GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    Kevin Beaumont (gossithedog@cyberplace.social)'s status on Tuesday, 23-Sep-2025 16:55:44 JST Kevin Beaumont Kevin Beaumont

    Jaguar Land Rover have extended their car production shutdown for at least another week: https://www.bbc.com/news/articles/c15kpxnn2p2o

    There’s a curious and unsourced line at the end of the BBC article: “JLR is currently taking the lead on support for its own supply chain, rather than any state intervention.”

    If so, why are suppliers laying off staff and calling for government intervention?

    In conversation about 10 months ago from cyberplace.social permalink

    Attachments


    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Tuesday, 02-Sep-2025 22:23:01 JST Kevin Beaumont Kevin Beaumont

      Jaguar Land Rover have contained their network and stopped production after what appears to be a ransomware incident. VPNs and network border in UK all down.

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Tuesday, 02-Sep-2025 22:32:31 JST Kevin Beaumont Kevin Beaumont
      in reply to

      Jaguar Land Rover moved their cybersecurity and IT functions to TCS two years ago 🫡

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Tuesday, 02-Sep-2025 23:27:20 JST Kevin Beaumont Kevin Beaumont
      in reply to

      Jaguar Land Rover is ransomware, I can see network traffic from infrastructure used by multiple e-crime groups over the past week.

      They (JLR) appear to be doing contain to eradicate, i.e. all UK border services shut, Windows infrastructure offline etc.

      In conversation about 10 months ago permalink
    • Embed this notice
      J$ (js@mastodon.nl)'s status on Tuesday, 02-Sep-2025 23:34:24 JST J$ J$
      in reply to

      @GossiTheDog JLR allowed Windows in their infrastructure. Those seeking to celebrate the same achievements should follow the lead.

      The rest of us: keep the leper colony at bay.

      In conversation about 10 months ago permalink
    • Embed this notice
      翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Tuesday, 02-Sep-2025 23:38:26 JST 翠星石 翠星石
      in reply to
      • Christoffer S.
      @nopatience @GossiTheDog Windows is not cheap - it has extremely expensive "license" fees, things break all of the time and there is also the cost of getting hit by ransomware.

      The cost of breaking all of microsoft's shackles over the short term just seems expensive compared to continuing to use windows.
      In conversation about 10 months ago permalink
    • Embed this notice
      Christoffer S. (nopatience@swecyb.com)'s status on Tuesday, 02-Sep-2025 23:38:28 JST Christoffer S. Christoffer S.
      in reply to

      @GossiTheDog Cheap will almost always prevail, until it doesn't.

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Wednesday, 03-Sep-2025 04:50:28 JST Kevin Beaumont Kevin Beaumont
      in reply to

      Jaguar Land Rover latest from the outside looking in.

      AS205756 aka JAGUAR LAND ROVER AUTOMOTIVE PLC is shut down - UK network only (however it hosts their most important infrastructure).

      Staff have been told not to turn up to manufacturing facilities.

      Tata Motors (parent company) appears to be online still but looks like a mess on Shodan, e.g. lots of SAP Netweaver boxes dangling directly off the internet.

      In conversation about 10 months ago permalink
    • Embed this notice
      Mark Koek (mkoek@mastodon.nl)'s status on Wednesday, 03-Sep-2025 05:09:30 JST Mark Koek Mark Koek
      in reply to

      @GossiTheDog Did a Red Team against a TCS-run SOC once. So easy it wasn’t even funny.

      In conversation about 10 months ago permalink
    • Embed this notice
      apth (apth@infosec.exchange)'s status on Wednesday, 03-Sep-2025 05:43:25 JST apth apth
      in reply to

      @GossiTheDog I would love to hear a little bit about what you're using to see that network traffic, as an aspiring CTI nerd

      In conversation about 10 months ago permalink
    • Embed this notice
      Alameals (alameals@cyberplace.social)'s status on Wednesday, 03-Sep-2025 18:36:55 JST Alameals Alameals
      in reply to

      @GossiTheDog Any claimed responsibility for this yet?

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Wednesday, 03-Sep-2025 19:25:25 JST Kevin Beaumont Kevin Beaumont
      in reply to

      JLR - network border all still offline. Liverpool Echo reports factory production still at all stop.

      In conversation about 10 months ago permalink
    • Embed this notice
      Alex (alex02@cyberplace.social)'s status on Wednesday, 03-Sep-2025 23:02:24 JST Alex Alex
      in reply to

      @GossiTheDog they must like the party van.

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Wednesday, 03-Sep-2025 23:02:25 JST Kevin Beaumont Kevin Beaumont
      in reply to

      The lapsus$ guys are taking credit for the Jaguar Land Rover thing, speed run to see how many times they can get v&'d in 5 years.

      In conversation about 10 months ago permalink
    • Embed this notice
      Alex (alex02@cyberplace.social)'s status on Wednesday, 03-Sep-2025 23:05:20 JST Alex Alex

      @GossiTheDog these kids have no idea how badly they're ruining their future. I have a misdeamnor cuz I took a plea deal and I still got majorily fucked. I bet they think becoming infamous like the kids in the 90's and early 2000's will make them rich and famous while landing jobs with zero effort.

      In conversation about 10 months ago permalink
    • Embed this notice
      Alex (alex02@cyberplace.social)'s status on Thursday, 04-Sep-2025 00:19:36 JST Alex Alex
      in reply to

      @GossiTheDog o_O

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 04-Sep-2025 00:19:38 JST Kevin Beaumont Kevin Beaumont
      in reply to

      I can see ecrime infrastructure was talking to this at JLR https://beta.shodan.io/host/185.193.35.39

      It's a SAP Netweaver box. The Lapsus$ kids have been running around with a SAP exploit for a while, prior thread reference: https://cyberplace.social/@GossiTheDog/115005311849134541

      In conversation about 10 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: beta.shodan.io
        185.193.35.39It
        Search Engine for the Internet of Things
      2. Domain not in remote thumbnail source whitelist: cyberplace.social
        Kevin Beaumont (@GossiTheDog@cyberplace.social)
        from Kevin Beaumont
        Attached: 1 image What a time to be alive Tl;dr of the Scatter Spider LAPSUS$ chat aka fuckmandiantunit221bcr0wdshart is: - they’ve owned a lot of big companies by phoning them up and asking for access - this includes orgs who haven’t disclosed their incidents - they also appear to have an Oracle WebLogic exploit (unclear if zero day) and a SAP Netweaver exploit and used that to get inside orgs - They appear to also be (or owned) ShinyHunters ransomware, as they include internal ShinyHunter emails and IMs.
    • Embed this notice
      Alex (alex02@cyberplace.social)'s status on Thursday, 04-Sep-2025 00:20:53 JST Alex Alex
      in reply to

      @GossiTheDog imagine bragging about this being so easy when they probably bought the exploit with bitcoin.

