Profile picture
Vess
@VessOnSecurity
, 8 tweets, 1 min read Read on Twitter
Here's a short infosec horror story with no ending (yet) - neither good, nor bad.

Thread...
Every month, the accountant at an organization that shall remain unnamed to protect the guilty, receives an Excel spreadsheet from the central office. She uses this spreadsheet to do the salaries for the staff for the month that just ended.
She receives this spreadsheet as an e-mail attachment. It's a different file each month, so she can't just save it once on her local machine and use that.

The spreadsheet contains macros, which are needed for it to work.
So, basically, each month the person doing the salaries clicks "Enable content" for an Excel file she got by e-mail.
Oh, BTW, the macros aren't signed. I don't know if they change each month or if only the data in the file does. The machine is not part of Active Directory, not monitored or controlled by an admin in any way.
The good news: her machine hasn't been ransomwared yet. Also, it is being backed up regularly.

The bad news: there is no way to solve this problem, I mean, this disaster awaiting to happen.
I tried to explain to her how dangerous this is. She interrupted me on the second sentence and told me that she doesn't understand a word of what I'm saying, that this is how she's been told to do things and that if she doesn't do them, she will be reprimanded.
And this, folks, is why we keep having security incidents.
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Vess
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @VessOnSecurity see all

Profile picture
Vess
@VessOnSecurity
OK, since Graham has stirred up old memories, gather again 'round the fire, kids, it's story time again...

Let me tell you about my own memories from that (non)event.

As you should know by now, it was mostly a marketing stunt started by John McAfee... 1/
I mean, it wasn't exactly an obvious bullshit. We've had that one before, about the Datacrime (AKA the Columbus Day virus), which was supposed to activate at a certain date and cause destruction, except it wasn't widespread at all.

Well, Michelangelo was actually in the wild.
So, lots of journalists and AV people jumped on the bandwagon, giving advice, providing free AV programs (just for that virus), etc.

And we did clean up a lot. It was a bit like the Y2K problem - overhyped, but real.
Read 21 tweets
Profile picture
Vess
@VessOnSecurity
OK, the month of January is over, so it's time for my monthly report from our honeypots.

We couldn't figure out a fast way to query the database containing our Telnet & SSH honeypot data, but we found another solution.
Basically, I wrote a scrip which, at the end of the month, copies the relevant data for the previous month only into temporary tables. Then I created a new visualization that uses only these temporary tables. 4-mil row tables are easier to handle than 30-mil ones.
So, here is the big picture from our Telnet & SSH honeypot for the month of January. As always, the USA holds the top spot:
Read 19 tweets
Profile picture
Vess
@VessOnSecurity
OK, folks, the month of October is over here, so it is time for my honeypot report. Let's start with our Telnet & SSH honeypot.
First, the big picture. As always, the USA is at the top of the list of countries where the attacks are coming from. Three TIMES more attacks from there than from the next contender, Germany. The latter is somewhat unusual, Germany is rarely near the top.
Next, a graph of the number of attacks per hour. The honeypot is being attacked nearly once every second on average!
Read 14 tweets

Related threads

Profile picture
Sami Schalk
@DrSamiSchalk
Good morning Twitter friends. I’m still in bed sick, but possibly on the mend at last after 4 days. Last night @tropigalia & @laura_luna asked me to do a #thread on the devaluing & misrecognition of #femme relationships so here we go.
First, if you don’t know what femme is, read this, this thread will still be here: bustle.com/articles/16608…
So to be clear, femme is a queer gender expression not tied to sex or gender identity. Femme is also not exclusively about appearance, but this thread will emphasize appearance bc I’m going to talk about the way femme relationships are read, thus based on visual cues.
Read 19 tweets
Profile picture
David Mullings
@davidmullings
A #thread about what has and has not worked for me since launching my first startup in Feb 2002 with my brother, striking some big deals, raising capital, losing money and rebuilding.

