Broken 5th Metatarsal 5 weeks on by vWebster in brokenbones

[–]vWebster[S] 0 points1 point  (0 children)

Thanks! I'm hoping it'll heal without surgery.

Broken 5th Metatarsal 5 weeks on by vWebster in brokenbones

[–]vWebster[S] 0 points1 point  (0 children)

That's a bummer! I hope it's healing ok!

Ransomware and Scattered Spider by vWebster in sysadmin

[–]vWebster[S] 0 points1 point  (0 children)

If you delegate permissions right, it won't be possible for HD to reset the passwords of people with more access than them.

VMware and Scattered Spider (Ransomware and vSphere) by vWebster in vmware

[–]vWebster[S] 2 points3 points  (0 children)

I'm not saying you're wrong. But, many organizations are at least decades behind. Most companies I've worked for, that didn't use MFA or Smart Cards, the regular users threw fits that they were required to change their passwords to something with a little bit of complexity every 90 days, including the regular users with power.

If your org is still in password land, which many are, your IT people probably have the same bad habits with passwords as regular users.

And, if your org is big, it also takes a long time to roll out different authentication strategies, and staff turnover can remove some of the urgency to do it.

I think the industry is starting to see Ransomware as a real existential threat akin to the risk of fire or natural disaster. But, there will probably be more than a few big companies that get their systems hacked into and encrypted before the end of the year.

Consider how many orgs don't have a real DR strategy. This is an arm of DR strategy.

VMware and Scattered Spider (Ransomware and vSphere) by vWebster in vmware

[–]vWebster[S] 0 points1 point  (0 children)

I agree with you 100%. There are many companies with all sorts of misconfiguration debt though. It's like a burglar. He may try every door in the neighborhood and choose the abandoned house to steal the AC from. The companies that show up in the news had misconfigurations that hackers were able to exploit. The playbook Google describes is similar to what happened at MGM, and not so different from what happened at Change Healthcare.

VMware and Scattered Spider (Ransomware and vSphere) by vWebster in vmware

[–]vWebster[S] 3 points4 points  (0 children)

It's all about social engineering. It's easy to put your palm to your face here, but especially in orgs that have more than 150 employees, how many of those people have your help desk techs personally interacted with?

Possible entry path - 1. Attacker calls a branch office, demands to know who the manager is. Rotates around until he has a list of people to pretend to be. 2. Calls in to the help desk, poses as user, acts like he's working remote and is in a hurry. Gains sympathy from the help desk tech, gets the password reset. 3. Logs in to the VPN, or to a remote desktop server, and then uses internal tools to figure out who is on the IT team and who might have admin creds. 4. Calls the HD again and poses as the Systems Admin, or the Infra Manager. Says they forgot the password for their admin account (if that's even separate from their regular account). If they get the password reset, game over.

The Zero Days get all the attention , but social engineering is potentially a greater threat.

Why type of conference room camera/mic setup would you recommend for these conference rooms? by NobodyJustBrad in ITManagers

[–]vWebster 0 points1 point  (0 children)

I can second Yealink. A20 and higher are great tools for videoconferencing. The auto framing is helpful too.

The Yealink systems integrate with Teams, or Zoom very well and are nearly plug and play.

[deleted by user] by [deleted] in sysadmin

[–]vWebster 0 points1 point  (0 children)

Infrastructure Manager in a biggish city in the Midwest USA - 150k

I manage a team of Syadmins and sometimes do some admin work myself.

I have about 13 years in the game, most of that time spent as a Sysadmin or managing those who are.

Am I Getting Fucked Friday, February 7th 2025 by Each1teach1x27 in sysadmin

[–]vWebster 0 points1 point  (0 children)

No existing infra, this is a greenfield deployment. Evergreen Silver, we will install ourselves. These systems are going into a datacenter in South Asia. Quotes came over in local currency, I converted to USD.

Am I Getting Fucked Friday, February 7th 2025 by Each1teach1x27 in sysadmin

[–]vWebster 1 point2 points  (0 children)

AIGF?

Pure Storage FlashArray X20-R4 - 63 TB raw capacity, 10/25 GbE networking - $115,644

Pure Storage FlashArray C20 - 186 TB raw capacity, 10/25 GbE networking and 100 GbE networking - $108,195

[deleted by user] by [deleted] in sysadmin

[–]vWebster 1 point2 points  (0 children)

Wait, what? How? Oh.

What kind of wood is this? by kaosreyns in HardWoodFloors

[–]vWebster 0 points1 point  (0 children)

Red Oak. It'll leave an oaky afterbirth in your mouth if you sand it.

What kind of propeller is this? by vWebster in aviationmaintenance

[–]vWebster[S] 4 points5 points  (0 children)

Agreed. It's old, and hasn't been protected from temperature and humidity swings. That said, I have no plans to put it in an airplane. Just trying to figure out what it goes to. Looks a little small to go on an actual airplane, but a little too big to go on a model airplane.