Comments

an0x0nam00 May 1, 2026 7:42 AM

I told you I was hardcore!
⠀⠀⠀⠀⠀⠀⢀⣤⠤⠤⠤⠤⠤⠤⠤⠤⠤⠤⢤⣤⣀⣀⡀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⢀⡼⠋⠀⣀⠄⡂⠍⣀⣒⣒⠂⠀⠬⠤⠤⠬⠍⠉⠝⠲⣄⡀⠀⠀
⠀⠀⠀⢀⡾⠁⠀⠊⢔⠕⠈⣀⣀⡀⠈⠆⠀⠀⠀⡍⠁⠀⠁⢂⠀⠈⣷⠀⠀
⠀⠀⣠⣾⠥⠀⠀⣠⢠⣞⣿⣿⣿⣉⠳⣄⠀⠀⣀⣤⣶⣶⣶⡄⠀⠀⣘⢦⡀
⢀⡞⡍⣠⠞⢋⡛⠶⠤⣤⠴⠚⠀⠈⠙⠁⠀⠀⢹⡏⠁⠀⣀⣠⠤⢤⡕⠱⣷
⠘⡇⠇⣯⠤⢾⡙⠲⢤⣀⡀⠤⠀⢲⡖⣂⣀⠀⠀⢙⣶⣄⠈⠉⣸⡄⠠⣠⡿
⠀⠹⣜⡪⠀⠈⢷⣦⣬⣏⠉⠛⠲⣮⣧⣁⣀⣀⠶⠞⢁⣀⣨⢶⢿⣧⠉⡼⠁
⠀⠀⠈⢷⡀⠀⠀⠳⣌⡟⠻⠷⣶⣧⣀⣀⣹⣉⣉⣿⣉⣉⣇⣼⣾⣿⠀⡇⠀
⠀⠀⠀⠈⢳⡄⠀⠀⠘⠳⣄⡀⡼⠈⠉⠛⡿⠿⠿⡿⠿⣿⢿⣿⣿⡇⠀⡇⠀
⠀⠀⠀⠀⠀⠙⢦⣕⠠⣒⠌⡙⠓⠶⠤⣤⣧⣀⣸⣇⣴⣧⠾⠾⠋⠀⠀⡇⠀
⠀⠀⠀⠀⠀⠀⠀⠈⠙⠶⣭⣒⠩⠖⢠⣤⠄⠀⠀⠀⠀⠀⠠⠔⠁⡰⠀⣧⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠉⠛⠲⢤⣀⣀⠉⠉⠀⠀⠀⠀⠀⠁⠀⣠⠏⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⠉⠉⠛⠒⠲⠶⠤⠴⠒⠚⠁⠀⠀

Bill Godfrey May 1, 2026 8:05 AM

No! Not someone whose livelihood depends on maintaining a good business relationship with criminals!?

Rontea May 1, 2026 9:26 AM

This case illustrates a systemic weakness in the way we handle ransomware incident response. By embedding trust in individual negotiators without robust oversight or auditing, we create a single point of failure that attackers can exploit. Martino leveraged insider access—knowledge of insurance limits, negotiation strategies, and victim vulnerabilities—to maximize payouts for the attackers, effectively turning the negotiation process into another attack vector. Organizations should design multi-party controls, enforce strict separation of duties, and verify negotiator activity through independent auditing.

Clive Robinson May 1, 2026 10:32 AM

@ ALL,

1, The attacker aims for the highest price.
2, The defender aims for the lowest price.

Is basic economics and business sense.

3, The negotiator aims for the thickest slice off the top.

Thus pushes down the attacker whilst upping the FUD to the defender.

Some many years ago it became fairly obvious that the “negotiator”(3) was in league with the “attackers”(1)…

Because the “crypto used” was in short term practical intent “unbreakable”.

Most jurisdictions started implimenting “anti-ransom legislation”…

So the “negotiator”(3) simply acted as a way for the “defender”(2) to pay-off the “attacker”(1) without getting into legal “hot water”.

The fact that some “negotiators”(3) have seen the benefits in being a cover “attacker”(1) is really hardly surprising.

Once you realise this you start asking yourself all sorts of other question…

But in all honesty do you really care if things get back up and going for the lowest price?

Life Happens May 1, 2026 3:47 PM

Which reminds me, it’s kinda like these Public Offenders in Boise Idaho, Jonathan Loschi and Kendra Nagy who worked with the Prosecutors and the Judge to destroy this one INNOCENT MAN. Many times, you will be looking at something that looks like you and me, human – but they’re only human in appearance. On the inside – THEY ARE PURE EVIL!

drive

.

google

.

com

/

drive

/

folders

/

1

6

G

B

5

Ni

Uu4

Zb0

7R

D6

B3

ai0

8

qe

rHb

Hx

J

h

I

Copy the above link to see how those in “public service” we the sheeple are financing with our tax dollars are destroying innocent citizens because they can.

