OMG North Korea attacked the LA Times… and other nonsensical security stuff

Topic

New Reply

You may have read the articles going around, starting Saturday afternoon, that claimed the LA Times and other current and former Tribune Publishing ne
[See the full post at: OMG North Korea attacked the LA Times… and other nonsensical security stuff]

5 users thanked author for this post.

lurks about, Cybertooth, Elly, SueW, PhotM

Reply | Quote

Replies

My tin-foil hat will look absolutely normal at the New Year’s Eve party.

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

2 users thanked author for this post.

Elly, SueW

Reply | Quote

What is Ryuk ransomare?

I m not familiar with the term.

Reply | Quote

anonymous wrote:

What is Ryuk ransomare? I m not familiar with the term.

Brief summary here:  https://www.bleepingcomputer.com/news/security/ryuk-ransomware-crew-makes-640-000-in-recent-activity-surge/

2 users thanked author for this post.

Elly, woody

Reply | Quote

Thanks for the info on Ryuk

Reply | Quote

The news is the actual fake news, what’s new.

Now think just how much made up B* outlets [redacted – WL] have been filling people’s heads with over the last few years.

Same with the weather. As winter came, the newspapers were screaming we were going to be hit with a “strong polar vortex”, an “arctic blast” and a “carpet of snow” etc. Now a single flake has fallen, I’ve had to put my heating on about twice, all winter.

Those journalists should be taken to task [Bowdlerized – WL]  for spreading panic and hysteria.

Reply | Quote

Woody writes:

Along those same lines… I still haven’t heard of any Internet Explorer-based infections, ones worthy of the way-out-of-band emergency patch on Dec. 19. Remember how the “Windows security experts” were running around in circles, telling people they had to patch IE immediately, or face dire consequences? Yeah. Crickets.

Indeed, there’s entirely too much hysteria and alarmism going around, and not just about cybersecurity. But since that’s the specific subject here, let’s recall the “meltdown” over Spectre and similar vulnerabilities about a year ago. The amount of grief that that scare caused towers far above the actual harm done by the vulnerabilities.

 

Keep Running Windows 7 Safely for Years to Come  
Make Windows 10 look and work like Windows 7

3 users thanked author for this post.

lurks about, Elly, woody

Reply | Quote

Cybertooth wrote:

Woody writes:

Along those same lines… I still haven’t heard of any Internet Explorer-based infections, ones worthy of the way-out-of-band emergency patch on Dec. 19. Remember how the “Windows security experts” were running around in circles, telling people they had to patch IE immediately, or face dire consequences? Yeah. Crickets.

Indeed, there’s entirely too much hysteria and alarmism going around, and not just about cybersecurity. But since that’s the specific subject here, let’s recall the “meltdown” over Spectre and similar vulnerabilities about a year ago. The amount of grief that that scare caused towers far above the actual harm done by the vulnerabilities.

Hmm.

How would you know if your system(s) had been successfully penetrated via a side-channel attack?

Reply | Quote

On a scale of 1 to 10, where higher means more significant, the National Vulnerability Database rates the exploitability scores for Meltdown and Spectre as 1.1 and the impact scores as 4.0 (see here, here, and here). So according to the NVD, the attacks are extremely difficult to pull off, and their impact is “medium” even if they manage to be successfully implemented.

Last I heard from Woody about Meltdown/Spectre, this was a non-issue.

@Woody, have you seen anything since then to change your assessment?

Bottom line is, until and unless I hear otherwise, I am not going to spend even a second worrying whether any of my PCs might be infected by this.

 

Keep Running Windows 7 Safely for Years to Come  
Make Windows 10 look and work like Windows 7

Reply | Quote

I don’t worry about it.

If I had a major multi-tasking site that handled highly sensitive data, yeah, I’d be sweating. But for normal people? Naw.

That’s why I haven’t been covering it. There’s enough real stuff to worry about.

4 users thanked author for this post.

AlexEiffel, rick41, flackcatcher, Cybertooth

Reply | Quote

https://threatpost.com/ryuk-ransomware-emerges-in-highly-targeted-highly-lucrative-campaign/136755/  It still can be a targeted attack.  Not all ransomware is alike.

Susan Bradley Patch Lady/Prudent patcher

5 users thanked author for this post.

AlexEiffel, flackcatcher, EstherD, ch100, woody

Reply | Quote

‘Remember how the “Windows security experts” were running around in circles, telling people they had to patch IE immediately, or face dire consequences? Yeah. Crickets.’

Woody, I am more concerned with the poor sods with W10 Home who end up with box DOA because of an update than exploits. With good security software and avoiding the really dodgy sites most people are more likely to have a Windows update problem than an infection. Also, most attacks are aimed those who either can be shaken down or have oodles of personal information on large numbers of people. Neither describe most users. But we all have to update our computers no matter what OS we are using. So problems with OS updates are more problematic than an exploit for most users.

4 users thanked author for this post.

geekdom, Cybertooth, flackcatcher, woody

Reply | Quote