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 04-Sep-2025 00:20:55 JST Kevin Beaumont Kevin Beaumont
      in reply to

      The lapsus$ guys also posted this screenshot, on an internal Jaguar Land Rover SAP box last night:

      In conversation about 10 months ago permalink

      Attachments


      1. https://cyberplace.social/system/media_attachments/files/115/141/028/360/932/279/original/b2dbfb38b546080e.png
    • Embed this notice
      Jon PENNYCOOK (jonpsp@mstdn.social)'s status on Thursday, 04-Sep-2025 00:41:40 JST Jon PENNYCOOK Jon PENNYCOOK

      @GossiTheDog have they really still got servers in the ford.com domain after all these years?

      In conversation about 10 months ago permalink

      Attachments


    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 04-Sep-2025 03:50:06 JST Kevin Beaumont Kevin Beaumont

      The lapsus guys continue to go nuts on IRC^H^H^HTelegram https://www.bbc.co.uk/news/articles/c4gqepe5355o

      In conversation about 10 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: ichef.bbci.co.uk
        M&S hackers claim to be behind Jaguar Land Rover cyber attack
        The hack has caused severe disruption at manufacturing plants globally, with some staff told not to come into work.
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 04-Sep-2025 05:42:35 JST Kevin Beaumont Kevin Beaumont
      in reply to

      To back up ReliaQuest - this is the exploit LAPSUS guys have running around with on SAP Netweaver, just had a look this evening after acquiring the exploit. https://reliaquest.com/blog/threat-spotlight-reliaquest-uncovers-vulnerability-behind-sap-netweaver-compromise/

      There’s a metric ton - over 5 figures - of these boxes directly internet facing. Worse; from version printing, less than 5% are patched for the two CVEs being exploited.

      In conversation about 10 months ago permalink

      Attachments


      1. https://cyberplace.social/system/media_attachments/files/115/142/288/116/732/815/original/281c73aed6b48701.jpeg

    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 04-Sep-2025 20:50:39 JST Kevin Beaumont Kevin Beaumont
      in reply to

      Liverpool Echo reports Jaguar Land Rover production still isn't running, with factory stop told to stay at home, and report it impacts all manufacturing locations. https://www.liverpoolecho.co.uk/news/liverpool-news/update-jaguar-land-rover-shut-32411513

      Separately, the network border is also still offline (I have monitoring in place to see when they come back online).

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 04-Sep-2025 20:54:53 JST Kevin Beaumont Kevin Beaumont
      in reply to

      If anybody runs into a LAPSUS$ incident at their org hit me up on Signal, I can try to help profile their MO as been there, done that.

      They'll frequently not even bother to deploy ransomware, they'll also do crazy things (and like to write about poo, and send people poo packages in the mail). It's basically like fighting Mr Bean, who is also good at computers.

      In conversation about 10 months ago permalink

      Attachments


    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 04-Sep-2025 21:09:59 JST Kevin Beaumont Kevin Beaumont
      in reply to

      This isn't anything against the LAPSUS guys btw as they're basically having a five year ninja fight with Mandiant, DART, cyber standards and law enforcement while playing teenage Mr Bean and lets be honest... that's pretty funny and eye opening.

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 04-Sep-2025 22:47:15 JST Kevin Beaumont Kevin Beaumont
      in reply to

      ITV reports Jaguar Land Rover has shut down car production in the UK, Slovakia, China, India and Brazil.
      https://www.itv.com/news/2025-09-04/jaguar-land-rover-temporarily-halts-all-car-production-following-cyber-attack

      In conversation about 10 months ago permalink

      Attachments


    • Embed this notice
      Gary :party_porg: (witewulf@cyberplace.social)'s status on Thursday, 04-Sep-2025 23:20:19 JST Gary :party_porg: Gary :party_porg:
      in reply to

      @GossiTheDog

      In conversation about 10 months ago permalink

      Attachments


    • Embed this notice
      Stephan (erlenmayr@chaos.social)'s status on Friday, 05-Sep-2025 00:36:00 JST Stephan Stephan
      in reply to

      @GossiTheDog That does not sound like ransomware any more. That sounds like an SAP migration.

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Friday, 05-Sep-2025 03:11:19 JST Kevin Beaumont Kevin Beaumont
      in reply to

      ITV News 6pm lead story on Jaguar Land Rover

      Key take away is anonymous source at JLR saying they may need UK government support for motor sector off the back of the incident.

      https://www.youtube.com/watch?v=V4xQz0iKK4g

      In conversation about 10 months ago permalink
    • Embed this notice
      Just_Patch_It (just_patch_it@cyberplace.social)'s status on Friday, 05-Sep-2025 06:03:21 JST Just_Patch_It Just_Patch_It
      in reply to

      @GossiTheDog well I’m glad I don’t have that shit hanging off my edge.

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Friday, 05-Sep-2025 20:50:22 JST Kevin Beaumont Kevin Beaumont
      in reply to

      JLR is keeping all factory production suspended today, tomorrow, Sunday and at least Monday (possibly longer) in UK, Slovakia, China, India and Brazil.
      https://www.liverpoolecho.co.uk/news/liverpool-news/jaguar-land-rover-staff-until-32413174

      In conversation about 10 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: i2-prod.liverpoolecho.co.uk
        JLR staff to be off until at least Tuesday as cyber crisis grows
        from https://www.facebook.com/LiamThorpECHO
        Email to production workers at car giant's Halewood plant says they will be stood down on Friday and Monday after hack
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Friday, 05-Sep-2025 20:57:00 JST Kevin Beaumont Kevin Beaumont
      in reply to

      JLR direct employ 32k people in the UK so I imagine there's going to be ripple effects on the wider economy off the back of this one the longer it goes on.

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Friday, 05-Sep-2025 21:08:48 JST Kevin Beaumont Kevin Beaumont
      in reply to

      Meanwhile the LAPSUS guys were busy posting large numbers of US defense Top Secret marked documents last night. They've seen been deleted from Telegram.

