You vs. “ALERT FATIGUE” – Preventing Dangerous or Fatal Drug Interactions!
Can you or your friends and family members avoid dangerous or fatal drug interactions? There are do-it-yourself drug interaction checkers.
Welcome to Friendica.Eskimo.Com
Home of Censorship Free Hosting
E-mail, Web Hosting, Linux Shell Accounts terminal or full remote desktops.
Sign Up For A Free Trial Here
Please tell your friends about federated social media site that speaks several fediverse protocols thus serving as a hub uniting them, hubzilla.eskimo.com, also check out friendica.eskimo.com, federated macroblogging social media site, mastodon.eskimo.com a federated microblogging site, and yacy.eskimo.com an uncensored federated search engine. All Free!
2025-06-24 22:21:39
2025-06-24 22:21:39
2025-06-24 22:21:29
19018535
2025-06-24 22:21:16
2025-06-24 22:21:15
2025-06-24 22:03:51
19018530
Patriotic Bible blesses Trump with $1.3 million in royalties
religionnews.com/2025/06/24/pa…
Patriotic Bible blesses Trump with $1.3 million in royalties
(RNS) — The leather-bound edition includes the King James Version, along with the Bill of Rights, the U.S. Constitution and lyrics to Lee Greenwood’s hit song.Bob Smietana (RNS)
2025-06-24 22:21:15
2025-06-24 22:21:15
2025-06-24 22:19:08
19018528
Kurginyan: GKChP was not consolidated eu.eot.su/2025/06/24/kurginyan…
Kurginyan: GKChP was not consolidated
Kurginyan: GKChP was not consolidated Rossa Primavera News from RussiaBill Oliver (Rossa Primavera International News)
2025-06-24 22:21:04
2025-06-24 22:21:02
2025-06-24 22:04:04
19018524
Full List of Democrats Who Voted to Block New Trump Impeachment Articles twp.ai/E69LB7
Donald Trump Impeachment: Full List of Democrats Who Voted to Block New Impeachment Articles
Nearly 130 House Democrats on Tuesday voted to table Representative Al Green's articles of impeachment against Trump.Andrew Stanton (Newsweek)
2025-06-25 01:09:14
2025-06-24 22:16:05
2025-06-24 22:15:54
19018492
I helped get this Maryland historical marker placed on the 50th anniversary of the Catonsville 9 action next door at the Knights ofColumbus / Draft Board building. After only a few years it's already leaning but since it's leaning left I won't complain.
This entry was edited (4 weeks ago)
2025-06-24 22:16:03
2025-06-24 22:16:03
2025-06-24 22:16:03
19018493
U.S. Attack on Iran Reaffirms the Need for A More Effective Global Anti-Imperialist Movement wpc-in.org/statements/us-attac…
2025-06-24 22:12:32
2025-06-24 22:12:32
2025-06-24 21:50:50
19018481
in reply to free
Declare gender-based violence an ‘epidemic,’ B.C. review urges
The review, conducted by lawyer Kim Stanton, makes numerous recommendations, including the appointment of an independent commissioner on gender-based violence.
From this RSS feed
Declare gender-based violence an ‘epidemic,’ B.C. review urges
The review, conducted by lawyer Kim Stanton, makes numerous recommendations, including the appointment of an independent commissioner on gender-based violence.Simon Little (Global News)
As long as there is no affordable/social housing, these rates will continue to go up and have no solution. People need to be able to leave
2025-06-24 22:12:27
2025-06-24 22:12:26
2025-06-24 17:01:03
19018476
in reply to francisscottkey
The Vigilant Fox 🦊
@VigilantFox
HOLY: RFK Jr. ignites Democrat firestorm—calls out Rep. Pallone for flipping on vaccines after $2M in Big Pharma cash contributions.
This is so epic. Wow.
During the HHS budget hearing, Secretary Robert F. Kennedy Jr. dropped a WARHEAD on Dem Rep. Frank Pallone, setting the room ablaze.
🔥 Secretary Kennedy: ⬇️
x.com/VigilantFox/status/19375…
When someone testifying makes a factual statement, how is it that the Chairman of the ocmmittee can have the person testifying retract that statement.
Imagine me saying so and so was caught red-handed attemptin to rape anoterh person and the chairperson instructing me to retract that factual statement.
2025-06-24 22:11:46
2025-06-24 22:11:46
2025-06-24 22:11:39
19018468
Seven Things to Know About ProPublica’s Investigation of the FDA’s Secret Gamble on Generic Drugs
ProPublica offers this succinct summary of its investigation on the FDA's secret gamble on poorly performing generic drug makers.
peoplespharmacy.com/articles/s…
Salt Matters: Hidden Perils of Antidepressants and Drug-Induced Hyponatremia
Dangerously low sodium levels can kill! Medications for hypertension, heartburn and depression can cause drug-induced hyponatremia. Beware!
