Or the UN allowing Saudi Arabia to lead the Woman’s Rights forum

I don’t think you need the slash s there. It’s confusing.

That seems a bit of a non-story given that its prefaced on “once the attacker has access to your work email”. Yes once they have that they can do very good spear phishing attacks using copilot, but they could easily do them without copilot too.

Right? I wish they’d respond like this when they themselves fuck up.

A third party vendor whose entire business model is predicated on the fact that security is such an afterthought at Microsoft that enterprise customers need to resort to this kind of crap for a bare minimum of security.

This is also MS’s fault because they never provided a proper API for security products like MacOS, so they end up having to run them all inside the kernel.

The reason for this omission was to give a competitive advantage to their own security products while also being cheaper.

This 3rd party software company fucked up

NO.

Clowntrike didn’t fuck up. They offered an externally-managed service that people allowed into their network because they didn’t really clue in how monumentally stupid this is. You’re blaming the gas station for blowing up your car or the leopards for eating your face. Customers who actually gave them money - the people who struggle with “that’s hot, so don’t touch it” - are a dime a dozen, and clowntrike was just taking advantage of the stupid. This has been the American way since snake oil salesmen during the gold rush.

We fucked up by not watching our stupider techbro friends better suited to a ward somewhere than a c-suite job. We should have been ridiculing them mercilessly so their shame would make them choose better.