      In conversation about 10 months ago permalink
    • Embed this notice
      Greem (Graeme. Not Graham!) (greem@cyberplace.social)'s status on Friday, 05-Sep-2025 21:53:52 JST Greem (Graeme. Not Graham!) Greem (Graeme. Not Graham!)
      in reply to

      @GossiTheDog the docs, or the LAPSUS folks?

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 06-Sep-2025 05:18:17 JST Kevin Beaumont Kevin Beaumont
      in reply to

      One surprising thing with the Jaguar Land Rover incident - they've only isolated JAGUAR LAND ROVER AUTOMOTIVE PLC (AS205756), the UK network. The India, China etc networks are still online.

      When I dealt with LAPSUS elsewhere they entered via a different country network/biz unit and then pivoted to target country/biz unit.

      In conversation about 10 months ago permalink
    • Embed this notice
      Seven (creativegamingname@cyberplace.social)'s status on Saturday, 06-Sep-2025 05:55:31 JST Seven Seven
      in reply to

      @GossiTheDog this whole event is... extra.

      But you caught me with the IRC^H^H backspace.

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Sunday, 07-Sep-2025 05:46:46 JST Kevin Beaumont Kevin Beaumont
      in reply to

      JLR UK have got one internet facing system back online - wslx.jlrext.com

      Single factor auth only because that's how automotives roll. If you visit direct IP, it's still branded Ford - Ford sold the business in 2008.

      In conversation about 10 months ago permalink

      Attachments


      1. https://cyberplace.social/system/media_attachments/files/115/159/299/569/876/844/original/05fd184fd3380da1.png

      2. https://cyberplace.social/system/media_attachments/files/115/159/304/176/412/317/original/98e3fae443376099.png
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Tuesday, 09-Sep-2025 06:43:12 JST Kevin Beaumont Kevin Beaumont
      in reply to

      Just checked in on JLR - factory production won't be resuming tomorrow (day 7).

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Wednesday, 10-Sep-2025 02:23:09 JST Kevin Beaumont Kevin Beaumont
      in reply to

      Jaguar Land Rover car production is still shut down tomorrow, day 8. I’ve checked the network border, everything except one system in UK is also still offline.

      In conversation about 10 months ago permalink
    • Embed this notice
      Just_Patch_It (just_patch_it@cyberplace.social)'s status on Wednesday, 10-Sep-2025 10:16:03 JST Just_Patch_It Just_Patch_It
      in reply to

      @GossiTheDog that’s $40 million gone poor, just in sales profits.

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Wednesday, 10-Sep-2025 19:52:07 JST Kevin Beaumont Kevin Beaumont
      in reply to

      JLR are keeping car production closed until least this weekend. They also say “some data was impacted”, whatever that means.

      https://www.liverpoolecho.co.uk/news/liverpool-news/jaguar-land-rover-issues-crisis-32447659

      In conversation about 10 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: i2-prod.liverpoolecho.co.uk
        Jaguar Land Rover issues update after staff told to stay at home
        from https://www.facebook.com/LiamThorpECHO
        Ten days after the major car manufacturer was hit by a cyber attack staff have still not returned to the factory
    • Embed this notice
      Khleedril (khleedril@cyberplace.social)'s status on Wednesday, 10-Sep-2025 22:21:12 JST Khleedril Khleedril
      in reply to

      @GossiTheDog It will be funny if cars start rolling off the production lines with manufactured dents in them.

      In conversation about 10 months ago permalink
    • Embed this notice
      Alex (alex02@cyberplace.social)'s status on Thursday, 11-Sep-2025 04:49:44 JST Alex Alex
      in reply to

      @GossiTheDog is this why uk keeps getting pwned by kids?

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 11-Sep-2025 04:49:45 JST Kevin Beaumont Kevin Beaumont
      in reply to

      JLR shouldn't feel bad, Tata Motors (their parent) is way worse shape. They've even got Exchange Server with OWA internet facing without MFA.

      In conversation about 10 months ago permalink

      Attachments


    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 11-Sep-2025 04:49:46 JST Kevin Beaumont Kevin Beaumont
      in reply to

      JLR have started switching border routers back on (don't ask me why SNMP, NTP and SSH are internet facing).

      In conversation about 10 months ago permalink

      Attachments


      1. https://cyberplace.social/system/media_attachments/files/115/181/690/008/253/837/original/1771ad1e0c1a2be3.png

      2. https://cyberplace.social/system/media_attachments/files/115/181/691/371/264/487/original/4297dc1fb810b220.png
    • Embed this notice
      Alex (alex02@cyberplace.social)'s status on Thursday, 11-Sep-2025 04:57:21 JST Alex Alex

      @GossiTheDog I was making a joke... xD

      In conversation about 10 months ago permalink
    • Embed this notice
      lfzz (lfzz@mastodon.social)'s status on Thursday, 11-Sep-2025 05:13:15 JST lfzz lfzz
      • Alex

      @GossiTheDog @alex02 wait do you mean the overstaffed audit team is actually useless checkbox generator while I can't even get a junior hired because "security team are expensive" and we should be able to automate/ai/buzzworddujours our work away? I am very shocked!

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Friday, 12-Sep-2025 05:40:49 JST Kevin Beaumont Kevin Beaumont
      in reply to

      Jaguar Land Rover have told factory workers worldwide to stay home until at least next Wednesday, which will be 17 days since the cyber incident began. https://www.bbc.co.uk/news/articles/c3e712nvyz9o.amp

      In conversation about 10 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: ichef.bbci.co.uk
        Jaguar Land Rover plants shut until Wednesday after cyber attack
        Staff in Solihull, Halewood and Wolverhampton have been told not to come into work until Wednesday.
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 13-Sep-2025 02:21:55 JST Kevin Beaumont Kevin Beaumont
      in reply to

      Unite are calling on the government to urgently intervene over the Jaguar Land Rover cyber incident, to introduce a furlough scheme for their suppliers.

      https://www.unitetheunion.org/news-events/news/2025/september/jlr-supply-chain-workers-impacted-by-cyberattack-must-receive-government-support-says-unite

      In conversation about 10 months ago permalink

      Attachments


    • Embed this notice
      Gary :party_porg: (witewulf@cyberplace.social)'s status on Saturday, 13-Sep-2025 03:46:35 JST Gary :party_porg: Gary :party_porg:
      in reply to

      @GossiTheDog as a tax payer, but also a union member: screw that.

