Are we shocked that they don't want to spend money on stuff they don't understand? US pipeline ransomware attack serves as fair warning to persistent corporate inertia over security | ZDNet
And what they don't understand is immense.
Organizations that continue to disregard the need to ensure they have adopted basic cybersecurity hygiene practices should be taken to task. This will be critical, especially as cybercriminals turn their attention to sectors where cyber threats can result in real-world risks, as demonstrated in the US Colonial Pipeline attack.
And if you thought the Microsoft Exchange Server zero-day/update fiasco was bad (it was), this promises to be worse. Critical 21Nails Exim bugs expose millions of servers to attacks
Most of those servers will not be patched, ever. A lot of them won't get patched in a "timely fashion." (See the story linked at the top.)
Exim is the default [Mail Transfer Agent (MTA)] on Debian Linux distros and currently the world's most popular MTA, according to a mail server survey from May 1st, 2021. [SNIP]
However, a BinaryEdge search found over 3,564,945 Exim mail servers running vulnerable versions exposed to attack over the Internet.
The net result will be that Colonial Pipeline will only be the first domino that gets knocked over. A whole bunch of other companies will be hit soon.
A working internet was nice while it lasted.
No comments:
Post a Comment
Comment Moderation is in place. Your comment will be visible as soon as I can get to it. Unless it is SPAM, and then it will never see the light of day.
Be Nice. Personal Attacks WILL be deleted. And I reserve the right to delete stuff that annoys me.