Message from @Zuluzeit
Discord ID: 788961286876561449
And I'm not saying they were trying to do something illegal but they may have an inadvertently or due to slackness.
She just admitted on that video that she did adjudication by herself. That, according to GA standards, is a big no-no.
And now that the state governments are on the defensive they're going to crucify these people..
They've probably been doing it that way in coffee county for the last 40 years...they probably don't even know that it's wrong just saying
But sure state law.
Bruh. They got into SolarWinds ftp network and modified software updates....
You think they only laced Orion while they were there?
Probably not...
Solar winds is owned by a Chinese equity company with ties to the CCP or a large portion of it is
According to some dude last night oh God damn it
Solarwinds went private
One of the founders went on shark tank
Some dipshit uploaded FTP keys to github, and somebody was scraping github for keys.
Silver lake partners
I don't know why they be using that server software anyway but I guess they're a Windows shop so...
That's what Kreps summary as showing as well as the info I got from solarwinds. You cant just assume things hacking π
Rob, Cablebox here. I made the comment about the Colorado senate committee hearing. Listen specifically from 54:35 to 1:37:00
That is Mr. Smith's testimony. I really do mean it when I say it made my jaw drop!
Well tried to go private a while back
@cealey92 It's all white noise now, buddy. They went to that fake news well too many times.
If anyone else finds Colorado senate hearing committee testimony from Mr. Smith as compelling as I did. Please share it. I'm not claiming voter fraud or election interference but I am saying that we should all demand a significant audit of our entire election infrastructure. Again the times are from 54:35 to 1:37:00
Listen, if this was a state actor, then no, I'm pretty sure they did not only upload 1 dll.
However, scraping github for accidentally uploaded keys isn't exactly rocket science. This could have been anybody.
If they had a preset list of dlls ready made, then they probably just matched the one dll they had and placed it there.
What is the motivation to upload keys on to git hub. Spy or dumb employee? Or aliens
Their target was US govt targets. Infecting solarwinds Orion got them 425 out of fortune 500. All 10 telecom companies. All the major government targets. Modifying serv-u software puts their hack in jeopardy of discovery and gets them nothing.
https://krebsonsecurity.com/2020/12/u-s-treasury-commerce-depts-hacked-through-solarwinds-compromise/
Possibly distraction from source?
All the collateral damage it's nothing personal.
That woman's the reason people should really start doubting what kind of operation these clowns are running
π€‘
It's like Google Dorking used to be
Processes that involve human or inherently flawed...that's why you protect your systems from the jackasses that are using it. Always something some dumbass did.
They hire some random woman from some random temporary employment place I mean who is this person that's operating the system?
πππ saw this and thought yβall would appreciate it.
Yeah maybe we wait for ACME's vaccine instead.
Krebs is misreading Microsoft. MS is not saying that Orion was used to gain token-signing certs. MS is saying that the actors have these threat patterns.
My guess. Somebody sits around waiting for credentials to be uploaded on github.
https://www.dailyridge.com/en/2020/12/15/tech-tuesday-malware-laced-software-updates-in-the-wild-since-march-2020-sunburst/
Then they use those creds to modify some dll in the software updates.
They wait and see how far/wide it spreads. They confirm that it's in a bunch of government agencies, then they sell it to FuzzyBear or whoever wants to send them enough Bitcoin.
Cnn says Trump says he will not leave the White House on the 20th of Jan. If this comes to fruition we might have the first president getting kicked out by force
Would be interesting