      JLR should have insurance to cover this.

      In conversation about 10 months ago permalink
    • Embed this notice
      Just_Patch_It (just_patch_it@cyberplace.social)'s status on Saturday, 13-Sep-2025 05:27:51 JST Just_Patch_It Just_Patch_It
      in reply to

      @GossiTheDog Have they not heard of Disaster Recovery? It’s also called “Business Continuity Plan” just in case I’m not clear.

      In conversation about 10 months ago permalink
    • Embed this notice
      Greem (Graeme. Not Graham!) (greem@cyberplace.social)'s status on Saturday, 13-Sep-2025 05:36:59 JST Greem (Graeme. Not Graham!) Greem (Graeme. Not Graham!)
      in reply to
      • Gary :party_porg:

      @WiteWulf

      It isn't JLR that's affected here though (although they are, and friends of mine who work for them are currently having nightmares) - it's their suppliers. By that argument, they should also have insurance.
      I guess tying a small company's entire output to one upstream behemoth used to be a safe bet, but not now.

      @GossiTheDog

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 13-Sep-2025 15:07:04 JST Kevin Beaumont Kevin Beaumont
      in reply to

      JLR have lost between £50m-£100m so far according to BBC estimates https://www.bbc.co.uk/news/articles/czdjn0lv64ro

      In conversation about 10 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: ichef.bbci.co.uk
        Jaguar Land Rover suppliers 'face bankruptcy' due to hack crisis
        The government has been urged to "act fast" to protect hundreds of jobs following the cyber attack.
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 13-Sep-2025 15:18:10 JST Kevin Beaumont Kevin Beaumont
      in reply to

      If anybody is interested, TCS’ website says JLR outsourced cybersecurity (not sure which bits) to it a few years ago.

      TCS also run security operations and monitoring for Co-op (my old team) along with their IT and IT helpdesk, and M&S secops monitoring, IT and IT helpdesk.

      In conversation about 10 months ago permalink
    • Embed this notice
      VessOnSecurity (bontchev@infosec.exchange)'s status on Saturday, 13-Sep-2025 15:32:44 JST VessOnSecurity VessOnSecurity
      in reply to

      @GossiTheDog I wonder how big the ransom was...

      In conversation about 10 months ago permalink
    • Embed this notice
      Mark :unverified: :thisisfine: (sneakymonkey@infosec.exchange)'s status on Saturday, 13-Sep-2025 17:01:26 JST Mark :unverified: :thisisfine: Mark :unverified: :thisisfine:
      in reply to

      @GossiTheDog

      I don’t get it..

      BBC news article,

      “However, the company made a pre-tax profit of £2.5bn in the year to the end of March, which implies it has the financial muscle to weather a crisis that lasts weeks rather than months.”

      But they call for Gov for furlough…

      In conversation about 10 months ago permalink
    • Embed this notice
      Sleeper_cell_spy (sleepercellspy@cyberplace.social)'s status on Sunday, 14-Sep-2025 04:51:09 JST Sleeper_cell_spy Sleeper_cell_spy
      in reply to

      @GossiTheDog well isn’t that interesting

      In conversation about 10 months ago permalink
    • Embed this notice
      Just_Patch_It (just_patch_it@cyberplace.social)'s status on Sunday, 14-Sep-2025 06:55:18 JST Just_Patch_It Just_Patch_It
      in reply to

      @GossiTheDog Their cars are 💩anyway. You have to buy two so you can drive one while the other is in the shop.

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Tuesday, 16-Sep-2025 17:13:50 JST Kevin Beaumont Kevin Beaumont
      in reply to

      Jaguar Land Rover have extended their manufacturing shutdown until at least next Wednesday, the 24th of September. https://www.theguardian.com/business/2025/sep/16/jaguar-land-rover-production-shutdown-cyber-attack

      In conversation about 10 months ago permalink

      Attachments

      1. No result found on File_thumbnail lookup.
        Jaguar Land Rover extends production shutdown after cyber-attack
        from https://www.theguardian.com/profile/lauren-almeida
        Carmaker says it will freeze production until at least 24 September as it continues investigations
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Tuesday, 16-Sep-2025 17:18:00 JST Kevin Beaumont Kevin Beaumont
      in reply to

      In my own story, I discovered JLR outsourced different cybersecurity areas to TCS and then made many of the UK team redundant 6 months ago.

      https://doublepulsar.com/the-elephant-in-the-biz-outsourcing-of-critical-it-and-cybersecurity-functions-risks-uk-economic-96205e0585bf

      In conversation about 10 months ago permalink

      Attachments


      1. https://cyberplace.social/system/media_attachments/files/115/212/985/871/710/784/original/08b21160eaa4c6ef.jpeg
      2. Domain not in remote thumbnail source whitelist: miro.medium.com
        The Elephant in The Biz: outsourcing of critical IT and cybersecurity functions risks UK economic…
        from https://medium.com/@networksecurity
        Recently, there’s been three major UK ransomware and/or extortion incidents at three big UK companies — Co-op Group, Marks and Spencer and…
      GreenSkyOverMe (Monika) repeated this.
    • Embed this notice
      fuzzyfuzzyfungus (fuzzyfuzzyfungus@cyberplace.social)'s status on Wednesday, 17-Sep-2025 02:48:32 JST fuzzyfuzzyfungus fuzzyfuzzyfungus
      in reply to

      @GossiTheDog Risk mitigation is a cost center. For a while.

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Wednesday, 17-Sep-2025 21:46:11 JST Kevin Beaumont Kevin Beaumont
      in reply to

      The BBC report just over 100k jobs sit outside Jaguar Land Rover in the supply chain, those staff are being told to apply for universal credit and the shut down could last until November. https://www.bbc.co.uk/news/articles/c784nwvj1l3o

      In conversation about 10 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: ichef.bbci.co.uk
        JLR supply chain staff told to apply for universal credit, union says
        Staff are being laid off with "reduced or zero pay" following a cyber attack, which has forced the carmaker to shut down, Unite union claims.
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Wednesday, 17-Sep-2025 22:13:18 JST Kevin Beaumont Kevin Beaumont
      in reply to

      Liam Byrne MP, the chair of the Commons business and trade committee has said "We think this is an attack which is much, much worse than the attack that took down Marks and Spencer."