I hope you find it thought-provoking
We built some hype around @realvibez with our branded car, sponsoring events like Stages, ATI, Blink and Reggae Sumfest but we also knew that we had to be authentic - the website actually had to have the content on it
We did not want sugar-coated B.S. interviews so we focused on cold, hard truths when I asked questions.

Hence why I asked Collie Buddz about racism in this interview -
Read 61 tweets
Profile picture
Oloye Akin Alabi
@akinalabi
Nothing Is Impossible For Someone Who Doesn’t Know It Can’t Be Done!

#THREAD

Once upon a time, there was a very rich man who was getting very old and feeling he would die soon.

He’d had a wonderful life and now, he wanted to leave his considerable fortune to his 3 daughters.
The daughters had married well. The rich, old guy had great affection and respect for all three of the gentlemen his daughters had chosen to marry.

So he boogies on down to the offices of the law firm which handles all the legal details of his business affairs.
He tells his lawyers what he wants to do… and… That’s when he began to learn the harsh realities of the probate, estate and inheritance laws in his country.

These Laws Are Flat Out Insane!

They are ridiculously complex.

Here is the summary of the laws.
Read 25 tweets
Profile picture
#SideHustleWithAbbey 👨‍💻
@AbbeyTunji
STRATEGY TO 10X YOUR SALES IN 2019!

If you run any kind of business that requires sales of product or service, gather here on this #thread.

Let me show you how to increase your sales.

Powered by #SideHustleWithAbbey
It’s no more doubt every business has gotta get online and maximize the traffic that exists on the internet, but the truth is...

So many businesses are still finding it difficult harnessing the online presence.

Now, it’s not by merely putting your business on social media or
..having a fanpage, yes those are good BUT are not better let alone best.

So what are these strategies????

Simple! I’m going to make this very short and concise - straight to the point.

I’m going to be using example of one business I love the way the owner is pushing...
Read 21 tweets
Profile picture
Jikku Varghese Jacob
@Jikkuvarghese
#Thread #KeralaFloods Detailed thread to document the historic efforts of various online groups in rescue and relief operations. Trust me, Whatsapp and Google sheets were the powerful weapons we had. Pic: An online control room set by NRKs in house at Abu Dhabi (1/n)
It was the time we truly realised the power of social media and instant messaging services with regard to disaster management. Many were stranded on roof-tops without any other contact to the world other than their mobile phones. Whatsapp brilliantly solved the issue. (2/n)
Before going in detail let me point out the problem statements. 1) Govt issued some helpline numbers but most of them were busy with numerous calls 2) Thousands of SOS requests flooded in social media which were not addressed in a systematic manner, hence turned spams (3/n)
Read 26 tweets
Profile picture
Nitin Sethi
@nit_set
#Thread on #NPAs. Stay with me.

RBI revealed this in an RTI: At the end of March 2018, a record high 7,990 borrowers of above Rs 5 crore had not repaid a whopping Rs 3.71 lakh crore to banks for 1-30 days after due date. That is a four-year high record of early defaulters! 1/n
2/n. These early defaults rose by a record 281.9 per cent over December 2017 when they stood at only Rs 972 billion . On a year-on-year basis, the rise is almost 228 per cent - the highest growth of early stage overdue repayments in 4 years.
3/n. More than 5,000 of these 7,990 were new and unique early defaulters of loans above Rs 5 crore. What does this number tell us? We have been told that all bad loans are of UPA era. This number tells us that Modi govt might be brewing its own banking crisis as well.
Read 9 tweets

Trending hashtags

#queerculture #ksleg #MeToo #ECR #Hayek #Students4theReport #2FA #BoycottSundanceFestival #TellYourStories #Euref #security #Wow #PSE #MichaelJackson #carework #russia #comics #scicomm #MJFam #inktober #queerthread #digitalmarketing #scienceadvice #EphemeralContent #queerdating
Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!