It& #39;s always interesting when I take a few weeks off then spend my first day back sorting (in this case 13) pages of links to news articles into a run sheet. For the first time in years I just have an uneasy feeling about the state of security...
                        
                        
                        
                        
                                                
                    
                    
                                    
                    
                        
                        
                        We& #39;re seeing a bunch of disturbing trends combined with the resurgence of old concerns. One example? Malvertising is coming back thanks to all the browser 0days... combine that with the ransomware trend and yikes.
                        
                        
                        
                        
                                                
                    
                    
                                    
                    
                        
                        
                        Add to that the sheer volume of clownshoe bugs in enterprise gear *actually being exploited* and supply chain stuff... well... it& #39;s pretty crazy out there right now. I don& #39;t think the world is ending, but it& #39;s going to be a rough couple of years.
                        
                        
                        
                        
                                                
                    
                    
                                    
                    
                        
                        
                        The bad guys also have their shit together to a degree that I& #39;ve never seen before, particularly those operating in "bulletproof jurisdictions" like Russia and DPRK. I& #39;ve been reporting on infosec for 20 years now and the level of alpha adversaries has never been like this.
                        
                        
                        
                        
                                                
                    
                    
                                    
                    
                        
                        
                        Aaaaaand they& #39;re still getting better/improving. Not just technically but operationally. This is just one of many examples. It& #39;s all been turned into process. Like mowing the lawn. https://therecord.media/sap-systems-usually-come-under-attack-72-hours-after-a-patch/">https://therecord.media/sap-syste...
                        
                                                
                            
                                
                                
                                
                            
                            
                        
                        
                        
                        
                                                
                    
                    
                                    
                    
                        
                        
                        Looking at three week& #39;s news scrapes after some time off be like...
                        
                        
                                                    
                        
                        
                                                
                    
                    
                
                 
                         Read on Twitter
Read on Twitter 
                                     
                                    