Comment on Setting up VPS (finally)
elvith@feddit.org 5 days agoIf you put any data anywhere, assume it will be contained in a breach in the future. Blue teaming is hard. You have to be perfect every time. Red teaming is easy. You just have to wait till the blue team makes a simple mistake…
Mails sent to a company? Their or your mail account will be breached one day.
Account details on a webpage? Their user database will be leaked.
Your cloud drive, ect.
Even your data on your NAS at home or on your PC could get accessed in one way or another, you’re just a zero day and an unfortunate click away from disaster.
On the upside, as long as you do not have a target on your back, patch your stuff in a timely manner and keep some hygiene in configs, secops … You should be fine, as most automated attacks aren’t that high level and target the low hanging fruits. But that doesn’t make you completely safe.
dentacle@bookwyr.me 5 days ago
After 20 years in the field I’d say it’s an impossible job. We are always 5 steps behind. Now with AI, 27 steps. I quit IT to keep my sanity.
And don’t listen to the promises of big companies with billion-funds, they cook with water like the rest of us. See " Amazon infiltrated by North-Korea “.
elvith@feddit.org 4 days ago
Oh, yeah, I remember when one of our super important core systems was migrated to SaaS. My system was interfacing with it, so I got notified about the migration to make a plan. I basically told them: “We’re using $API to connect to your system. Tell me the new hostnames and IP ranges and ports and I will configure the firewall on our end. Also, our connector for your migrated system will be deployed in $IP-range so please allow these inbound connections in your firewall.”
Half a year later I got a message: “Yeah, we just found out, that $SaaS-provider never configured the firewall after our tickets and everything is reachable from the public internet. We’re forcing them to lock down the system now. Can you please tell us again from where you connect to us?”
d00phy@lemmy.world 5 days ago
That N Korea story was wild!