Just A Friend Of Mine May 1, 2026 7:30 PM

@Life Happens,

do not forget his private attorneys as well.

Raymond Schild, John Prior, and Charles C. Crafts were paid by my friend and his
family to clear the man’s name of any wrongdoing and of the lies that destroyed him,
but instead – THESE SHRINERS OF BOISE IDAHO TOOK EVEN MORE MONEY FROM SOMEBODY ELSE,
SECRETLY OF COURSE, SO THEY DIDN’T EVEN FILE A DIRECT APPEAL ON THEIR CLIENT’S BEHALF.
Look no further than the muslim NEIGHBOR of the FAKE victim – RAMAYLA DURATOVIC, ANOTHER
SHRINER WHO HELPED FUNNEL THE BRIBE MONEY THE muslims of boise idaho COLLECTED IN ORDER
TO GET IT TO THE P1G raymond schild so he would bleed the poor guy dry of any funds while
being paid EVEN MORE BY THE WANNABE MURDERER husein and his friends and family.

Basically, these three P1GZ CASHED IN MORE THAN DOUBLE WHILE THIS INNOCENT MAN
IS STILL A CONVICTED FELON.

IN A REAL COUNTRY THESE LAWYERS WOULD BE HANGING PUBLICLY, IN A PUBLIC, CENTRAL CITY SQUARE AS A REMINDER TO THE WORLD FOR WHAT THEY HAVE DONE TO HELP COVER UP AN ATTEMPTED MURDER.

Weather May 2, 2026 1:14 AM

I don’t think you could look them up in the phone book, duplicity, or other paranoid think? Or someone that liked money to much.

lurker May 2, 2026 2:27 PM

@Swallowing 500 …

“How can it be?”

Because He is the Kwizatz Haderach.

AgeVerificationIsTheNextFrontLineInTheCryptoWars May 2, 2026 2:34 PM

For lack of a Friday Squid ppost, here’s this:
https://reclaimthenet.org/the-age-verification-con
I’m just surprised Bruce hasn’t yet warned what a serious threat the whole age verificiation scheming is to general purpose computation, governments want you to need to show ID to be able to operate your own operating system, that violates every principle of basic freedoms imaginable, and every principle of sound engineering for reliability and avoidance of single points of failure too.

The good news is that the public aren’t playing along with the tyranny thus far:
https://reclaimthenet.org/australias-under-16-social-media-ban-fails

But the real security experts, people who understand the idea of security as protecting the user of a computer rather than protecting the government/corporate establihsment class, need to be devising better ways to beat the next level* of government interfeence BEFORE governments can implement it.
https://dailysceptic.org/2025/08/16/the-online-safety-act-exposes-how-fragile-our-overly-centralised-internet-really-is/ (see the last few paragraphs of that page)

*the things they’ll try in response to the wonderful defiance presently being displayed in the face of their surveillance and censorship archiectures, a lot of this is going to be a batttle at the bootloader level I imagine

Also there is this:
https://xn--gckvb8fzb.com/hold-on-to-your-hardware/
The link looks strange, but the blogpost is well written, be warned to block javascript before following though as the author seems to like javascript pranks as a way to encourage javascript blocking

Also, have a look at Rossmann’s Youtube link at ( watch?v=Xa3-TkHBh90 ), the name that politicians are using for their malware plans is part of the problem, doesn’t get people passionate enough to organise to resist it.

lurker May 2, 2026 8:47 PM

@AgeVerificationIsTheNext…
re マリウス.com

minor nitpicks, sorry: the name is a reverse transliteration of Marius into Japanese, and using 2 byte chars might have confused your browser; the blinking bits are all done in .css not javascript.

On the Main theme however I also disagree: I expect the current “AI” bubble to implode, but it still won’t solve the ram/cpu problem, because the of cost in time and money of recycling any of that hardware.

Weather May 3, 2026 12:53 AM

@AgeVerfication
Fake id’s and there service will pop up. I think it starts as a bit flip if over 18, but they are already mentioning camera shot. The old stuff pass the hash ,process injection and iptables modified outgoing packets.
It does get reed of some parasite quicker, but like a blog header, will just move.
Hopefully it doesn’t, i in certain times would like to be known has, who the camera was point at, but thats 20 years down the track.
It won’t be in bios or bootloader(not sure they have updated the 1mb or A20) I’m more thinking a kernel call that programs can call on for the signature.

Cheers weather

Leave a comment

Blog moderation policy

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.