Ransomware crews don't care about your endpoint security they killed it

https://www.theregister.com/2025/08/14/edr_killers_ransomware/

29•Bender•5mo ago

Comments

GTP•5mo ago

While it's still a good idea for companies to have an endpoint protection software on their employees' machines, they should also invest in educating them. Users are the first line of defense, and knowing what you're doing and being careful is the best antivirus. No software can change this.

alecco•5mo ago

I agree in a theoretical way. But in the real world corporations don't have skilled infosec/cyber people and they wouldn't even know how to find them [1]. So they end up with incompetent departments imposing ridiculous limitations for theater. And these worsen end user aversion to security. Younger generations care less and less about security and privacy. And the growing corporate disdain of employees (in particular to the ones who sacrificed to the company) make employees care even less. There were recent cases of employees selling corporate secrets for peanuts. And many gangs just reach out to employees being laid off to gain access. I know from second-hand this was the way it happened in one of the biggest ransomware scandals a couple of years ago.

I really don't know how to fix this situation. In fact, it seems to be deteriorating very fast.

[1] https://en.wikipedia.org/wiki/The_Market_for_Lemons#Conditio...

kube-system•5mo ago

Training can help to reduce failures, but it can never prevent failures, because even at the minimum, human err at scale is guaranteed.

If a monkey randomly types on a typewriter for an infinite amount of time, it will eventually produce any given text, including ̶t̶h̶e̶ ̶c̶o̶m̶p̶l̶e̶t̶e̶ ̶w̶o̶r̶k̶s̶ ̶o̶f̶ ̶S̶h̶a̶k̶e̶s̶p̶e̶a̶r̶e̶.̶ opening a ransomware attachment

GTP•5mo ago

> Training can help to reduce failures, but it can never prevent failures, because even at the minimum, human err at scale is guaranteed

Sure,and indeed the goal is to have better security, not prefect security. If you look for the perfect solution, you will never find it.

Bender•5mo ago

But in the real world corporations don't have skilled infosec/cyber people and they wouldn't even know how to find them

That was not my experience at the last employer. We had some incredibly talented security architects, engineers and developers. The issue we ran into was that some of the early hires were a bit over-zealous and created a layer of fear in management that the security teams would induce too much friction, some that was indeed needed. The result was the head of software development put a development manager in charge of the entire security org. Their standing order was to never say "no" and never get in the way. It's still a more secure company than most but it's a constant battle with management and leads to burnout and that is one of the many reasons myself and many others retired early. Most other reasons for me were unrelated to the company.

ris•5mo ago

> While it's still a good idea for companies to have an endpoint protection software on their employees' machines

Disagree

GTP•5mo ago

Elaborate. I can agree that spending big money on some fancy software may not add much than using Windows Defender, but as a company I would still have an AV active for when it comes the day that someone ends up opening a link in a phising email.

BrandoElFollito•5mo ago

Can you please elaborate as you certainly work in cybersecurity and have weighted the pluses and minuses of an EDR?

conception•5mo ago

Unfortunately, the number of users that engage mindfully with SAT is a very small percentage.

A better solution is to demand better from software companies. People deal with so much Microsoft ux/quality abuse on this planet like it’s how its supposed to be it’s astonishing. And quality elsewhere isn’t increasing, certainly.

pvtmert•5mo ago

Meanwhile endpoint security solutions themselves are creating a larger attack surface.

I guess world will essentially loop back into "thin-client" model as the connections are getting faster and lower latency than ever.

kube-system•5mo ago

> I guess world will essentially loop back into "thin-client" model as the connections are getting faster and lower latency than ever.

Things have been going this direction as long as "the cloud" has been a phrase.

Endpoint management is a pain for a lot of reasons other than ransomware, there's a lot that is solved in an enterprise by making your endpoints dumb and controlling your production environment centrally.

Ask HN: What are the word games do you play everyday?

Show HN: Paper Arena – A social trading feed where only AI agents can post

TOSTracker – The AI Training Asymmetry

The Devil Inside GitHub

Show HN: Distill – Migrate LLM agents from expensive to cheap models

Show HN: Sigma Runtime – Maintaining 100% Fact Integrity over 120 LLM Cycles

Make a local open-source AI chatbot with access to Fedora documentation

Introduce the Vouch/Denouncement Contribution Model by Mitchellh

Software Factories and the Agentic Moment

The Neuroscience Behind Nutrition for Developers and Founders

Bang bang he murdered math {the musical } (2024)

A Night Without the Nerds – Claude Opus 4.6, Field-Tested

Could ionospheric disturbances influence earthquakes?

SpaceX's next astronaut launch for NASA is officially on for Feb. 11 as FAA clea

Show HN: One-click AI employee with its own cloud desktop

Show HN: Poddley – Search podcasts by who's speaking

Same Surface, Different Weight

The Rise of Spec Driven Development

The first good Raspberry Pi Laptop

Seas to Rise Around the World – But Not in Greenland

Will Future Generations Think We're Gross?

State Department will delete Xitter posts from before Trump returned to office

Show HN: Verifiable server roundtrip demo for a decision interruption system

Impl Rust – Avro IDL Tool in Rust via Antlr

Stories from 25 Years of Software Development

minikeyvalue

Neomacs: GPU-accelerated Emacs with inline video, WebKit, and terminal via wgpu

Show HN: Moli P2P – An ephemeral, serverless image gallery (Rust and WebRTC)

How I grow my X presence?

What's the cost of the most expensive Super Bowl ad slot?

Ask HN: What are the word games do you play everyday?

Show HN: Paper Arena – A social trading feed where only AI agents can post

TOSTracker – The AI Training Asymmetry

The Devil Inside GitHub

Show HN: Distill – Migrate LLM agents from expensive to cheap models

Show HN: Sigma Runtime – Maintaining 100% Fact Integrity over 120 LLM Cycles

Make a local open-source AI chatbot with access to Fedora documentation

Introduce the Vouch/Denouncement Contribution Model by Mitchellh

Software Factories and the Agentic Moment

The Neuroscience Behind Nutrition for Developers and Founders

Bang bang he murdered math {the musical } (2024)

A Night Without the Nerds – Claude Opus 4.6, Field-Tested

Could ionospheric disturbances influence earthquakes?

SpaceX's next astronaut launch for NASA is officially on for Feb. 11 as FAA clea

Show HN: One-click AI employee with its own cloud desktop

Show HN: Poddley – Search podcasts by who's speaking

Same Surface, Different Weight

The Rise of Spec Driven Development

The first good Raspberry Pi Laptop

Seas to Rise Around the World – But Not in Greenland

Will Future Generations Think We're Gross?

State Department will delete Xitter posts from before Trump returned to office

Show HN: Verifiable server roundtrip demo for a decision interruption system

Impl Rust – Avro IDL Tool in Rust via Antlr

Stories from 25 Years of Software Development

minikeyvalue

Neomacs: GPU-accelerated Emacs with inline video, WebKit, and terminal via wgpu

Show HN: Moli P2P – An ephemeral, serverless image gallery (Rust and WebRTC)

How I grow my X presence?

What's the cost of the most expensive Super Bowl ad slot?

Ransomware crews don't care about your endpoint security they killed it

Comments