Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://cyberplace.social/users/GossiTheDog/statuses/114268992400913322">Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 03-Apr-2025 00:07:44 JST</a><a href="https://cyberplace.social/@GossiTheDog" title="gossithedog@cyberplace.social"><img src="https://gnusocial.jp/avatar/38360-48-20250225114715.webp" width="48" height="48" alt="Kevin Beaumont" style="position: absolute; left: 0; top: 0;">Kevin Beaumont</a><div><a href="https://cyberplace.social/@GossiTheDog/114268492393571315" rel="in-reply-to">in reply to</a></div></section><article><p>Bruteforce and external remote access drives a significant portion of incidents, which also ties to compromised credentials (78% of cases is remote access with valid creds, infostealers go brrrr).  </p><p>CitrixBleed was 5% of all security incidents - may explain why I made an MSPaint.exe logo for it</p><p>The long story short is you need really robust authentication - if you get it wrong, you are toast in 2025 - and really, really robust external services patching. Don't ever present RDP to the internet.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4832480#notice-9465706">In conversation</a><time datetime="2025-04-03T00:07:44+09:00" title="Thursday, 03-Apr-2025 00:07:44 JST">about a month ago</time> <span>from <span><a href="https://cyberplace.social/@GossiTheDog/114268992400913322" rel="external" title="Sent from cyberplace.social via ActivityPub">cyberplace.social</a></span></span><a href="https://cyberplace.social/@GossiTheDog/114268992400913322">permalink</a><h4>Attachments</h4><ol><li><label><a rel="external" href="https://gnusocial.jp/attachment/4403568">Untitled attachment</a></label><br><a href="https://cyberplace.social/system/media_attachments/files/114/268/985/251/405/106/original/b56a028a2912c150.png" rel="external">https://cyberplace.social/system/media_attachments/files/114/268/985/251/405/106/original/b56a028a2912c150.png</a></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 03-Apr-2025 00:07:44 JST Kevin Beaumont
in reply to
Bruteforce and external remote access drives a significant portion of incidents, which also ties to compromised credentials (78% of cases is remote access with valid creds, infostealers go brrrr).
CitrixBleed was 5% of all security incidents - may explain why I made an MSPaint.exe logo for it
The long story short is you need really robust authentication - if you get it wrong, you are toast in 2025 - and really, really robust external services patching. Don't ever present RDP to the internet.
In conversationabout a month ago from cyberplace.socialpermalink
Attachments
1. Untitled attachment
  https://cyberplace.social/system/media_attachments/files/114/268/985/251/405/106/original/b56a028a2912c150.png

Public

Embed Notice

HTML Code

Corresponding Notice