What about option 5: reduce unnecessary services from being exposed externally?
Next time someone tells you infosec isn't full of victim blaming, show them this poll from my admittedly biased sample set.pic.twitter.com/8Z6OQYU54V
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
When have I victim blamed? Seriously asking here...
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Jeebus, I'd expect those numbers on Shadow Brokers' lack of responsibility from my followers, not yours.
-
I was honestly really surprised.
- Show replies
New conversation -
-
-
Reminds me of a blog I wrote some years ago: https://bartblaze.blogspot.com/2013/09/malware-blame-game.html … Situation already better; but still needs improving apparently.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
IMHO with this threat, fixing it or even just mitigating the threat is fairly simple. Patch or at very least block SMB traffic from internet
-
Attackers will find a way in. Always businesses responsibility to a.) Prevent as much as poss, b.) Detect as much as poss, c.) Good BC/DR
End of conversation
New conversation -
-
-
Does any vendor other than Microsoft have a networking facing attack surface the size of SMB inside their OS kernel?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
- End of conversation
New conversation
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.