This demonstrates a thing that I’m sure serious security pros (and their adversaries) have long known: These Windows security products are a highly attractive attack surface for serious professional Bad Guys. They run in God mode and are typically purchased by IT-management types via the “enterprise software sales” process. (Think: golf.)
I wonder how many of them are already deeply compromised? I am certain that the number is not zero.
#Crowdstrike #Windows #infosec
Tim Bray /
npub1ju…3ue59
2024-07-19 15:28:52
Author Public Key
npub1ju780894uuhlpdhs73lcap4wu8avu8pphq9wpkdu2ztg4fchujuqy3ue59Published at
2024-07-19 15:28:52Event JSON
{
"id": "2dac79b32a264142670c31ead3ad853eda0aa0894c78d53cd8ee6ada5e2ee03b",
"pubkey": "973c779cb5e72ff0b6f0f47f8e86aee1face1c21b80ae0d9bc50968aa717e4b8",
"created_at": 1721402932,
"kind": 1,
"tags": [
[
"t",
"crowdstrike"
],
[
"t",
"windows"
],
[
"t",
"infosec"
],
[
"proxy",
"https://cosocial.ca/users/timbray/statuses/112813862615797330",
"activitypub"
]
],
"content": "This demonstrates a thing that I’m sure serious security pros (and their adversaries) have long known: These Windows security products are a highly attractive attack surface for serious professional Bad Guys. They run in God mode and are typically purchased by IT-management types via the “enterprise software sales” process. (Think: golf.)\n\nI wonder how many of them are already deeply compromised? I am certain that the number is not zero.\n#Crowdstrike #Windows #infosec",
"sig": "6cd32bb8ffcdf355fde2344510bf59247234ad08c3fe2004e696380d0a743c2b664aab81572daa3bab3127484b6e22116d8ddb7248d2c053efd20a09f1fb26dc"
}