Security researcher criticizes NIST for stating the obvious in ransomware guidance
Summary
A security researcher (cR0w) on Infosec Exchange highlights an absurdly obvious and circular piece of advice found in a NIST publication (NIST.IR.8374r1): "Avoid having vulnerabilities in systems that ransomware could exploit." The post expresses frustration with the lack of practical, actionable guidance in official cybersecurity documentation, pointing out the redundancy of stating the obvious as if it were a helpful recommendation.
Source
bskySecurity researcher criticizes NIST for stating the obvious in ransomware guidanceinfosec.exchangeKey quotes
· 2 pulledHoly shit, y'all. I stopped reading at this point…
Avoid having vulnerabilities in systems that ransomware could exploit.
You might also wanna read
SmartAttack: Air-Gap Attack via Smartwatches
ZeroRISC Gets $10M Funding, Says Open-Source Silicon Security Inevitable
Secure Domain Name System (DNS) Deployment 2026 Guide [pdf]
Critical Misconfiguration in Microsoft's Internal Applications Exposes Sensitive Data
The article details a security researcher's discovery of a critical misconfiguration in Microsoft's internal applications, which allowed una
research.eye.security·10mo ago
Security Researcher Discovers Vulnerabilities in VSCode Extensions and Core Software
A security researcher details their discovery and disclosure of three vulnerabilities in VSCode extensions and one in VSCode itself (CVE-202
blog.trailofbits.com·4mo agoRansomware Is Growing Three Times Faster Than the Spending Meant to Stop It
Comments
Sign in to join the conversation.
No comments yet. Be the first.