      He's calling for the government to insure suppliers via taxpayer money when orgs get hit with ransomware.
      https://www.bbc.co.uk/news/articles/cwyrqxj3eqqo

      In conversation about 10 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: ichef.bbci.co.uk
        Liam Byrne MP fears JLR hack could see thousands laid off
        Liam Byrne, MP for Birmingham Hodge Hill & North Solihull, wants emergency support for workers.
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Wednesday, 17-Sep-2025 22:20:22 JST Kevin Beaumont Kevin Beaumont
      in reply to

      This is JLR's parent company, and this is JLR's network border today - personally, I think there's no way the government should have the obligation to bail out this situation.

      JLR just made their most profits in a decade, after making cybersecurity staff redundant in March.

      In conversation about 10 months ago permalink

      Attachments


      1. https://cyberplace.social/system/media_attachments/files/115/219/816/212/695/024/original/0bd9ee5613457d3c.png

      2. https://cyberplace.social/system/media_attachments/files/115/219/824/332/796/217/original/91634297265db018.png

      3. https://cyberplace.social/system/media_attachments/files/115/219/825/447/415/268/original/d8641435726c168f.png

      4. https://cyberplace.social/system/media_attachments/files/115/219/830/887/542/595/original/2a26a1da15571270.png
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Wednesday, 17-Sep-2025 23:19:58 JST Kevin Beaumont Kevin Beaumont
      in reply to

      JLR isn't on the stock market, but their parent company, Tata Motors, is. Their share price has gone up consistently since the cyber incident began.

      The share price of one of JLR's key suppliers, however, has plunged 55% since the incident began.

      https://therecord.media/jlr-cyber-shockwave-auto-sector

      In conversation about 10 months ago permalink

      Attachments


      1. https://cyberplace.social/system/media_attachments/files/115/220/063/094/627/149/original/da7fa03f2f368eb3.png
    • Embed this notice
      fuzzyfuzzyfungus (fuzzyfuzzyfungus@cyberplace.social)'s status on Thursday, 18-Sep-2025 00:18:09 JST fuzzyfuzzyfungus fuzzyfuzzyfungus
      in reply to

      @GossiTheDog But if you treat your suppliers like hostages who you are powerless to save Liam Byrne MP will show up with a sack of other people's money for free...

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Friday, 19-Sep-2025 05:18:10 JST Kevin Beaumont Kevin Beaumont
      in reply to

      Jaguar Land Rover’s Slovak plant has been brought to a standstill for a third consecutive week after a cyberattack, sending shockwaves through the carmaker’s local supply chain and raising calls for state support for suppliers from the Slovakian government.

      The factory is actually owned by Tata Motors, JLR’s parent company. Tata Motors haven’t actually disclosed it, but they too are impacted.

      https://spectator.sme.sk/politics-and-society/c/cyberattack-on-jaguar-land-rover-ripples-through-slovak-supply-chain

      In conversation about 10 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: image.smedata.sk
        Cyberattack on Jaguar Land Rover ripples through Slovak supply chain - The Slovak Spectator
        from Petit Press a.s.
        Jaguar Land Rover’s Nitra plant has been shut for three weeks after a cyberattack, forcing suppliers to cut shifts and fuelling calls for government aid.
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Friday, 19-Sep-2025 05:18:12 JST Kevin Beaumont Kevin Beaumont
      in reply to

      Webasto, who supply glass roofs to Jaguar Land Rover and employ 350 staff, has today halted factory operations and started laying off staff.
      https://www.telegraph.co.uk/business/2025/09/18/jaguar-land-rover-supplier-puts-jobs-at-risk-cyber-hack/

      In conversation about 10 months ago permalink

      Attachments


    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Friday, 19-Sep-2025 05:23:21 JST Kevin Beaumont Kevin Beaumont
      in reply to

      31 British MPs have written to UK government asking for government support for JLR’s suppliers.

      https://www.bbc.co.uk/news/articles/ce327e2rdw3o.amp

      In conversation about 10 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: ichef.bbci.co.uk
        MPs write to business secretary over JLR supply chain jobs
        West Midlands and Merseyside MPs have called for supply chain help after the JLR cyber attack.
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Friday, 19-Sep-2025 05:40:43 JST Kevin Beaumont Kevin Beaumont
      in reply to

      I should loop this into the thread as it may well be relevant later: https://www.bbc.co.uk/news/articles/c62z8k14kxxo

      Although it only mentions TfL, they're also implicated in M&S and a metric ton of other breaches.

      Including potentially JLR -- the LAPSUS$ guys were trying to start their own home brew ransomware at the time but weren't very good at it.

      In conversation about 10 months ago permalink

      Attachments


    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Friday, 19-Sep-2025 05:49:27 JST Kevin Beaumont Kevin Beaumont
      in reply to

      Regarding this earlier toot about JLR, you can see gaydon is one of their subdomains and sites - it's also visible on their DNS resolvers, which are back online and internet facing for some reason (gbgay) along with FortiGate firewall interfaces which are also internet facing for some reason.

      In conversation about 10 months ago permalink

      Attachments


      1. https://cyberplace.social/system/media_attachments/files/115/227/254/481/933/654/original/ee94d8cca2031e53.png

      2. https://cyberplace.social/system/media_attachments/files/115/227/259/770/377/660/original/2299eda847de6533.png
    • Embed this notice
      The Liquid Schwartz (overtondoors@infosec.exchange)'s status on Friday, 19-Sep-2025 08:24:32 JST The Liquid Schwartz The Liquid Schwartz
      in reply to

      No mention of the attackers identity @GossiTheDog seems likely this was a state actor, but not necessarily. What's the scuttlebut?

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Friday, 19-Sep-2025 22:11:22 JST Kevin Beaumont Kevin Beaumont
      in reply to

      Joint statement on government-industry supplier meeting regarding Jaguar Land Rover cyber incident https://www.gov.uk/government/news/joint-statement-on-government-industry-supplier-meeting-regarding-jaguar-land-rover-cyber-incident

      In conversation about 10 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: assets.publishing.service.gov.uk
        Joint statement on government-industry supplier meeting regarding Jaguar Land Rover cyber incident
        Please see below a joint statement from DBT and the Society of Motor Manufacturers and Traders following a meeting on the Jaguar Land Rover cyber incident.
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Friday, 19-Sep-2025 22:16:26 JST Kevin Beaumont Kevin Beaumont
      in reply to

      Jason Richards, Unite's regional officer for the West Midlands, has said he believes that there was "zero chance" of production starting next week, after suppliers were told production at JLR's factories would not resume until 24 September. So far JLR have missed each potential production resume date. https://www.bbc.co.uk/news/articles/c36kjx8w793o

      In conversation about 10 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: ichef.bbci.co.uk
        Labour must step up to help JLR supply chain jobs, says Unite
        Unite the Union has called on the government to implement a furlough scheme for supply chain workers.
    • Embed this notice
      Khleedril (khleedril@cyberplace.social)'s status on Friday, 19-Sep-2025 22:29:57 JST Khleedril Khleedril
      in reply to

      @GossiTheDog
      ``This allowed us to listen to suppliers directly and understand the challenges and concerns they are facing.''