2025-06-25 01:20:15
2025-06-24 22:10:47
2025-06-24 15:57:54
19018454
in reply to C Z Doval Santos
in reply to C Z Doval Santos
in reply to C Z Doval Santos
“ In a short, one-paragraph order, the Republican justices ruled on Monday evening that President Donald Trump may effectively nullify a federal law and an international treaty that is supposed to protect immigrants from torture .” vox.com/scotus/417583/supreme-…
The Supreme Court just stripped thousands of immigrants of their right to due process
The decision nullifies a treaty designed to protect immigrants from torture.Ian Millhiser (Vox)
The Extreme Court has sold its soul. It must be so difficult to be the dissenting members right now. I’d want to punch them in the throat.
2025-06-24 22:10:05
2025-06-24 22:10:04
2025-06-24 20:41:48
19018445
2025-06-24 22:10:02
2025-06-24 22:10:02
2025-06-24 22:09:04
19018443
The View From Tehran on the Newly Brokered U.S.-Israel-Iran "Ceasefire" dropsitenews.com/p/view-tehran…
The View From Tehran on the Newly Brokered U.S.-Israel-Iran "Ceasefire"
As of this moment, Iran, Israel, and the U.S.Jeremy Scahill (Drop Site News)
2025-06-24 22:09:48
2025-06-24 22:09:47
2025-06-24 20:42:28
19018439
2025-06-24 22:09:19
2025-06-24 22:09:19
2025-06-24 21:41:10
19018436
in reply to Oven_Operators_LU_88
😂
2025-06-24 22:09:11
2025-06-24 22:09:11
2025-06-24 20:36:02
19018430
in reply to francisscottkey
Bill Melugin
@BillMelugin_
EXCLUSIVE: Per federal sources, the vice mayor of Cudahy, a city in southeast LA County, is under FBI investigation after she allegedly posted a video to social media in which she appears to call for 18th Street & Florencia 13 gang members in LA to defend their territory from ICE, even urging gang leadership to “get your fucking members in order”. ⬇️
x.com/BillMelugin_/status/1937…
What part of "VICE" did you miss?
2025-06-25 18:11:06
2025-06-24 22:08:40
2025-06-24 20:09:01
19018425
in reply to ooli3
Russia Bleeds Past 1 Million Casualties—and Keeps Going, NATO Says
Russia Bleeds Past 1 Million Casualties—and Keeps Going, NATO Says
According to NATO, Russia has reached a casualty rate of over one million in its war against Ukraine, indicating a continued high tolerance for losses.Ivan Khomenko (UNITED24 Media)
2025-06-24 22:08:21
2025-06-24 22:08:21
2025-06-24 21:34:47
19018421
If you are worried
about how they’ll react
when you tell them
you’re uncomfortable going out
because the virus is surging,
just tell them
that it’s too damn hot to go out,
better to blame the thermometer
outside your home
than to need to put a thermometer
inside your mouth.
about how they’ll react
when you tell them
you’re uncomfortable going out
because the virus is surging,
just tell them
that it’s too damn hot to go out,
better to blame the thermometer
outside your home
than to need to put a thermometer
inside your mouth.
2025-06-24 22:06:07
2025-06-24 22:06:07
2025-06-24 22:06:07
19018398
Lenin: 559. TO THE EDITORS OF THE SWEDISH SOCIAL-DEMOKRATEN marxists.org/archive/lenin/wor…
2025-06-24 22:03:35
2025-06-24 22:03:32
2025-06-24 16:31:49
19018388
2025-06-24 22:02:47
2025-06-24 22:02:47
2025-06-24 22:00:57
19018378
Israel has been exposed as a dependent colony that relies on the West for its military adventures. And even still, it has failed to turn this advantage over Iran into strategic success. The Israel doctrine appears to be meeting its limits.
2025-06-24 22:00:43
2025-06-24 22:00:41
2025-06-24 21:38:57
19018353
It's no surprise that Stephen Miller owns a large stake in Palantir, but it's not just about getting rich - the Trump administration marks a coming together a Tech-Right authoritarians and neo-fascists who want ethnic-cleansing.
We mapped out these ideologies here: itsgoingdown.org/good-night-te…
Good Night, Tech-Right: Pull the Plug on AI Fascism
On January 20th, at a ceremony attended by both far-Right and neo-fascist leaders from around the globe and some of the richest tech billionaires in the world, including the heads of Apple, Google,...It's Going Down
2025-06-24 22:00:10
2025-06-24 22:00:10
2025-06-24 22:00:01
19018341
An idle mind is worth two in the bush.
