If you have any new relevent information to add to your topic,
that can envolve the discussion furter with more insights.
Then yes.
Totally agree with you. Does anyone have any further into how they got in? I’d be interested on how this was exploited.
If not, I feel obligated to hold a mass this Saturday in celebration of this reserection.
While it doesn’t say the exact moment they got in - this article by The Associated Press from November 2017 seems to suggest an onslaught of phishing finally landed a mark or enough marks to get a foot hold with user creds.
From there it doesn’t dive deeper.
Heads up it’s a bit of a read. Hopefully you find this helpful.
See you at mass 
PS I’d say it’s plausible - we stopped a spearphishing attack today at work, happens all the damn time. Gain a valuable targets creds. Do a little Ruby IMAP magic (or POP3 - if you’re a dick and bold) and vuala - thousands of emails at your finger tips because gor some reason people keep thousands of emails in their inbox even though the emails really aren’t needed. But they’re dumb.
Oh there will be allot of info coming from Weiner’s laptop
On the DNC server:
Story that tries to dismiss the “leak by Seth Rich” theory.
The gaping holes in the story I find amusing
"The intelligence community, including the CIA, FBI and NSA, also claims to have evidence the attacks were coordinated by Moscow, though they have not released their evidence to the public."
Crowdstrike is also mentioned.
No one is even looking at the Awans who hacked half the congress of the USand got paid 5 mil while doing it. If they were working for ISI you think maybe they could find a way to use that info to get into “other servers, even illegal ones”?
No link yet, but the motive is there and perhaps opportunity and means. Anyway this whole mess will be years in the unfolding.
Maybe Q-anon might give us a morsel in the future 
Open ports :T its Hillary Clinton do you really think that there was any effort put in to the important parts?
It’s a good thing that this topic was resurrected considering that we’ve learned recently that the Dutch intelligence agency was literally watching Russians hack US political parties. They weren’t just in their systems, they hacked into their security cameras as well and could literally see them do it. And guess who’s in possession of that evidence now?
As for conspiracy theorists among you - you have about few months of fun left until this thing unravels. Then you get to find out who the real criminals were all along. I will suggest that when that moment comes, try not to dig yourselves deeper into a conspiracy theory hole. Just come out of it and admit that you’ve been duped.
If the Five Eyes were used for stuff like this. Instead of spying on civilians world wide and having it be abused for that. Then the program would not be a problem. Maybe.
Unfortunately, as problematic as the program is it’s necessary and it isn’t going away. Criminals and hostile foreign spies are getting more sophisticated all the time. Law enforcement agencies and intelligence agencies can’t play catch-up with them. They must always be several steps ahead.
My understanding is the Clinton email server was never hacked or penetrated via social engineering. It could have been, but as far as we know it wasn’t. Certainly if the Russians got the Clintons’ email they would have sent it to Wikileaks or posted it on DCleaks (Guccifer 2.0/Fancybear’s own leak site) with everything else. If anyone has evidence to the contrary please do speak up.
What the Russians got was access to John Podesta’s mail via him clicking on a phishing link in an email that led to a fake Google site where he typed in his username and password. I haven’t seen a story explaining how they got access to the DNC’s mail but seems likely it was the same method.
Fire Eye
Anytime I see Fire Eye in a news story, especially one about security, I’m terrified. Who are these people? Where dd they come from? And why are they suddenly and without having a long history considered not only a credible source, but the most credible source? Hell, the name alone conjures images of Sauron. Not since AT&T used the Death Star as their logo has a brand been such a telling symbol of their treachery. They are the Blackwater of InfoSec.
2 Likes
Another cyber security outfit providing software and hardware solutions to corporate etc.
Sprung to to cash in on the lucritive contracts no doubt.