Have you guys tried to get the decryption keys for esxiargs ? I work in cyber security and it was announced that CISA had released the keys to help decrypt folks impacted by the ransomware attacks
On Wed, Feb 8, 2023 at 4:09 AM Bart Kus <me@bartk.us> wrote:
Your background sounds like you'd make meaningful contributions, so
I'd encourage you to consider participating in read-write mode, not
just read-only.
I'll avoid getting into the technical weeds question, to keep this
thread focused on working group formation.
--Bart
On 2/8/2023 3:55 AM, Jamie Owens wrote:
What\when was the most recent beach?
The hypervisors are accessible publicly? Why no
VPN/VPC.
I've been in admin/networking/devops world since
2000 and currently attending to get my BS in CIS/Cyber
Security... so if nothing more, I'd like to tag along and
learn more from this real world scenario from I'm sure way
more experienced users.
On Wed, Feb 8, 2023, 3:34 AM
Bart Kus <me@bartk.us>
wrote:
All of the
network's control points are on public non-firewalled IPs.
This is the worst security. It was done this way for the sake
of
simplicity. Our netops volunteers had to get up to speed with
unfamiliar concepts like routing, funky netmasks, dynamic
routing
protocols, policy routing, VRRP, firewalls, MTUs, MSS control,
IPsec,
etc. We reaped the rewards of KISS from broader volunteer
engagement,
but lately we've been paying too heavy of a price for the
awful security
this simplicity creates. In the most recent breach we've lost
important
source code that will now need to be re-created. We escaped
total
disaster by the thinnest of margins, as one critical
hypervisor just
happened to be patched to 1 version higher than exploitable.
This
simplicity is not a good tradeoff anymore, so the time has
come to
introduce more complexity to the network to protect all
control points.
This is not a simple problem, since there are many fragility
vs security
tradeoffs, as well as complexity cost concerns. If you have
experience
or thoughts around this area, and can commit to a few weeks of
design
and implementation work on this project, please indicate your
interest.
We'll assemble a small working group in the next few days and
start
discussions. I expect the working format will involve some
virtual
meetings, since email is not high bandwidth enough to hash out
everything quickly.