back to article Microsoft changes encryption, another D-Link bug, phishing dangers, and more

Let's look at some of the latest security news you may have missed this week. Baltimore ransomware outbreak made worse by bad storage practices This year's ransomware infection at the City of Baltimore made headlines, in part because of the eye-popping $18.2m price tag its damage and recovery bills racked up. It turns out that …

  1. Anonymous Coward
    Anonymous Coward

    ah well, I guess with software encryption, Microsoft will have no problems giving the US spy agencies (NSA/FBI etc) access via their "master key" to all the data on your HDD.

    1. Tomato42 Silver badge

      they are doing that because it turned out that the disks that were claiming to be encrypting the data weren't doing that, at all

      1. Anonymous Coward
        Anonymous Coward

        Zero length master password

        > they are doing that because it turned out that the disks that were claiming to be encrypting the data weren't doing that, at all

        Yea, it's uncanny, flaws like setting the master password to zero length and burying this in some obscure setting. Makes one wonder if the manufacturers had help from the NSA?

  2. Korev Silver badge
    FAIL

    "Tested the link - it redirected to a fake Office 365 login page hosted at Windows.net. Holy shit. I tested the URI string from Adobe, and sure enough you can put anything after "&p1=" and adobe will redirect you."

    The admin noted the matter was reported to Microsoft and the scammer's account was deleted.

    Why on all earth wasn't the Adobe redirect fixed too?

    1. Tony W

      Google think it's fine apparently

      https://www.bleepingcomputer.com/news/security/adobe-and-google-open-redirects-abused-by-phishing-campaigns/

      The ultimate URL does appear at the end of the string, albeit not necessarily including http:// or www, but I suppose it could be obfuscated.

      What is the advantage to Google, Adobe etc of these redirects?

      1. Steve Graham

        Re: Google think it's fine apparently

        What is the advantage to Google, Adobe etc of these redirects?

        Just harvesting data on user activities.

    2. MiguelC Silver badge

      Re: Why on all earth wasn't the Adobe redirect fixed too?

      Because *Adobe*...

      1. sbt Silver badge
        Devil

        Relevance deprivation syndrome

        With Adobe Flash usage fading away, they have to find some way to get back in the news for poor security.

  3. Mephistro Silver badge
    Angel

    "...and was written off as a joke from someone in AT&T's IT department. "

    My confidence in this company has risen with this statement. Not.

    But at least we have another clue re: present whereabouts of the BOFH. 8^D

    1. Anonymous Coward
      Anonymous Coward

      Pentests traffice redirects to FBI

      > ...and was written off as a joke from someone in AT&T's IT department. "

      I suspect every major tech company on the planet is deeply embedded with the security services and all your cloud belong them.

  4. TFL

    If D-Link owners are shocked by terrible vulnerability disclosures, I recommend upgrading... to another manufacturer's devices.

    1. Pascal Monett Silver badge

      Indeed. Could you please point us to a supplier that has a flawless security record ?

    2. Korev Silver badge

      That's why I no longer use my Netgear "Nighthawk"...

  5. C_D

    Someone's making a lot of money. Time is ripe for an influx of UK contractors bugged by IR35

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019