      ... and?

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Sunday, 21-Sep-2025 20:17:48 JST Kevin Beaumont Kevin Beaumont
      in reply to

      The Guardian have a look inside the crisis at Jaguar Land Rover.

      There's no new information, other than sources at the company saying they don't realistically know when they will be able to restart production.

      https://www.theguardian.com/business/2025/sep/20/jaguar-land-rover-hack-factories-cybersecurity-jlr

      In conversation about 10 months ago permalink

      Attachments


      1. https://cyberplace.social/system/media_attachments/files/115/242/000/066/786/188/original/51b118b62c7aeba6.png
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Sunday, 21-Sep-2025 20:27:40 JST Kevin Beaumont Kevin Beaumont
      in reply to

      One awkward element to all of this is the UK Prime Minister launched his growth strategy, with the banner Securing Our Future, at Jaguar Land Rover.

      It was supposed to be how AI and automation would secure the UK economy.

      In conversation about 10 months ago permalink

      Attachments


      1. https://cyberplace.social/system/media_attachments/files/115/242/035/932/964/947/original/c9193cf07793859d.png

    • Embed this notice
      fuzzyfuzzyfungus (fuzzyfuzzyfungus@cyberplace.social)'s status on Tuesday, 23-Sep-2025 11:16:41 JST fuzzyfuzzyfungus fuzzyfuzzyfungus

      @GossiTheDog It's really too bad that Forbes is not speaking literally; but, as ever, by the time smug elite failure runs up against someone who doesn't care even slightly whether it's technically legal, because that's orthogonal to how they operate, a large number of innocent bystanders have been dragged in.

      If it were possible for the criminals to prey directly on the board we'd likely be in a whole different world of governance.

      In conversation about 10 months ago permalink
    • Embed this notice
      Khleedril (khleedril@cyberplace.social)'s status on Tuesday, 23-Sep-2025 18:11:55 JST Khleedril Khleedril
      in reply to

      @GossiTheDog Because the government aren't actually providing any support?

      In conversation about 10 months ago permalink
    • Embed this notice
      Steve (lilstevie@infosec.exchange)'s status on Tuesday, 23-Sep-2025 18:56:26 JST Steve Steve
      in reply to

      @GossiTheDog At this point I'm questioning if JLR are ever going to return to production

      In conversation about 10 months ago permalink
    • Embed this notice
      Khleedril (khleedril@cyberplace.social)'s status on Tuesday, 23-Sep-2025 19:09:10 JST Khleedril Khleedril

      @GossiTheDog Ah, I see I misunderstood your question, I thought you were asking, 'Why are JLR taking the lead?' not, 'Why is the JLR lead not working?'

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Tuesday, 23-Sep-2025 19:39:31 JST Kevin Beaumont Kevin Beaumont
      in reply to

      Jaguar Land Rover have no cyber insurance https://www.theinsurer.com/cyber-risk/news/exclusive-jaguar-land-rover-failed-to-secure-cyber-insurance-deal-ahead-of-2025-09-23/

      In conversation about 10 months ago permalink

      Attachments

      1. No result found on File_thumbnail lookup.
        Exclusive: Jaguar Land Rover failed to secure cyber insurance deal ahead of incident, sources say 
        Jaguar Land Rover failed to finalise a cyber placement brokered by Lockton ahead of the incident that halted the British carmaker's production, three senior cyber insurance market sources told The Insurer.
    • Embed this notice
      Gary :party_porg: (witewulf@cyberplace.social)'s status on Tuesday, 23-Sep-2025 19:46:43 JST Gary :party_porg: Gary :party_porg:
      in reply to

      @GossiTheDog big oof!

      In conversation about 10 months ago permalink

      Attachments


    • Embed this notice
      nandezzz (nandezzz@infosec.exchange)'s status on Tuesday, 23-Sep-2025 20:14:13 JST nandezzz nandezzz
      in reply to

      @GossiTheDog I don’t understand how that’s even possible.. I mean.. I know how it’s possible - you just don’t buy the insurance but I don’t understand how JLR could have a CTO/CIO who thought that was a sensible play! There’s only two of us at my business.. even we have cyberinsurance..

      In conversation about 10 months ago permalink
    • Embed this notice
      TheTomas (thetomas@social.toot9.de)'s status on Tuesday, 23-Sep-2025 20:20:20 JST TheTomas TheTomas
      in reply to

      @GossiTheDog *sigh* insurances dont contribute to your BCM. Ja maybe they'll pay later, maybe not..

      In conversation about 10 months ago permalink
    • Embed this notice
      Alameals (alameals@cyberplace.social)'s status on Tuesday, 23-Sep-2025 20:50:25 JST Alameals Alameals
      in reply to

      I'm Liverpool based so have neighbours and friends who work there and they are still seeing this as just some time off, I don't think they realise this genuinely could lead to job cuts across all roles, it's going to impact them financially for a long time

      In conversation about 10 months ago permalink
    • Embed this notice
      pmelon (pmelon@infosec.exchange)'s status on Tuesday, 23-Sep-2025 21:54:11 JST pmelon pmelon
      • nandezzz

      @GossiTheDog @nandezzz

      Yeah, our place is uninsurable. We have some servers that are nearly 20 years old and the network is totally flat. Execs like bandwagons too much to do anything about it.

