Just received an email from Dark Angel with links to anti Trump CNN content. Dark Angel assures me they were hacked and would never send garbage like that to their customers
Just received an email from Dark Angel with links to anti Trump CNN content. Dark Angel assures me they were hacked and would never send garbage like that to their customers
Kerry is a really, really good dude, and I believe him.
Without going way off into the weeds, you can do some web searches on "Chinese APT41 watering hole attack". This is happening right now at a rate no one has ever seen before.
Basically, Chinese government-sponsored hackers are putting malicious software onto reputable sites. You go visit a perfectly normal website, and you get a hacker payload installed on your machine.
Somebody then uses those creds to log into a web portal. Or logs into your bank account and transfers all your money.
I'm not saying Chinese President Ji sat down and sent that email, but Kerry's explanation makes perfect sense. He's a really good guy, and one of the two best medical trainers I know.
Computer Nerditry is my business.
This might explain an email I received on my work account after visiting there. Thanks for the info.
Open the pig!
Yup, be really careful with a work laptop. Not everyone's company uses the same methods to control access to external web pages. Some use what is called a "split-tunnel VPN". In layman's terms, it does not offer as much protection when you go visit and external website.
It is a really good idea to only use a company asset to visit corporate resources as much as possible. If you want to dive deep into the weeds, start looking at Multi-Factor Authentication, Zero Trust Models, Tiered Access and Privileged Account Management.
Sigh - guess what I do all day?
It was my personal phone which has a work email account. They had us install some sort of mobile management software so I may show a work IP address when I browse on my personal phone. I don’t even Google things I need for work with their laptop. I wish I didn’t need them in my phone but it lets me remotely manage my team and handle after hours issues.
I don’t know if I can add anything to what they have installed to beef up security even further.
Last edited by TommyG; 03-29-20 at 08:24.
Open the pig!
Wow, didn't know that. Thanks for explaining.
Sadly, this is a common occurrence and increasing more and more. Several of these companies we interact with and buy things from may or may not have the best IT support and have vulnerabilities to their infrastructure. It happens to major corporations as well. Especially now with COVID, there has been even a greater increase in phishing emails related to COVID, and no doubt they will continue as we get closer to the election. My father-in-law got a pro-Trump email about donations, it was a bit cheesy but, the dead give away was contributions had to be made within the next hour, and if so they would be matched. If I get an email from a company and I want to check out the sale or whatever they are advertising, I try to get their site directly for the item versus going through the email. Yes, it is a few more clicks but definitely safer.
Bookmarks