In the wake of yet another extraordinary ransomware attack, most businesses are finally beginning to implement the sorts of security measures they knew all along they should put in place. "Someday soon, when we get the time." Some writers have been calling it "unprecedented" but you and I know just how precedented it really is.

Loyal reader Aubrey leads off with an insider report, writing "Corporate IT recently migrated the entire company to a new antivirus program, and it seems to have flagged *its own update* as likely malware." That's what we call fastidious.



Infosec fan Peter G. comments "It's a 0day attack on a certificate!"



Matthew S. rhetorically wonders "How can I trust them to do my website when they can't even get their own encoding right?"



Andrew S. notes that many websites are not quite all-in on GDPR compliance. They might even be... reluctant. "When you don't really want to bother with GDPR consent, you can just forget to include the column."



Driving home the point that not everything this week is all about security or privacy, big spender Richard V. enthuses about his Very Generous Gift from Uber "WOW! What should I spend it on first?!"



Likely Mini driver Sam B. grouses "Incomprehensible API documentation? Eh, I've seen worse." We'd like to know where, so we can stay far far away.



[Advertisement] Continuously monitor your servers for configuration changes, and report when there's configuration drift. Get started with Otter today!