Thursday, 10 December 2020

201210

amanfromMars 1 Thu 10 Dec 06:31 [2012100631] ...... just opening up a wider front on https://forums.theregister.com/forum/1/2020/12/09/fireeye_tools_hacked/

Re: Freely available hacking tools

Nation state actors are not one skill level. I typically divide them into three teams (A, B, C) based on my experiences observing such. The C team was nothing more than script kiddies running straight from well traceable IPs. The B team was moderate sophistication, but still detectable, nothing a high end defensive tool couldn't detect and deal with as long as my team (I was on the security team that saw the alerts an tuned the tools) was on its game. ...... mmccul

And the very best in those AAA teams, mmccul? Can one do any better than pay them their worthy Danegeld to ensure and be assured that you be insured against their taking any irrevocable, directly unattributable, catastrophically destructive and extremely disruptive, Remote Stealthy ACTion/Advanced Cyber Threat activity against oneself and those wider interests which feed and maintain one's lifestyle and which also generate, sustain and retain one's interests? Or does such a friend/foe not actually exist?

One is wise to take note, as has been alluded to by at least two commentards on this string, and as is also shared by Conrad Prince and James Sullivan in the Royal United Services Institute for Defence and Security Studies Briefing Paper, The UK Cyber Strategy/Challenges for the Next Phase ......

The capabilities of some state actors are likely to be beyond the scope of normal private sector security protections to address.

........ and that itself is best recognised as a monumental understatement of titanic proportion.

And failures in positive engagement and extensive and expensive endowment to such Stealthy AAA State ACTivity are a real and present danger and abiding existential threat to the pleasant contiguous workings of current fiat capital and intellectual property flow markets, and as such are something to be fully prepared for if one is guilty of such a crime and failing.

And although that all might sound quite draconian, it does not necessarily have to be, for you have been left a great choice.

----

amanfromMars 1 Thu 10 Dec 09:23 [2012100923] ....... laying it out straight on https://forums.theregister.com/forum/2/2020/12/09/fireeye_tools_hacked/

Re: There is as yet, insufficient data for a meaningful answer..

In the past, Mandiant (Fire-Eye) has always provided excellent reporting post-breach with details on what happened and recommendations for preventing breaches in the future. Anything less than a full accounting without spin would likely confirm someone made a mistake and this was not as hard as it is being made out to be. ..... Not_Important

Not_Important,

Invariably, for reasons which are pretty bleeding obvious, there is as yet, insufficient data for a meaningful answer is always the answer to deflect attention away from a major breach vector which has no known available, or even possible future solution.

...........................................

amanfromMars 1 Thu 10 Dec 12:25 [2012101225] ..... getting right to the point and heart of such that currently matters on https://forums.theregister.com/forum/1/2020/12/10/uk_mod_bug_bounty/

The Money Shot Question

The UK's Ministry of Defence has launched a bug bounty scheme, promising privateer pentesters they won't be prosecuted if they stick to the published script.

Which scripts from whom would be a helpful direction/relevant revelation ?

----

amanfromMars 1 Thu 10 Dec 13:00 [2012101300] ..... revealing a lot more than just a few random qubits on https://forums.theregister.com/forum/1/2020/12/10/uk_mod_bug_bounty/

Re: Seems a bit... pointless?

Perhaps what they are doing is compiling a list of people who have abilities that can get them added to a list.
One would think that intensive efforts to penetrate military security by friendly actors would be helpful in mitigating intensive efforts by those who are less than friendly. ..... Chris G

Now that is real smart, Chris G. To find out it is considered and recognised and accepted already as a successful program in progress on ACTive AIMissions would be a Great Game Changer too ..... opening up as it does a vast new theatre for leading Paramilitarised Operations for Virtual Engagement ....... which is somewhat akin to Alien Contact given the nature of IT Leading AIMissions.

And something of an almighty coup for UKMod, with feathers in caps for all those responsible and accountable when true. They would certainly surely be worthy of such a just reward. Not everyone is able to make such quantum leap jumps into much greater intelligence fields which lead with attractive plays ...... captivating scenarios ....... heavenly opportunities with hellishly awesome perks.

As you can imagine, customers just love to get samples of those.

----

amanfromMars 1 Thu 10 FDec 15:56 [2012101556] ....... spilling secrets on
https://forums.theregister.com/forum/1/2020/12/10/uk_mod_bug_bounty/

Re: Money Shot Questions ..... that are Strictly Need to Know

Where can I find the scripts? ..... Anonymous Coward

No need to worry about that, AC, they find you. Simple ESPecial Delivery/Secret IntelAIgent Service.

............................................

amanfromMars  [2012101759] ..... just asking out of interest on https://www.zerohedge.com/markets/jeremy-grantham-accidentally-nets-200-million-spac-deal-he-calls-reprehensible

Does the Fed like the new hookers on the block and in the game?  Fresh meat, eh?  If it's not friendly competition it's hostile opposition are the rules ruining that mirror operation.

..........................................

No comments: