Windows TCO, Security, and More
-
Windows TCO
-
The Register UK ☛ The anatomy of the British Library ransomware nightmare
The Rhysida ransomware attack on the British Library last October didn't have the visceral physical aspect that creates a folk memory, but it should for anyone who makes enterprise IT. Five months on, not only are significant systems not restored, they've gone forever. Remedial work and rebuilding is going to drain cash reserves intended to last seven years. It was and is bad. What makes it even more exceptional is that we now know what happened and why.
The gories are all in a substantial, detailed report released by the British Library itself. It's a must-read if your life involves any risk of a 2am phone call demanding you drive to the datacenter, even more so if it's the CEO pulling up the Teams meeting in ten minutes. Truth is, it's worth much more than a read, once you realize what the report represents. To get there, let's look at what the institution actually represents.
-
The Register UK ☛ British Library’s legacy IT blamed for lengthy rebuild
It also highlights the "historically complex network topology" that ultimately afforded the Rhysida affiliate wider access to, and opportunities to compromise, its network and systems than they would normally expect with more typical corporate targets.
-
Exponential-e Ltd ☛ Ransomware: lessons all companies can learn from the British Library attack [Ed: As a reminder, the British Library is where Microsoft got Pedo Peter from. And the British Library is notable for Microsoft shilling, including OOXML shilling.]
In October 2023, the British Library suffered "one of the worst cyber incidents in British history," as described by Ciaran Martin, ex-CEO of the National Cyber Security Centre (NCSC).
The notorious Rhysida ransomware gang broke into one of the world's greatest research libraries, encrypting or destroying much of its data, and exfiltrating 600 GB of files, including personal information of British Library staff and users.
-
-
Python
-
Security Week ☛ Top Python Developers Hacked in Sophisticated Supply Chain Attack
Multiple Python developers, including a maintainer of Top.gg, were infected with information-stealing malware after downloading a malicious clone of a highly popular tool, Checkmarx reports.
Called Colorama, the utility makes ANSI escape character sequences work on Windows and has more than 150 million monthly downloads.
-
The Register UK ☛ Over 170K users caught up in poisoned Python package ruse
More than 170,000 users are said to have been affected by an attack using fake Python infrastructure with "successful exploitation of multiple victims."
According to CheckMarx, members of the Top.gg GitHub organization – a top resource for Discord bot makers – as well as other developers were targeted, and it all hinged on various supply chain attack techniques to distribute malware-infected Python PyPI packages.
-
-
Integrity/Availability/Authenticity
-
CBC ☛ 2024-03-21 [Older] B.C. investment fraud victim thinks he was able to recover his $735K thanks to similar Manitoba case
-
Daniel Miessler ☛ Efficient Security Principle (ESP)
In other words, the way we know something has the “right” amount of security —acceptable, not ethically or morally—is when people just keep using it. There are countless examples.
• Online companies, when they get hacked constantly
• Email use at companies, when it’s the #1 way to get compromised
• Online banking, when fraud is constant
• Front door locks, when they’re trivial to pick
• The internet in general, when we know it’s an open wound
We use these things anyway because the value they provide massively outweighs the security risks in our minds.
-