this post was submitted on 24 Nov 2023
181 points (92.9% liked)

Not The Onion

12418 readers
3206 users here now

Welcome

We're not The Onion! Not affiliated with them in any way! Not operated by them in any way! All the news here is real!

The Rules

Posts must be:

  1. Links to news stories from...
  2. ...credible sources, with...
  3. ...their original headlines, that...
  4. ...would make people who see the headline think, “That has got to be a story from The Onion, America’s Finest News Source.”

Comments must abide by the server rules for Lemmy.world and generally abstain from trollish, bigoted, or otherwise disruptive behavior that makes this community less fun for everyone.

And that’s basically it!

founded 1 year ago
MODERATORS
all 15 comments
sorted by: hot top controversial new old
[–] [email protected] 68 points 1 year ago (2 children)

This reads like a radio newscast you'd hear while driving in a GTA game.

[–] GONADS125 19 points 1 year ago

I'm pretty sure we've been living in a GTA satire or The Onion universe since Nov 2016.

[–] [email protected] 1 points 11 months ago

This feels like it steers in to Saint's Row territory.

[–] [email protected] 29 points 1 year ago (1 children)

Looks like they attacked a vulnerability in the HR system to gain access to social security, addresses, and names of the people who worked in the system.

In the long term, it means the people working there will have to freeze their social for a bit, I don't think anyone is going to bother with the addresses except to sign up for stuff on amazon, pins and password resets, and a whole security analysis.

That being said the effects of this won't hit as hard as people think, however I do think it brings up a very important problem in the industry that is now being exploited.

In that HR does not have the proper tools to confirm/deny someone's identity.

This is the third time this year that we have seen this kind of attack used, it is also the third time it has cost the company dearly.

All the firewalls in the world will not help, if one human with window access is constantly able to break the system.

HR might have to become a human solution again rather then a telephonic one. In order to fix this problem

[–] [email protected] 19 points 1 year ago (1 children)

Social engineering is an attack older than computers and will always be the biggest vulnerability in any organization. Training helps, but there's always going to be someone that fucks up and clicks the thing they shouldn't.

[–] [email protected] 11 points 1 year ago* (last edited 1 year ago) (1 children)

We send out fake phishing emails, i.e. they're not really phishing emails but they are designed to look like them to see which people in our organization click them.

Often we will just copy and paste a real one so they look exactly like the real thing and there's always some pillock that clicks them and enters their password or something into an obviously fake form. Then when you challenge them on why they were fooled by such an obvious ploy they always say something like "oh I don't really do computers" as if that's an excuse.

And it's always the people you think it's going to be. The ones that call up to tell you that their computer is running slow and invariably it's because they have 945 Chrome tabs open.

[–] [email protected] 11 points 1 year ago

And it’s always the people you think it’s going to be.

The thing is, in my org it's not; they get people from every team on the reg. One of the senior admins (OS admins, not office admins) on my team has gotten hit because our infosec team is mean and will send out emails from 'hr' when he is sending them too. They've almost gotten me a couple of times, and I'm basically the liaison to their team from mine.

My cito was laughing about it the other day because his name gets dragged through the dirt when it's his 2nd who does shit like send that stuff to new hires an hour after they start day one. Tends to keep people in their toes.

[–] Tylerdurdon 17 points 1 year ago

When South Park comes to life...

[–] Candelestine 14 points 1 year ago (1 children)

Makes a lot more sense when you click through one of the links in the article and get to a Know Your Meme page, the first entry of which is an old 4chan screencap.

[–] themeatbridge 15 points 1 year ago

Yeah, it's more honest but less interesting to just call them "trolls."

[–] sunbrrnslapper 2 points 1 year ago

It feels like a miss to not demand Blunkie, the three eyed fish.

[–] [email protected] -5 points 1 year ago

Ohhhhhkaaayyy. Cat human hybrids? Why don't we mate humans with turnips and cabbages (or perhaps we already have from the intelligence of the people who write these stories). Surely no human being is so absurdly dumb as to believe cat-human hybrids are possible or even desirable. And what's with blaming everything on "furries," why are these cute little gay weirdos the target of so much hate? I like them - they're my kind of cat human people.