(coming to you from the friendly wifi of United Airlines as I fly to the Quest/The Experts Conference) So twice lately someone has asked about article
[See the full post at: Patch Lady – I smell a Rat]
Susan Bradley Patch Lady/Prudent patcher
|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
-
Patch Lady – I smell a Rat
- This topic has 13 replies, 10 voices, and was last updated 5 years, 8 months ago by
.
AuthorViewing 6 reply threadsAuthor-
-
https://www.channele2e.com/technology/security/texas-ransomware-attacks-msp-industry/
That’s the Texas ransomware that (reportedly) came in via their managed service provider.
Susan Bradley Patch Lady/Prudent patcher
-
Eeek! That is a bad way to get infected — by the service provider and not by the employees who were using the state government computers.
This is a real riot. Virtually all states publicly disclose their bidding process, and disclose the winning bidder. Great! So now a city, say Dallas, publicly discloses what vendors won the bidding process for AV software or for anti-ransomware. Now bad actors know what their potential target software is. Even worse is when bad actors know that there are no anti-ransomware defenses because there never was any bidding process for any of the specialized anti-ransomware defenses which are used by large corporations.
No wonder the computer networks of state agencies are “sitting duck” targets.
-
I wonder about the situation in the State and Federal governments; if there have been attacks also brought to them, unwittingly, by IT contractors supposed to provide “security”, not by careless or clueless civil servants. As a consultant working with NASA, I have to take, every year, a long (and getting longer) IT security test to be allowed to even see my email at a NASA site, not to mention to use computers there. Wouldn’t it be ironic if, for example, the people in IT security, or even those preparing the tests, were also, quite unintentionally, bringing in such malicious bugs?
Two years ago, there was a big problem in the UK when their National Health Service, that pays for and organizes the medical care most people get there (something like what medicare does here for the elderly), was infected with the WannaCry ransomware across many of its computer installations. The reason in that case? Poor IT security in place:
https://www.bbc.com/news/technology-41753022
“An assessment of 88 out of 236 trusts by NHS Digital before the attack found that none passed the required cyber-security standards.”
Sounds familiar? Unfortunately, it does.
Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).
MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV
-
-
-
I see an article from Forbes at least once a week about Microsoft “Issuing an alert to millions of Windows users.” It’s getting so bad that I now have Forbes hidden from my news feeds.
4 users thanked author for this post.
-
I read both of those articles and came away shaking my head.
Should’ve been shaking my fist.
What really hurts is when drivel like this makes it to the mainstream media.
4 users thanked author for this post.
-
It IS disheartening, isn’t it? The worst part about it is that it’s all about fright tactics to up the click count, so they can squeeze more money out of their advertisers. “See? Look at how many more views we have!”
When push comes to shove, the love of money always seems to eclipse values, standards, even human life, more and more. But I digress…(a habit of the old. Sorry.)
I’d like to see a topic started (Gee, I might do it myself!) regarding what everyone thinks are credible security threat sources/sites and what are NOT, especially in the on-line Infosec pub world. (Woody’s would be right up there with the good guys!)
Win7 Pro SP1 64-bit, Dell Latitude E6330 ("The Tank"), Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Newbie
--
"The more kinks you put in the plumbing, the easier it is to stop up the pipes." -Scotty -
Forbes is definitely mainstream & even CNN jumped on the alarm bandwagon when August’s Patch Tuesday rolled around. Wonder if “Facts First” will start spreading the “Complete Control” panic around soon? I searched for the phrase in quotes & got nothing so far; in Business as well as All CNN. As for mspoweruser.com, they seem more niche to me. I suspect they got the “scoop” from Davey Winder of Forbes, rather than vice versa.
Bought a refurbished Windows 10 64-bit, currently updated to 22H2. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...
-
-
-
Sick of MSM peddling OMG ALERT ALERT EMERGENCY, YOU SHOULD FEEL FEAR AND SHOCK! at everything.