2025-06-24 22:00:03
2025-06-24 22:00:03
2025-06-24 21:59:04
19018338
Greece: Thousands of people demonstrated on Monday June 23 in Athens and other cities of Greece against the escalation of the imperialist war and the participation of Greece in it. #WFTU wftucentral.org/greece-thousan…
2025-06-24 23:05:45
2025-06-24 21:56:24
2025-06-24 21:56:15
19018325
in reply to Cory Doctorow
2025-06-24 21:56:23
2025-06-24 21:56:23
2025-06-24 21:30:00
19018326
Looks like things got REALLY wet, big time
2025-06-24 21:56:06
2025-06-24 21:56:06
2025-06-24 21:56:06
19018323
Speech at a Conference of the Foremost Collective Farmers of Tajikistan and Turkmenistan marxistleninists.org/Stalin/ta…
2025-06-24 21:56:04
2025-06-24 21:56:02
2025-06-24 21:55:11
19018319
EV-Carrying Ship Sinks In Pacific Ocean After Catching Fire - An anonymous reader quotes a report from Transport Topics: A ship that caught fire... - tech.slashdot.org/story/25/06/… #transportation
EV-Carrying Ship Sinks In Pacific Ocean After Catching Fire - Slashdot
An anonymous reader quotes a report from Transport Topics: A ship that caught fire in the Pacific Ocean earlier this month has sunk. The vessel was abandoned in the middle of the pacific -- about 360 miles from land -- after a blaze.tech.slashdot.org
2025-06-24 21:55:56
2025-06-24 21:55:56
2025-06-24 20:43:59
19018309
in reply to Austin Kocher, PhD 🌎
NEW: "If ICE is holding 59,000 immigrants in civil detention across the country, it would be the highest number on record that I'm aware of," said Austin Kocher, a professor at Syracuse University who studies the U.S. immigration system.
cbsnews.com/news/ice-record-59…
ICE holding a record 59,000 immigrant detainees, nearly half with no criminal record, internal data show
U.S. Immigration and Customs Enforcement is holding around 59,000 detainees in facilities across the country, likely setting a record high, according to internal government data obtained by CBS News.Camilo Montoya-Galvez (CBS News)
Most of them are NOT criminals. It's just bullshit evil racist nazi fucking crap. GODDAMN TRUMP AND HIS KLEPTOCRACY OF KAKISTOCRATIC KREEPS.
2025-06-24 21:55:43
2025-06-24 21:55:43
2025-06-24 21:55:10
19018302
XBOW, an autonomous penetration tester, has reached the top spot on HackerOne
Link: xbow.com/blog/top-1-how-xbow-d…
Discussion: news.ycombinator.com/item?id=4…
XBOW – The road to Top 1: How XBOW did it
For the first time in bug bounty history, an autonomous penetration tester has reached the top spot on the US leaderboard.xbow.com
2025-06-24 21:50:17
2025-06-24 21:50:17
2025-06-24 21:49:05
19018277
A Manufactured Crisis: Myth Of Russian Threat To Europe odysee.com/myth-of-russian-thr…
A Manufactured Crisis: Myth Of Russian Threat To Europe
DEAR FRIENDS. IF YOU LIKE THIS TYPE OF CONTENT, SUPPORT SOUTHFRONT WORK :Odysee
2025-07-20 15:44:52
2025-06-24 21:47:48
2025-06-24 19:03:18
19018248
in reply to redj 18
in reply to redj 18
Édifice bien connu, le long du Canal Lachine
Réjean Leroux 2025
Photo du 29-07-2018 — #mywork, #myphoto, #photo, #photographie, #photography, #foto #amateur, #couleur, #gimp, #Montréal, #architecture
like this
messidor_, yvad, Indiefotog, Nudist Awareness, dieter_wilhelm, Damien Tron, Miguela and Kristian like this.
Pacomm reshared this.
Un monument du 20ème, toujours debout. Super. 🙂
Héritage de l'aire industriel... / Legacy of the industrial area...
2025-06-24 21:45:47
2025-06-24 21:45:47
2025-06-24 21:45:37
19018216
Non-sexual casual nudity.
Sensitive content
#nsfw #barelife #nude #naked #nudist #naturist #nudism #naturism #getnaked #staynaked #chillnaked #fkk #normalisenudity #nudistworld #naturistworld #casualnudity #normalstuffnaked #nudefreedom #nudistfreedom #bodyfreedom #nudistlifestyle #clothesfree #nakedactivities #nakedisnormal #normalisingnaturism #newd #nekked #nakey #nuditea
2025-06-25 12:51:02
2025-06-24 21:45:44
2025-06-24 21:45:36
19018213
in reply to FIAR Light
cw mh-
in reply to Violet Madder
The headline included "influencer" which I generally could care less about. Clicked anyway--and aw, shit. Too fucking soon. What a lovely human she was. Goddammit. There's SO many other people that SHOULD be dead. Not her.
the-independent.com/life-style…
Mikayla Raines death: Save a Fox YouTube star dies, aged 29
Wildlife rescuer has been remembered as a ‘superhero’ who saved hundreds of animalsEllie Muir (The Independent)
Sensitive content
Bullied to death??
