Another Day, but the same threat profile
I was reading just the other day about another successful ransomware attack that followed the usual profile -- a bit of social engineering drives a vulnerable system to a website that's able to download malware to the target system and so on.
When are we going to learn that allowing remote execution of any code is likely to cause problems? The problem is never Chinese this or Russian that (often the puerps tend to live in more prosaic places like Southhampton but that doesn't make for good news copy). The problem is that we're still designing and distributing lousy code that breaks all sorts of fundamental design rules. "They" know this and seem to be hardening their systems, why can't "we"?
Biting the hand that feeds IT
