.6, 4.0.4, and 4.1.5, users of HMAC-based algorithms (HS256, HS384, and HS512) combined with `Lcobucci\JWT\Signer\Key\LocalFileReference` as key are having their tokens issued/validated using the file path as h...
CVE-2021-21522
PUBLISHED: 2021-09-28
Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may potentially exploit this vulnerability to gain access to sensitive information on an NVMe storage by resetting the BIOS password on the system via the Manageability Interface.
CVE-2021-21569
PUBLISHED: 2021-09-28
Dell NetWorker, versions 18.x and 19.x contain a Path traversal vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and gain access to unauthorized information.
CVE-2021-21570
PUBLISHED: 2021-09-28
Dell NetWorker, versions 18.x and 19.x contain an Information disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and gain access to unauthorized information.
CVE-2021-36283
PUBLISHED: 2021-09-28
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.