Woosh?

What a dummy!

Nothing you said is wrong, in fact it’s all good advice. But none of what you listed implicitly provides protection against ransomware either.

For that you need backups that are immutable. That is, even you as the admin cannot alter, encrypt, or delete them because your threat model should assume full admin account compromise. There are several onprem solutions for it and most of the cloud providers offer immutable storage now too.

And at the very least, remove AD SSO from your backup software admin portals (and hypervisors); make your admins use a password safe.

“To read the purported PDF document, victims are persuaded to click a URL containing a list of steps to register their Windows system. The registration link urges them to launch PowerShell as an administrator and copy/paste the displayed code snippet into the terminal, and execute it.”

This is not new, nor is it newsworthy.

The can opener.

Yeah this article is complete garbage. Who upvotes this stuff?

I will never understand how anyone could come to thinking aspic was a good idea.

https://en.m.wikipedia.org/wiki/Aspic

Wow Forbes cybersecurity reporting is absolute dog shit. So much text to say absolutely nothing useful.

Anyway, this is just an AITM redirection onto a malicious site in the middle that pretends to be the MFA portal and intercept the session cookie.

I’m guessing most of the younger crowd here has never seen When Harry Met Sally.

https://youtu.be/iEV_pQIf3Og

most of those drinks are specifically designed with the ice in mind

Citation Needed

This almost describes mine and my wife’s experience to a tee.

I feel bad for anyone trying to date online in this enshittified world today.

Probably the 9950x3d. And we’ve known for a while now that the cache would only be on one CCD.

Yeah you really need a password or TPM PIN protector to protect from cold boot attacks if that is in your threat model.

Bitlocker is extra vulberable because it stores the key in the TPM and requires no password to boot. An attacker can extract the key even if the computer is off when they get it.

This is not true.

You would additionally need to bypass Secure Boot with a separate exploit such as the one in this article (which is mitigated by disabling USB boot) or LogoFAIL to put the TPM PCRs in a state where the keys can be released.

LUKS2 is no different here as either can be TPM-only or require a separate PIN.

An SSO-like payment system with tracking and revocation is a great idea and would be amazing for us consumers. I’m just not holding my breath waiting for the corpos to implement it.

While nowhere near perfect (far from it, really), as long as the sites you are shopping on are PCI-compliant (most should be), you don’t have to worry too much about a compromised site leaking your payment details for use elsewhere.

Basically just use a password manager and don’t worry about saving credit card (NOT debit card) details in the site as long as they aren’t extra-sketchy.

Same here. Sometimes the same/next day shipping can help in an emergency, but otherwise it’s local if possible, or direct from the vendor if not.

Amazon’s shipping has declined and everyone else’s has caught up to the point it’s not much of a difference anymore.

It doesn’t sound like he can do that without giving up his ownership stake in his company. Or is that what you are suggesting?

They got rid of hyperthreading in Gen 15.

We still do.