We have weather, during winter we’re going to get ARCTIC BLASTS, and WALLS OF SNOW and POLAR VORTEX, and summer a SCORCHING HEATWAVE etc. Then with tech we have OMG PATCH NOW, UBER VIRUS OUT PATCH PATCH, BATTON THE HATCHES, DON’T GO ONLINE FOR 3 MONTHS! (despite there not even being any patches out).
You edited one of my previous posts to softly say “they should be taken to task”, but you know what they really need. These people writing these articles do so to intentionally cause terror, for political or financial gain. With the former, that’s literally terrorism, and there’s no excuse for it.
These people actually want the general public, their own audience even, to be sat cowering in fear and anxiety, 24/7. Makes me sick.
What they should be teaching is, “This is business as usual. These sort of threats are always out there. Learn and follow good I.T security principles and standards. Just as you lock your door at night to secure your house, learn the basics of securing your computer, and go about your day.”
1 user thanked author for this post.
-
-
The problem is that when the big voices call WOLF all the time, when the wolf does come it’s just business as usual.
Our best protection is precaution and prevention on a rational scale, the bear catches the slowest runner..
Just because you don't know where you are going doesn't mean any road will get you there.
Viewing 6 reply threads - This topic has 13 replies, 10 voices, and was last updated 5 years, 8 months ago by
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
Marriage Counseling – Manages To Do It Save Our Marriage? (Awaiting moderation)
by 4 hours, 56 minutes ago
-
Where’s the cache today?
by 4 hours, 48 minutes ago
-
Ascension says recent data breach affects over 430,000 patients
by 11 hours, 54 minutes ago
-
Nintendo Switch 2 has a remote killing switch
by 12 hours, 15 minutes ago
-
Blocking Search (on task bar) from going to web
by 5 hours, 30 minutes ago
-
Windows 10: Microsoft 365 Apps will be supported up to Oct. 10 2028
by 22 hours, 3 minutes ago
-
Add or Remove “Ask Copilot” Context Menu in Windows 11 and 10
by 22 hours, 9 minutes ago
-
regarding april update and may update
by 23 hours, 39 minutes ago
-
MS Passkey
by 1 hour, 35 minutes ago
-
Can’t make Opera my default browser
by 1 day, 7 hours ago
-
*Some settings are managed by your organization
by 18 hours, 2 minutes ago
-
Formatting of “Forward”ed e-mails
by 1 day, 6 hours ago
-
SmartSwitch PC Updates will only be supported through the MS Store Going Forward
by 2 days, 1 hour ago
-
CISA warns of hackers targeting critical oil infrastructure
by 2 days, 10 hours ago
-
AI slop
by 4 hours, 50 minutes ago
-
Chrome : Using AI with Enhanced Protection mode
by 2 days, 12 hours ago
-
Two blank icons
by 23 hours, 56 minutes ago
-
Documents, Pictures, Desktop on OneDrive in Windows 11
by 2 days, 21 hours ago
-
End of 10
by 2 days, 23 hours ago
-
Single account cannot access printer’s automatic duplex functionality
by 1 day, 21 hours ago
-
test post
by 3 days, 5 hours ago
-
Privacy and the Real ID
by 2 days, 19 hours ago
-
MS-DEFCON 2: Deferring that upgrade
by 22 hours, 15 minutes ago
-
Cant log on to oldergeeks.Com
by 3 days, 10 hours ago
-
Upgrading from Win 10
by 1 day, 21 hours ago
-
USB webcam / microphone missing after KB5050009 update
by 2 days, 1 hour ago
-
TeleMessage, a modified Signal clone used by US government has been hacked
by 4 days, 1 hour ago
-
The story of Windows Longhorn
by 3 days, 13 hours ago
-
Red x next to folder on OneDrive iPadOS
by 4 days, 3 hours ago
-
Are manuals extinct?
by 1 day, 4 hours ago
Remembering Woody
