> Tardy patching
That's nice. Nothing sadder than a damaged tardy bear.
Welcome to 2019, just a few days into the year and we already have Chromecast chaos, Skype backdoors, and a Weather Channel privacy suit. We also have plenty of other news to catch up on. Stop the presses! LA Times grinds to a halt over ransomware Most of us made a point of unplugging from the news over the holidays, but for …
"The group calls itself Candiru, after the small fish in the Amazon which, legend has it, can swim up a stream of urine and embed itself in a victim's urethra using a barbed head."
And then there is Cymothoa, a small parasite that enters fish through the gills, and then attaches itself to the fish's tongue.
(Or injects shellcode into 'nix processes)
They might hope that they are rather better at it than the Candiru fish, of which only one documented case has been recorded and which is considered somewhat unreliable: "When subsequently interviewed, Spotte stated that even if a person were to urinate while "submerged in a stream where candiru live", the odds of that person being attacked by candiru are "(a)bout the same as being struck by lightning while simultaneously being eaten by a shark.""
Fortunately, she survived.
I find this story dubious. Surely anyone who's struck by lightning while being attacked by a shark gains shark-based superpowers. I'd expect at least the proportional strength of a shark and the ability to have a cartilage skeleton rather than bones.
And then there is Cymothoa, a small parasite that enters fish through the gills, and then attaches itself to the fish's tongue.
For anyone having difficulty staying awake: http://www.nhm.ac.uk/discover/what-is-a-parasitic-isopod.html
the issue was traced back to a ransomware infection that had managed to bork the systems that link the papers editorial office with those of the printing plants.
I don't know which is worst: This or the one that affected the South Korean government which discovered the "list" of North Korean defectors and their new identities have been lifted without anyone knowing until it was (long) gone.
“Late last week, a mysterious malware attack crippled key parts of the Times infrastructure”
I don't think it is mysterious to the rest of use. What is isn't is the competion of how to talk about malware without mentioning Microsoft Windows.
“Once Ryuk gets into a network, it automatically spreads from computer to computer, node to node”
The only solution is to ban ‘computer’s on your network.
Why are they still working on it ? Don't they have a backup of the site in its functional state that they can upload ? Don't they ?
If they wanted to explore the infection, I would think downloading the entire site onto an inactive disk then plugging said disk into an isolated server would be the thing to do, but right now I would have wiped the site entirely and restored from backup. That shouldn't take a week. What is it I don't know that prevents them from doing so ?
Not involved but IMHO:
From the article, it sounds like the backup would also contain the vulnerable unmaintained code. So, the site would be up, but vulnerable...
They are probably working on a new site without any unmaintained code.
As the vulnerability was in unmaintained code, the vuln wouldn’t be fixed so better focus developer cycles on bringing the new site up.
"Google is usually thought to be better than most at getting stuff fixed"
No, google host the most malware in the world on the play store, never notifies people when they remove an app for malware. No other company in the world gets away with that. They don't fix stuff, they sweep it under the rug when it's broken.