Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://cyberplace.social/users/GossiTheDog/statuses/113646927178521607">Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 14-Dec-2024 03:28:24 JST</a><a href="https://cyberplace.social/@GossiTheDog" title="gossithedog@cyberplace.social"><img src="https://gnusocial.jp/avatar/38360-48-20250105013211.webp" width="48" height="48" alt="Kevin Beaumont" style="position: absolute; left: 0; top: 0;">Kevin Beaumont</a><div><a href="https://cyberplace.social/@GossiTheDog/113646861331796623" rel="in-reply-to">in reply to</a></div></section><article><p>I think the Cleo thing shows the industry and community working very well, btw. </p><p>From zero day in an MFT product to approx 2/3rd of servers now offline or patched in days.  As far as I know, since mass exploitation began (important caveat) none of the victims had follow on activity, ie ransomware. </p><p>That’s a really good outcome. The reason, I think, is openness and transparency - Huntress went public early and everybody leaped on it loudly in the community. Be more open. </p><p><a href="https://cyberplace.social/tags/cleo" rel="tag">#cleo</a> <a href="https://cyberplace.social/tags/threatintel" rel="tag">#threatintel</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4158497#notice-8169494">In conversation</a><time datetime="2024-12-14T03:28:24+09:00" title="Saturday, 14-Dec-2024 03:28:24 JST">about 2 months ago</time> <span>from <span><a href="https://cyberplace.social/@GossiTheDog/113646927178521607" rel="external" title="Sent from cyberplace.social via ActivityPub">cyberplace.social</a></span></span><a href="https://cyberplace.social/@GossiTheDog/113646927178521607">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 14-Dec-2024 03:28:24 JST Kevin Beaumont
in reply to
I think the Cleo thing shows the industry and community working very well, btw.
From zero day in an MFT product to approx 2/3rd of servers now offline or patched in days. As far as I know, since mass exploitation began (important caveat) none of the victims had follow on activity, ie ransomware.
That’s a really good outcome. The reason, I think, is openness and transparency - Huntress went public early and everybody leaped on it loudly in the community. Be more open.
#cleo #threatintel
In conversationabout 2 months ago from cyberplace.socialpermalink

Public

Embed Notice

HTML Code

Corresponding Notice