VissMar 20

read this and try to tell me cloud wasnt a mistake

https://labs.watchtowr.com/8-million-requests-later-we-made-the-solarwinds-supply-chain-attack-look-amateur/

8 Million Requests Later, We Made The SolarWinds Supply Chain Attack Look Amateur

Surprise surprise, we've done it again. We've demonstrated an ability to compromise significantly sensitive networks, including governments, militaries, space agencies, cyber security companies, supply chains, software development systems and environments, and more. “Ugh, won’t they just stick to creating poor-quality memes?” we hear you moan. Maybe we should, maybe

watchTowr Labs
Show threadLightfighterMar 20
@Viss JFC. The Corp I work for is currently moving to cloud. 4k-ish servers. Why? Who the fuck knows. It's a clusterfuck doing the move, and shit will get missed and we will be compromised. But, as long as the checks clear...
Show threadVissMar 20
@Lightfighter want help?
Show threadLightfighterMar 20
@Viss I'm way too small a tail to wag a Fortune 200 dog. And we are half way through the transition. Just a very different world than I'm used to.
Show threadVissMar 20
@Lightfighter it was worth a shot :D
Show threadLightfighterMar 20
@Viss I appreciate it. Just bitching. It's a mess of on-prem, Azure Entra, GCP hosting. I'm on the AD team, but the Entra and GCP IAM teams are doing their own things. And we just recovered from a ransomware attack last year, but haven't remediated everything yet because everyone is busy with move to cloud.
Show threadMoe Lassus
@Lightfighter @Viss I helped a very large US telco move to the cloud a few years back. 10s of thousands of VMs as well as native cloud workloads. They always knew better than us. They mistook bureaucracy for governance and they had a rude awakening. Unfortunately most companies don’t move to the cloud because it’s better or cheaper but that it supports their CapEx/OpEx initiatives. Any problems will be for the next CEO to fix. Sales teams have that playbook down solid!
Mar 21 at 4:31amIceCubesApp