https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/
Its pretty brutal - full compromise, keys, heck they were firing up their own servers in the Ubiquiti AWS environment (ROFL)
They need to be hung, drawn and quartered if true and they did not disclose
Of course, the comments section has some nuggets of comedy GOLD in it...
But this is a disaster, good to see the company punished with only a smaller increase in stock price than expected. :doh:
I see Ubiquiti gear on a lot of customer networks. I wonder if I'll continue to see it. Huawei is already on its way out in a number of accounts, and something like this can see a phase-out of this vendor in favor of Mist or Meraki.
I never heard of them until I read this article. Smooth move blaming the "third-party".
Companies like this, where management hide things because they worry about the stock price = complete crap, untrustworthy and a high risk investment due to the unknowns and lies.
It's much better to say - We F'd up because of X.Y.Z. We've implemented processes A.B.C to try and prevent this from occurring again. etc.
Because of the Ubiquiti lies and deceit, there is no assurance or guarantee that this wont happen again. There are big question marks if they even fully realise the gravity of the situation, because of the lack of disclosure.
Avoid. Avoid. Avoid. You don't need those risks to your business. Even if the product is secure and capable, their management don't know their ass from their elbow and that's the main issue now. Bad decisions follow bad decisions and that's what got them into this mess in the first place. Management should be let go WITHOUT a severence package - unfortunately companies like this will pay out their management millions of $ just to leave as some kind of a reward for F-ing up.
Quote from: Dieselboy on March 31, 2021, 10:01:51 PM
Companies like this, where management hide things because they worry about the stock price = complete crap, untrustworthy and a high risk investment due to the unknowns and lies.
It's much better to say - We F'd up because of X.Y.Z. We've implemented processes A.B.C to try and prevent this from occurring again. etc.
Because of the Ubiquiti lies and deceit, there is no assurance or guarantee that this wont happen again. There are big question marks if they even fully realise the gravity of the situation, because of the lack of disclosure.
Avoid. Avoid. Avoid. You don't need those risks to your business. Even if the product is secure and capable, their management don't know their ass from their elbow and that's the main issue now. Bad decisions follow bad decisions and that's what got them into this mess in the first place. Management should be let go WITHOUT a severence package - unfortunately companies like this will pay out their management millions of $ just to leave as some kind of a reward for F-ing up.
TRUTH
As for Ubiquiti...
:fail1: