|
|
|
|
|
|
by qyi
1829 days ago
|
|
|
The standard business solution to solve security issues - for example like having all your database in a public folder - is to get a guy to implement "security" (whatever that means) who is 40 years old and is really confident he knows what he is doing. He will go configure some firewalls and stuff that has absolutely nothing to do with preventing any real risk aside from automated attacks. Every time someone still gets the files from some 90's vuln, everyone is surprised that some sooper dooper hacker wizard was able to own their fortune 500 company. > The least deployed solutions post-attack included web scanning (40%), endpoint detection and response (EDR) and extended detection and response (XDR) technologies (38%), antivirus software (38%), mobile and SMS security solutions (36%), and managed security services provider (MSSP) or managed detection and response (MDR) provider (34%). Only 3% of respondents said they did not make any new security investments after a ransomware attack. uh huh. uh huh. uh huh. uh huh. Meanwhile, for example, earlier today: a web search for "cat /etc/passwd" blocks my IP. What even is the point of this article? _Of course_ if you don't patch they will just hack you again. _Of course_ if your company follows terrible 90's practices, it will get owned again. |
|
|