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Wednesday, 24-Sep-2025 04:56:57 JST Kevin Beaumont Kevin Beaumont
      in reply to

      Peter Kyle and Chris McDonald met JLR’s CEO and senior executives at its Gaydon headquarters to discuss latest situation.
      https://www.gov.uk/government/news/ministers-meet-jlr-bosses-and-supply-chain-companies-to-help-secure-future-of-car-industry

      In conversation about 10 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: assets.publishing.service.gov.uk
        Ministers meet JLR bosses and supply chain companies to help secure future of car industry
        Peter Kyle and Chris McDonald met JLR’s CEO and senior executives at its Gaydon headquarters to discuss latest situation.
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Wednesday, 24-Sep-2025 22:43:35 JST Kevin Beaumont Kevin Beaumont
      in reply to

      Robert Peston, who was the first to report on the government's bailout of banks in the 2008 financial crisis, reports the UK government is considering bailing out JLR's suppliers by effectively becoming the lender of last resort - by buying parts off suppliers, and then reselling them to Jaguar Land Rover. In effect the UK government will become JLR's supplier's customer.

      https://www.itv.com/news/2025-09-24/how-the-government-plans-to-support-jaguar-land-rover-suppliers

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Wednesday, 24-Sep-2025 22:52:27 JST Kevin Beaumont Kevin Beaumont
      in reply to

      If anybody is wondering, I took a tour of JLR's network border last night - everything is still offline, except for https://wslx.jlrext.com/ (single factor login), some routers running SSH to the internet, NTP and Fortigate firewalls with open ports to internet.

      In conversation about 10 months ago permalink

      Attachments

      1. No result found on File_thumbnail lookup.
        https://wslx.jlrext.com/
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 25-Sep-2025 07:28:18 JST Kevin Beaumont Kevin Beaumont
      in reply to

      The BBC reports “Senior government figures are concerned about a pattern of cyber attacks on UK institutions and businesses, such as the British Library, Marks & Spencer, and the Co-op.”

      They should be. We’ve got to collectively work together to defuse the ransomware economy - even if that means repositioning security industry incentives.

      We’ve also got to be deeply honest about where the challenges are coming from - which is not just Russia, but at home in the UK.

      https://www.bbc.com/news/articles/c62nv0xx32go

      In conversation about 10 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: ichef.bbci.co.uk
        Government mulls financial support for JLR supply chain firms
        Fears are growing that some of the car maker's suppliers could go bust without support.
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 25-Sep-2025 20:47:24 JST Kevin Beaumont Kevin Beaumont
      in reply to

      The FT has figured out JLR have no insurance.

      I'm not sure they'll take the full cost of recovery though - since the government is likely bailing out their key suppliers.

      https://www.ft.com/content/c301e78a-38e7-4818-b367-14af85130c61

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 25-Sep-2025 20:51:41 JST Kevin Beaumont Kevin Beaumont
      in reply to

      For those who haven't been following JLR in detail, key chain of events:

      1) JLR outsource key IT and infosec functions to TCS, approved by 1x director and 2x NEDs on both JLR and TCS boards

      2) JLR transfer staff by TUPE to TCS

      3) TCS lay off transferred UK staff, including cyber risk and governance and cyber monitoring

      4) record profits for a decade

      5) got hacked

      6) company stops functioning

      7) get government to bail out their key suppliers (in progress)

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Friday, 26-Sep-2025 22:08:16 JST Kevin Beaumont Kevin Beaumont
      in reply to

      JLR have some of its IT systems back online. Production is still halted. https://www.bbc.com/news/articles/c0q75q4l87no

      I can’t see anything internet facing back online. Looks like they have bits of SAP back for supplier payment of historic orders.

      In conversation about 10 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: ichef.bbci.co.uk
        Jaguar Land Rover restarts some IT systems after cyber-attack
        The carmaker says it is working through a backlog of payments as its IT systems come back online.
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Friday, 26-Sep-2025 22:18:41 JST Kevin Beaumont Kevin Beaumont
      in reply to

      If you’re wondering how JLR’s parent company, Tata Motors, is getting on - share price is up over the month. Investors don’t really care that a large part of the org shut down as they know the UK taxpayer will prop it up.

      In conversation about 10 months ago permalink

      Attachments


      1. https://cyberplace.social/system/media_attachments/files/115/270/792/607/582/427/original/250b828a255bded9.png
    • Embed this notice
      Dr. Christopher Kunz (christopherkunz@chaos.social)'s status on Friday, 26-Sep-2025 23:15:16 JST Dr. Christopher Kunz Dr. Christopher Kunz
      in reply to

      @GossiTheDog And then there's this, too. Shareholders don't give a damn if your products take down whole airports.

      In conversation about 10 months ago permalink

      Attachments


      1. https://assets.chaos.social/media_attachments/files/115/270/866/339/672/507/original/9be2db86cb9cc564.png
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Friday, 26-Sep-2025 23:57:21 JST Kevin Beaumont Kevin Beaumont
      in reply to

      The Chair of the Business and Trade Committee, Liam Byrne, has today written to TCS asking probing questions about the attacks on Co-op, Marks and Spencer and Jaguar Land Rover. https://committees.parliament.uk/publications/49627/documents/264574/default/

      In conversation about 10 months ago permalink

      Attachments


      1. https://cyberplace.social/system/media_attachments/files/115/271/178/393/992/502/original/1f54f4c5f925cdb0.png

      Infoseepage repeated this.
    • Embed this notice
      Dave 🐶 (cyberoutsider@infosec.exchange)'s status on Saturday, 27-Sep-2025 00:03:40 JST Dave 🐶 Dave 🐶
      in reply to

      @GossiTheDog And everyone was worried about Huawei providing services to CNI...

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 27-Sep-2025 01:37:13 JST Kevin Beaumont Kevin Beaumont
      in reply to

      Personally I think the UK is going to be one to watch now, as if I was an e-crime threat actor - I’d zero in on the UK.

      Orgs have shown they will pay, teens getting in and poor MSPs shows poor security practices, the NCA won’t tell the ICO (data regulator) too around what actually happened, and the government will bail out orgs financially and provide IR help while they recover.

      It’s all of the wrong messages being broadcast. Strap in.

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 27-Sep-2025 01:41:12 JST Kevin Beaumont Kevin Beaumont
      in reply to

      If you look at the NCSC UK too, their remit is to help make the UK the safest place to do business..

      but if you look at the general output lately, it’s quantum stuff and firewall espionage stuff. They’re good people but it feels too close to GCHQ, and so too far removed from the operational reality on the ground.

      In conversation about 10 months ago permalink
    • Embed this notice
      Ollie Whitehouse (ollie_whitehouse@infosec.exchange)'s status on Saturday, 27-Sep-2025 02:56:53 JST Ollie Whitehouse Ollie Whitehouse
      in reply to

      @GossiTheDog we have also recently released (last week) a buyers guide for external attack surface management - https://www.ncsc.gov.uk/blog-post/easm-buyers-guide-now-available - d

      we also continue to push forward on Share & Defend too etc.

      all of which are intended to protect the many and reduce the easy wins.

