VideoLAN @videolan App Stores were a mistake. Currently, we cannot update VLC on Windows Store, and we cannot update VLC on Android Play Store, without reducing security or dropping a lot of users… For now, iOS App Store still allows us to ship for iOS9, but until when?

  • Syn_Attck@lemmy.today
    link
    fedilink
    arrow-up
    4
    ·
    edit-2
    7 months ago

    One of the quickest ways to pivot into a corporate intranet is via an old insecure networked printer that Shannon from HR brought in.

    Sure, maybe you don’t have anything worth stealing or leaking, but I bet getting hit with ransomware that encrypts every drive on the network and charges you $2,000 per drive to decrypt will put a damper on your day, month, or year.

    Hope you’re one of the 0.1% of people that actually keep regular backups.

    • Em Adespoton@lemmy.ca
      link
      fedilink
      arrow-up
      2
      ·
      7 months ago

      My point though is that if you’re running the old device without appropriate lockdowns, it’s already leaking like a sieve. It’s been at least five years since the corporate perimeter has been considered more than a minor line of defense, specifically because there are so many pieces of equipment long out of security patch support (if they ever had it) that can’t be trusted.

      And ransomware actors don’t bother with the printer; they get in via phishing emails and misconfigured routers and remote access tools — because it’s too much work to target the printer when there are juicier targets.

      Although there’s been a recent push towards credential management compromise, and if you’ve got an iPad 2 connected to an Apple ID that also happens to include an iCloud keychain with your Exchange server credentials on it….

      • Syn_Attck@lemmy.today
        link
        fedilink
        arrow-up
        2
        ·
        7 months ago

        My thinking was more along the lines of old vulnerabilities in VLC (specifically codecs/implementation) exploiting a set of the most commonly sold TVs, and spreading via torrents. If your malware group can target 6 models of the best selling 5 year old TVs and spread via torrents and then infecting video files, which spread over Windows networks and keep infecting video files, it could be a good few million device strong botnet.

        Seems more like something an APT actor would focus on because the effort:reward ratio isn’t there for most groups, and it would take a lot more effort than the MicroTik botnet or other compromised router nets.

        I’m hesitant to run any outdated network-connected devices on my (read: the one my personal devices use) network. The only older model device we have running is a brother printer but it still receives firmware updates, and it’s segmented so printing is never done directly from anyone’s device, it’s hooked up to an old laptop running a simple custom web server that accepts files and puts them in the printer queue, and tunneling and DNS are configured on the router, if someone needs to print, they go to [thenameoftheprinter].com in their browser and upload the file(s) and it prints. Devices without access to the guest network can print with Bluetooth, it just requires opening the laptop and pairing and manually printing.

        But that was born out of issues of compatibility with the printer running on the guest/kids network, and not wanting to plug it directly into the router or use the Brother apps more than “This printer is older, must not have direct network access.”