And don't get me started on financial auditors doing security audit work, giving their clients a false sense of security by not knowing the basics of IBM i. Often times it's a joke. When I was a customer I had to worry more about passing big box store security requirements as a foodservice supplier.
Steve Pitcher
iTech Solutions Group, LLC
p: (203) 744-7854 Ext. 176 | m: (902) 301-0810
www.itechsol.com | www.iInTheCloud.com
-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxxxxxxxx] On Behalf Of Steve Pitcher
Sent: Wednesday, March 25, 2020 9:49 AM
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxxxxxxxx>
Subject: RE: Has there been in-the-wild i Series virus?
IBM i is a very worthwhile target in my opinion. Many manufacturing, utility, government and finance companies. Critical infrastructure.
And the beauty is...people think it's not a worthwhile target, therefore not a priority to secure.
Did some work recently for a customer who had an auditor concerned about vendors with *ALLOBJ. That's the least of their worries...every single object and directory was *public *change. It's closing the doors with the windows wide open.
Steve Pitcher
iTech Solutions Group, LLC
p: (203) 744-7854 Ext. 176 | m: (902) 301-0810
www.itechsol.com | www.iInTheCloud.com
-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxxxxxxxx] On Behalf Of Patrik Schindler
Sent: Wednesday, March 25, 2020 8:35 AM
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxxxxxxxx>
Subject: Re: Has there been in-the-wild i Series virus?
Hello Rob,
Am 25.03.2020 um 12:29 schrieb Rob Berendt <rob@xxxxxxxxx>:
Actually I've found a few hacks for IBM i on black hat sites.
I'm aware. I didn't claim there are no actual hacks. I just wanted to point out that IBM i isn't exactly a worthwhile target.
:wq! PoC
PGP-Key: DDD3 4ABF 6413 38DE -
https://www.pocnet.net/poc-key.asc
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit:
https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives at
https://archive.midrange.com/midrange-l.
Please contact support@xxxxxxxxxxxx for any subscription related questions.
Help support midrange.com by shopping at amazon.com with our affiliate link:
https://amazon.midrange.com
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit:
https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives at
https://archive.midrange.com/midrange-l.
Please contact support@xxxxxxxxxxxx for any subscription related questions.
Help support midrange.com by shopping at amazon.com with our affiliate link:
https://amazon.midrange.com
midrange.com
