[Info-vax] IKEA
Arne Vajhøj
arne at vajhoej.dk
Fri Dec 9 18:53:55 EST 2022
On 12/9/2022 4:37 PM, Stephen Hoffman wrote:
> On 2022-12-09 14:05:56 +0000, Alexander Schreiber said:
>> Single Stage to Orbit <alex.buell at munted.eu> wrote:
>>> On Thu, 2022-12-08 at 08:12 +0000, David Wade wrote:
>>>> Given the ubiquity of SMB is there anything that could be done?
>>>
>>> Yes, stop usuing SMB1, use SMB3 instead.
>>
>> Which would magically protect against files being encrypted via a
>> machine/user with r/w access to the share exactly how?
> Yes, ditching SMB1 will absolutely help, as it's hideously insecure.
It help for some security problems, but not for the one described.
> Is the removal of SMB1 the only thing that needs to be addressed to
> improve security? No. Of course not. But it helps, as Ned Pyle will
> absolutely tell you.
> https://techcommunity.microsoft.com/t5/storage-at-microsoft/stop-using-smb1/ba-p/425858
As always there are a lot of things to do to secure a system, but
getting rid of SMB1 should be part of it.
> As for the IKEA breach, it's apparently involving spearphishing, and the
> attackers reportedly have more than a foothold in the IKEA networks and
> servers.
>
> Of what is reported about the IKEA breach:
> https://www.bleepingcomputer.com/news/security/ikea-email-systems-hit-by-ongoing-cyberattack/
That was last year.
Is it the same this year?
Arne
More information about the Info-vax
mailing list