      In conversation about 10 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: www.ncsc.gov.uk
        EASM buyer's guide now available
        How to choose an external attack surface management (EASM) tool that’s right for your organisation.
    • Embed this notice
      Ollie Whitehouse (ollie_whitehouse@infosec.exchange)'s status on Saturday, 27-Sep-2025 03:25:34 JST Ollie Whitehouse Ollie Whitehouse

      @GossiTheDog which is the intent of Share & Defend - to protect those who can't protect themselves.

      it's a fair challenge - we are also working on some upstream stuff like passkeys etc.

      In conversation about 10 months ago permalink
    • Embed this notice
      Ollie Whitehouse (ollie_whitehouse@infosec.exchange)'s status on Saturday, 27-Sep-2025 03:31:39 JST Ollie Whitehouse Ollie Whitehouse

      @GossiTheDog we refer to this as 'Market Incentives'

      https://www.ncsc.gov.uk/collection/ncsc-annual-review-2024/chapter-03/market-incentives

      https://www.ncsc.gov.uk/blog-post/market-incentive-the-pursuit-for-resilient-software-hardware

      https://www.ncsc.gov.uk/blog-post/sausages-incentives-rewarding-resilient-technology-future

      .. we are on it, but will need a little time ..

      In conversation about 10 months ago permalink

      Attachments


    • Embed this notice
      Stevǝ :mastodon: :blinkingcursor: (northvein@infosec.exchange)'s status on Saturday, 27-Sep-2025 04:47:36 JST Stevǝ :mastodon: :blinkingcursor: Stevǝ :mastodon: :blinkingcursor:
      in reply to

      @GossiTheDog we’re in for some chop for sure..

      We’ve gone from 3 lines of defence and skills-based hiring to “let the cheapest bidder run our identity service and we’ll cross our fingers that they really do background checks and basic awareness training”
      Also, cyber resilience?
      We’re seeing teenagers directly skew the UK economy…
      Nice work NCSC etc …
      When you don’t really know who manages your stuff, grants access to your stuff, backs your stuff up or protects your stuff… you’ve outsourced responsibility whilst remaining entirely accountable
      The threat actor ecosystem is largely driven by financial reward… which makes these supply chain watering holes irresistible…

      In conversation about 9 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 27-Sep-2025 05:13:23 JST Kevin Beaumont Kevin Beaumont
      in reply to

      My view - saying the recent incidents should be a wake up call isn’t moving the needle enough in business.

      So a lever is, if JLR need bailing out, put the PM on TV to announce it, explain why and the context of attacks on UK institutions, and announce paying all extortion attempts will be outlawed by the end of parliament. It would send shockwaves through business and force real resiliency planning.

      In conversation about 9 months ago permalink
    • Embed this notice
      lambtor (lambtor@cyberplace.social)'s status on Saturday, 27-Sep-2025 05:55:50 JST lambtor lambtor
      in reply to

      @GossiTheDog surely some kind of insurance coverage could be a requirement for these organizations? they don't want to spend on their own infrastructure, they can pay higher premiums.

      In conversation about 9 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 27-Sep-2025 20:34:29 JST Kevin Beaumont Kevin Beaumont
      in reply to

      The Times (paywalled) reports JLR plan to restart some production in just over a week - "puts suppliers on notice for production at its Wolverhampton engine works to resume on October 6"

      In conversation about 9 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Sunday, 28-Sep-2025 07:17:41 JST Kevin Beaumont Kevin Beaumont
      in reply to

      Government to guarantee £1.5bn loan to Jaguar Land Rover directly https://www.bbc.com/news/articles/cgl15ykerlro

      In conversation about 9 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: ichef.bbci.co.uk
        Government to guarantee £1.5bn Jaguar Land Rover loan after cyber shutdown
        Ministers hope the loan, from a commercial bank and underwritten by the government, will give certainty to suppliers.
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Sunday, 28-Sep-2025 08:38:29 JST Kevin Beaumont Kevin Beaumont
      in reply to

      There’s a bit on TCS outsourcing of key roles at JLR here. https://www.telegraph.co.uk/business/2025/09/26/suspected-weak-link-in-jaguar-land-rover-ms-hacks/

      In conversation about 9 months ago permalink

      Attachments


      1. https://cyberplace.social/system/media_attachments/files/115/278/892/017/680/643/original/4ceff308903dda7a.jpeg

    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Monday, 29-Sep-2025 17:35:53 JST Kevin Beaumont Kevin Beaumont
      in reply to

      Jaguar Land Rover has sought £2 billion in emergency funding from global banks as the carmaker tries to ease the financial strain of cyber incident.

      The funding is separate from a £1.5 billion loan, provided by a commercial bank and guaranteed by UK Export Finance, that the carmaker will repay over five years.

      https://www.bloomberg.com/news/articles/2025-09-29/jaguar-land-rover-seeks-2-billion-emergency-funds-et-says

      In conversation about 9 months ago permalink
    • Embed this notice
      Kevin Beaumont (gossithedog@cyberplace.social)'s status on Monday, 29-Sep-2025 17:36:55 JST Kevin Beaumont Kevin Beaumont
      in reply to

      MPs are now saying Jaguar Land Rover may need more government invention on top of the existing £1.5bn help https://www.bbc.com/news/articles/c62zggj69e0o

      In conversation about 9 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: ichef.bbci.co.uk
        Jaguar Land Rover may need more government help, MP says
        Liam Byrne spoke after the government announced it was backing a £1.5bn loan to the company, and warned cyber-attacks could become more common.
    • Embed this notice
      Schroedingers_Cat (steveclough@metalhead.club)'s status on Monday, 29-Sep-2025 19:44:13 JST Schroedingers_Cat Schroedingers_Cat
      in reply to

      @GossiTheDog SUrely the invisible hand of the market will handle this?

      In conversation about 9 months ago permalink
    • Embed this notice
      craignicol (craignicol@glasgow.social)'s status on Wednesday, 22-Oct-2025 17:32:36 JST craignicol craignicol
      in reply to
      • anilmc

      @GossiTheDog @anilmc don't TCS and JLR have the same parent? Certainly can't be helping TCS reputation. Don't they have a few UK public sector contracts too?

      In conversation about 9 months ago permalink

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.