3 days ago
2
Comments
Bill Godfrey • May 1, 2026 8:05 AM
No! Not someone whose livelihood depends on maintaining a good business relationship with criminals!?
Rontea • May 1, 2026 9:26 AM
This case illustrates a systemic weakness in the way we handle ransomware incident response. By embedding trust in individual negotiators without robust oversight or auditing, we create a single point of failure that attackers can exploit. Martino leveraged insider access—knowledge of insurance limits, negotiation strategies, and victim vulnerabilities—to maximize payouts for the attackers, effectively turning the negotiation process into another attack vector. Organizations should design multi-party controls, enforce strict separation of duties, and verify negotiator activity through independent auditing.
Clive Robinson • May 1, 2026 10:32 AM
@ ALL,
1, The attacker aims for the highest price.
2, The defender aims for the lowest price.
Is basic economics and business sense.
3, The negotiator aims for the thickest slice off the top.
Thus pushes down the attacker whilst upping the FUD to the defender.
Some many years ago it became fairly obvious that the “negotiator”(3) was in league with the “attackers”(1)…
Because the “crypto used” was in short term practical intent “unbreakable”.
Most jurisdictions started implimenting “anti-ransom legislation”…
So the “negotiator”(3) simply acted as a way for the “defender”(2) to pay-off the “attacker”(1) without getting into legal “hot water”.
The fact that some “negotiators”(3) have seen the benefits in being a cover “attacker”(1) is really hardly surprising.
Once you realise this you start asking yourself all sorts of other question…
But in all honesty do you really care if things get back up and going for the lowest price?
Weather • May 2, 2026 1:14 AM
I don’t think you could look them up in the phone book, duplicity, or other paranoid think? Or someone that liked money to much.
AgeVerificationIsTheNextFrontLineInTheCryptoWars • May 2, 2026 2:34 PM
For lack of a Friday Squid ppost, here’s this:
https://reclaimthenet.org/the-age-verification-con
I’m just surprised Bruce hasn’t yet warned what a serious threat the whole age verificiation scheming is to general purpose computation, governments want you to need to show ID to be able to operate your own operating system, that violates every principle of basic freedoms imaginable, and every principle of sound engineering for reliability and avoidance of single points of failure too.
The good news is that the public aren’t playing along with the tyranny thus far:
https://reclaimthenet.org/australias-under-16-social-media-ban-fails
But the real security experts, people who understand the idea of security as protecting the user of a computer rather than protecting the government/corporate establihsment class, need to be devising better ways to beat the next level* of government interfeence BEFORE governments can implement it.
https://dailysceptic.org/2025/08/16/the-online-safety-act-exposes-how-fragile-our-overly-centralised-internet-really-is/ (see the last few paragraphs of that page)
*the things they’ll try in response to the wonderful defiance presently being displayed in the face of their surveillance and censorship archiectures, a lot of this is going to be a batttle at the bootloader level I imagine
Also there is this:
https://xn--gckvb8fzb.com/hold-on-to-your-hardware/
The link looks strange, but the blogpost is well written, be warned to block javascript before following though as the author seems to like javascript pranks as a way to encourage javascript blocking
Also, have a look at Rossmann’s Youtube link at ( watch?v=Xa3-TkHBh90 ), the name that politicians are using for their malware plans is part of the problem, doesn’t get people passionate enough to organise to resist it.
lurker • May 2, 2026 8:47 PM
@AgeVerificationIsTheNext…
re マリウス.com
minor nitpicks, sorry: the name is a reverse transliteration of Marius into Japanese, and using 2 byte chars might have confused your browser; the blinking bits are all done in .css not javascript.
On the Main theme however I also disagree: I expect the current “AI” bubble to implode, but it still won’t solve the ram/cpu problem, because the of cost in time and money of recycling any of that hardware.
Weather • May 3, 2026 12:53 AM
@AgeVerfication
Fake id’s and there service will pop up. I think it starts as a bit flip if over 18, but they are already mentioning camera shot. The old stuff pass the hash ,process injection and iptables modified outgoing packets.
It does get reed of some parasite quicker, but like a blog header, will just move.
Hopefully it doesn’t, i in certain times would like to be known has, who the camera was point at, but thats 20 years down the track.
It won’t be in bios or bootloader(not sure they have updated the 1mb or A20) I’m more thinking a kernel call that programs can call on for the signature.
Cheers weather
Subscribe to comments on this entry
Sidebar photo of Bruce Schneier by Joe MacInnis.
English (US) ·