@PogoWasRight beautiful husky, I adopted a historically difficult Great Pyrenees rescue last April. It’s quite a journey.
@OutsideCasey
- 23 Followers
- 118 Following
- 241 Posts
@PogoWasRight my experience is limited to my org, we didn’t pay. We went through DR, rebuilt some environments. Another team identified the source of the breach (malicious email link), and we’ve done our best to improve policy and culture. That was the nail that finally got multi-factor auth approved by mgmt. Years ago now. It was a bad couple weeks with lots of OT.
@PogoWasRight it is certainly my opinion, but it’s ALWAYS. They are ALWAYS keeping the data. 100% There are no trustworthy extortionists.
@PogoWasRight deletion is impossible to verify. So the percentage you ask for would never be accurate. Anything an extortion group shows you is not trustworthy. Trusting them at *all* is a mistake. *ANY org* paying out for ransomeware extortion raises the threat for *EVERY* potential victim. Doing so gives the threat actor incentive to continue their behavior. Paying won’t protect you from next time.
Defense in depth and tested offline backups or immutable storage snapshots.
captain acab 
JP MensRFC 8567 "Customer Management DNS Resource Records" defines some interesting DNS RRtypes, including CREDITCARD and PASSWORD.
@mhoye the phrase “tyranny of defaults” comes to mind.
Craig S. KaplanIn my online undergraduate P5.js course, students are about to begin the module on motion and physics, including a bit of physics simulation using Matter.js. It suddenly occurred to me that I had never seen anybody put together this particular demo before, and I realized it had to be done. Messy source code at https://editor.p5js.org/isohedral/full/vJa5RiZWs.