That's not how things work, especially with a breach of this magnitude. It's been forensically torn apart, we know how it works, the domain it was using for command and control was taken over by Godaddy and Microsoft (and neutralized).
This is so everyone can begin to search for indicators of compromise and get to patching or rebuilding their systems.
Since this likely happened back in March, it was on Krebs watch. It may have been the reason he was fired, since you can be sure the NSA knew about this hole before anyone else.
Who knows, the breach could have been one of ours.
What is "That"? Did you read my post? I am saying that chris krebs is repeating what he read in the papers. I think you and I are saying the same thing.
What i find interesting is the first people who post to my text posts usually are responding to the headline and it's very evident they didn't read what I actually said in the content. Is that fair? Re-read mine and re-read yours and tell me if I'm right.
Who knows, the breach could have been one of ours.
That's exactly my point. That's why I said vault 7
Anyway, I agree with you with everything but I think '/rumorcontrol' was the straw that broke the camel's back, and that the underlying unknown-at-the-time knowledge was that this breach happened, so rumorcontrol at cisa was pure false propaganda
Re-read yours... The "if he has knowledge, someone leaked NATIONAL SECURITY SECRETS to him" is probably inaccurate for a couple of reasons.
First, I'm pretty sure he still has his clearance, so... no CRIME there.
Second, anyone who says they know who did it is likely full of it. The general rule of thumb I use is "if it looks like X, it's probably not X". And yeah, Vault 7.
Finally, I'm surprised nobody's mentioned the possibility of an insider doing this. It would be the simplest vector, and that would explain why it went unnoticed for like 9 months...
That's not how things work, especially with a breach of this magnitude. It's been forensically torn apart, we know how it works, the domain it was using for command and control was taken over by Godaddy and Microsoft (and neutralized).
This is so everyone can begin to search for indicators of compromise and get to patching or rebuilding their systems.
Since this likely happened back in March, it was on Krebs watch. It may have been the reason he was fired, since you can be sure the NSA knew about this hole before anyone else.
Who knows, the breach could have been one of ours.
What is "That"? Did you read my post? I am saying that chris krebs is repeating what he read in the papers. I think you and I are saying the same thing.
What i find interesting is the first people who post to my text posts usually are responding to the headline and it's very evident they didn't read what I actually said in the content. Is that fair? Re-read mine and re-read yours and tell me if I'm right.
That's exactly my point. That's why I said vault 7
Anyway, I agree with you with everything but I think '/rumorcontrol' was the straw that broke the camel's back, and that the underlying unknown-at-the-time knowledge was that this breach happened, so rumorcontrol at cisa was pure false propaganda
Re-read yours... The "if he has knowledge, someone leaked NATIONAL SECURITY SECRETS to him" is probably inaccurate for a couple of reasons.
First, I'm pretty sure he still has his clearance, so... no CRIME there.
Second, anyone who says they know who did it is likely full of it. The general rule of thumb I use is "if it looks like X, it's probably not X". And yeah, Vault 7.
Finally, I'm surprised nobody's mentioned the possibility of an insider doing this. It would be the simplest vector, and that would explain why it went unnoticed for like 9 months...