@dbeato yeah which I had none of that information nor do I know if email delivery was setup.

@Dashrender said in When Anti-Virus Companies Get Hacked: Symantec, Trend Micro, and Intel McAfee:

I can't recall if the bad ccleaner was signed or not?

Even if it was, that would be a Microsoft compromise. This is about the AV vendors getting hacked.

@shybrsky said:

@MattSpeller said:

@shybrsky said:

target has no BE agent before, this is new server .. so i want to deploy agent for Backup exec

IIRC they have an offline installer you can download from their site. That way you skip the whole buggy deploy client process.

what is IIRC ??

IIRC is a short hand writing of "If I Recall Correctly"

@PackMatt73 said:

@thanksajdotcom GREAT to hear! I'll keep you in the loop if there is more stuff like that

Awesome, thanks!

Hard to say, I'm going to guess that Sophos is the way to go.

Very cool, thanks.

@thanksaj said:

@scottalanmiller said:

@thanksaj no, AJ. Not ironic. Not at all.

Ironic means something is the opposite of the way you'd expect. I'd say this is slightly ironic.

It means a little more than that, that's the new "hipster" definition that people starting using because actual irony was too hard and they wanted to be able to call coincidental things ironic to sound cool. But it is completely incorrect both as a linguistic usage and, in the way that you are attempting to use it, it is not at all ironic, it is at best coincidental - it is used in a very expected way, not in any way surprising or unexpected or opposite, in a way that coincidentally has something to do with you.

It's actually so expected and so unrelated to you, that even calling it coincidence is a stretch and for something to be irony requires coincidence and then a cause/effect inverted intention relationship. This lacks all three requirements for irony. The coincidence piece is just a word appearing in one place that also appears in another. That's stretching coincidence to the limit. That's like saying that you went to the grocery store today and... so did some other people! What a coincidence!

Posted my first question(s).

@Reid-Cooper somebody once said... "bow ties are cool"

It's the curse of large companies. Once you get to a certain size you have more than enough unhappy customers (or people with a reason to make you look bad) that will be vocal in any setting that you just always have them no matter what you do. No way to be a huge company without that happening.

@thecreativeone91 said:

@scottalanmiller said:

@thecreativeone91 said:

So how does a site get an SSL without knowing? "CT’s intent is to prevent CAs from issuing public key certificates for a domain without the domain owner’s knowledge." I assume that means if the site is hacked.

No, it does not mean that it has been hacked. This is really easy to do. I'm not sure at what stage you think that there is a verification for this currently but generally there is nothing.

But it has to be used at the domain it's issued for or else it will throw a mismatch error.. Unless it's a whild card cert..

That's a completely different piece of security. If you hijack DNS you completely bypass it.

@StrongBad said:

@ajstringham said:

I literally just got off the phone with a customer wanting to know more about this very issue.

Thankfully you have ML to inform you before you get those calls 🙂

They didn't want to know more about the vulnerability itself, but rather when MVM would have a script that could scan for it.

Splitting makes sense. Keeping companies from having too much infrastructure is generally a good thing. Just important to make sure that you don't break up heavily aligned units. HP's split seems bad, Symantec's seems good.

Untitled-1.png

@ajstringham said:

They are almost identical in how we are standing! LOL

No real surprise. You're basically SAM Mark II aren't you? The younger, newer model. I expect you to eventually overtake him on Spiceworks points and blog posts.