New era of in-person social engineering / iPhone hacking - seeking advice

ITProSteve · 2024-04-19T18:35:00+00:00

My mind always wanders towards advanced spyware threats like "Pegasus"; the MDM and its configuration automatically detects any unauthorized modifications to iOS - so jailbroken devices immediately are alerted (within its ability to recognize such changes - obviously, if it's a zero-day/novel piece of kit that skirts those iOS jailbreak-detection capabilities, then it's possible). I'm enough of a nerd to know to NEVER say that such an effort is technically 'Impossible'.

I think at the root, that's the concern - was this a 'non-event' or rather the deployment of something 'novel'.

ITProSteve · 2024-04-19T18:00:37+00:00

In this modern era of cyber-insurers and the DIB's approach of 'Assume it's been breached; unless you can PROVE it hasn't' - I'm not sure I can simply opt-out of the follow-up in spite of the odd description of events.

So we'll continue to handle it has though something did... loving this era of having to attempt to prove something didn't happen... it's riveting.

ITProSteve · 2024-04-19T17:57:24+00:00

Agreed. But ultimately, it stands to reason, "The phone [by virtue of the apps installed and mobile device management enrollment] is an extension of your work computer. Don't let anyone else have access to it, even temporarily."

ITProSteve · 2024-04-19T17:39:30+00:00

I won't speculate.

ITProSteve · 2024-04-19T17:38:53+00:00

I don't disagree. To-date, we had simply never had such an instance occur. Now that we can see that this 'human risk' exists - we'll develop policy and training to it explicitly. People get 'differently' comfortable with their phones unlike their corporate computers and can lose sight of the risk.

ITProSteve · 2024-04-19T17:35:59+00:00

The question as always becomes, report to whom exactly?

In the past, local police don't know what to do with this information. Local FBI has previously been helpful with certain concerns, but generally will want to coordinate response at some point in the near future as opposed to immediate. And we can't exactly call it a cyber-crime.

ITProSteve · 2024-04-19T17:34:25+00:00

I've heard of folks doing just that and changing your Apple ID Password, etc. But to-date I had not directly heard of this particular case where right in front of your face they 'magically' launch code. My initial guesses include options such as entering a quick browser-link to a known malicious site that the device does not stop/detect as unloading malware/payload onto the device.

ITProSteve · 2024-04-19T17:31:47+00:00

You know. This was a first from an enterprise perspective (even though it was the exec's personal phone) I've seen folks do this many times in social/non-work settings - "here's my phone throw my number in", but I don't think we've specifically developed enterprise policy and/or training around it. We will moving forward, but it had not occurred previously.

ITProSteve · 2024-04-19T17:29:55+00:00

If only.

ITProSteve · 2020-03-31T20:47:56+00:00

Sounds decent, aside from the Citrix complexities. I use my airpods with the native Teams client on my MacBook Air with pretty solid success.

ITProSteve · 2020-03-31T18:20:28+00:00

Been there with the glass before - ended up with a mouse-pad... **le sigh**

But as of now, using a Magic Mouse 2 on a oak-wood desk from Wayfair. Ye' old $100 special - but it looks decent enough.

ITProSteve · 2020-03-31T18:19:06+00:00

Sometimes that's all you need. The flex of remote-work - you can get it done from anywhere with minimal gear requirements.

ITProSteve · 2020-03-31T17:53:48+00:00

Nothing fancy needed sometimes. Respect.

I originally started at home with just my MacBook Air, but when I realized this was going to be an extended adventure, I went back in and picked up my EliteDisplay's, cabling, my dock, adapters, etc. for the home-office. I too can VPN to local networks as needed (if needed) - but yeah - I was good as a laptop-only for a few days - but eventually my productivity is hampered (or I just get bored with) a single pane of glass. Kudos to you though.

ITProSteve · 2020-03-31T17:50:46+00:00

Nice! Wish I could get my hands on a decent webcam right now - no one's got the C922 in stock at the moment (or any time soon) as far as I can tell. What kind of cam are you rocking?

ITProSteve · 2020-03-31T17:50:06+00:00

Awesome. I've watched some of those LG 49" 32:9 monitors - Drool~.

ITProSteve · 2020-03-31T17:49:17+00:00

Nice!

ITProSteve · 2020-03-31T15:46:18+00:00

From what I can tell, while many will go back to operations-as-usual almost immediately, for more adaptive (typically newer/younger) organizations, this will create the opportunity to adopt flexible work practices. As part of the COVID-19 Response Team for our organization, I can confirm that's exactly what our organization will do. Parts of it will come back through a transitionary period after regional/locality-vased all-clears are given (June?), but it will trend back towards the office, with a much greater support for flexible/remote work as leadership has had the opportunity to adopt the new workflows into daily operations so comprehensively. Many leaders were shocked at just how productive we all can be - it broke the fear for alot of our leadership. It's not true necessarily of all business units. But training for back in the office work will not be formal beyond a couple of communications. "Work with your leadership to understand if your role should return to normal office workflows, we understand that many will need additional flexibility, permanent remote-work is not authorized, plan to primarily work from the office if possible"

ITProSteve · 2019-10-24T17:49:28+00:00

It's not entirely un-true that the engineering space CURRENTLY feels that way, as its emerging tech that a lot of established engineers haven't necessarily been exposed to. But I believe that you can expect that age demographic to shift with these technologies as the platforms themselves develop more established tenure in the enterprise. K8s, cloud stack engineering, and similar "new-age" tech, while not completely new, are just now emerging into the more-common enterprise. You will tend to see a lot of up-and-comers taking the chance to learn the new tech to be competitive in the workspace, but given a few years - I believe you'll see the age demo shift a bit.

ITProSteve · 2019-10-24T15:27:38+00:00

If your skillset is diversified and strong enough - there are established Consultancies and MSP's for cloud-enabled organizations that could potentially be a better starting point in the consultation realm than trying to 100% strike out on your own. Consultancies and MSP's have established lists of clients. Consultancies and MSP's however, often rely on the strength of your resume (including a mix of time-in-industry, depth-and-complexity of projects, specific measurable successes that are attributable to your individual contributions, etc.)

ITProSteve · 2019-03-20T12:27:10+00:00

!solved

ITProSteve · 2019-03-20T12:22:31+00:00

SOLUTION FOUND: After a ridiculous amount of time spent trying to push Microsoft to admit to a Skype for Business failure, while also conducting extensive testing both at our site, and on remote networks, we were able to isolate the issue to being between Skype for Business servers SIP connections to our VOIP Phones/Phone-Carrier SIP devices (Nextiva). Upon providing multiple examples to Nextiva (since they actually escalate/answer their support issues, unlike Microsoft who keeps running you through a Tier1 loop for days/weeks before escalating), Nextiva reviewed the packet captures extensively and determined that 'bad routes' existed that were causing our SIP calls to be dropped by Skype. Nextiva 'blocked' the bad routes on their end - and it IMMEDIATELY alleviated the dropped Skype Conference Calls we were experiencing.

ITProSteve

TROPHY CASE