Fucking hell.
2025-06-24 21:45:52
2025-06-24 21:44:52
2025-06-24 21:44:45
19018195
in reply to woodland creature
my gut feeling is without an assessment on site nobody can say for sure whether these facilities were destroyed or damaged and to what extent.
3x MOP bombs, with the ability to penetrate 18 meters of reinforced concrete, in close to the same location in succession, vs 90m of rock, dirt and some amount of reinforced concrete above the facility.
i think it depends a lot on the composition and stability of the rock above the facility and how reinforced the structure was, and how well timed the blasts were, the angle and some other variables.
you need someone on the ground to assess the extent of the damage, so i call BS on the CNN report and also on trump's claim that it was totally obliterated, until someone has proof one way or another.
if i had to guess i'd say the facilities suffered a good rattling that could damage sensitive machinery but probably didn't collapse.
2025-06-24 21:43:33
2025-06-24 21:43:33
2025-06-24 00:59:51
19018186
Emergency protest at the US Embassy... Many fine Speeches and a good sized crowd at such short notice...
Things were winding down and then these Palestinian sisters started up with the megaphones, drummers joined
in, it was rocking... They kept it going for about 20 mins I captured seven minutes before my battery cut out...
Palestinian Sisters-Intifada
Things were winding down and then these Palestinian sisters started up with the megaphones, drummers joined
in, it was rocking... They kept it going for about 20 mins I captured seven minutes before my battery cut out...
2025-06-29 16:04:18
2025-06-24 21:43:18
2025-06-24 18:51:15
19018182
Stop bombing Iran protest at the US Embassy last night... Check out the video of three Palestinian sisters...
#StopBombingIran
#Protest
#USEmbassy
#London
tube.nogafa.org/w/1uEuo9KcYUWf…
#StopBombingIran
#Protest
#USEmbassy
#London
tube.nogafa.org/w/1uEuo9KcYUWf…
like this
clarice overhere, Sunyata ☸ 👨🏻💻 ☮, thierry 3b2, dieter_wilhelm and hummingbird like this.
nowisthetime reshared this.
2025-06-25 04:50:03
2025-06-24 21:43:11
2025-06-24 21:43:10
19018184
Lyon abandonne Microsoft office pour renforcer sa « souveraineté numérique » - Next
La Ville de Lyon va progressivement remplacer la suite Microsoft par des logiciels bureautiques libres, dont « Only Office pour la bureautique, ainsi que Linux et PostgreSQL pour les systèmes et bases de données ».
next.ink/brief_article/lyon-ab…Lyon abandonne Microsoft office pour renforcer sa « souveraineté numérique » - Next
La Ville de Lyon va progressivement remplacer la suite Microsoft par des logiciels bureautiques libres, dont « Only Office pour la bureautique, ainsi que Linux et PostgreSQL pour les systèmes et bases de données ».Next
like this
redj 18, Anne, qlod and Laurent Espitallier like this.
2025-06-24 21:42:12
2025-06-24 21:42:12
2025-06-24 21:41:53
19018172
13th century knight
2025-06-24 21:41:57
2025-06-24 21:41:57
2025-06-24 21:41:50
19018169
the art of life is not to let the doors that have slammed shut
distract us from the doors that have just opened
2025-06-24 21:41:52
2025-06-24 21:41:51
2025-06-21 01:10:57
19018162
2025-06-24 21:40:46
2025-06-24 21:40:46
2025-06-24 21:40:09
19018150
telepolis.de/features/Lost-in-…
Lost in Translation: Will der Iran wirklich Israel auslöschen?
Iran und Israel verbindet eine tiefe Feindschaft. Doch stimmt das Narrativ der Vernichtungsdrohung? Eine Analyse zeigt: Übersetzungsfehler spielen eine wichtige Rolle.Luca Schäfer (heise online)
2025-06-26 19:38:59
2025-06-24 21:40:05
2025-06-24 20:42:00
19018145
Sensitive content
2025-06-24 21:39:56
2025-06-24 21:39:56
2025-06-24 21:39:04
19018143
U.S. Joins War On Iran odysee.com/us-joins-war-on-ira…
U.S. Joins War On Iran
DEAR FRIENDS. IF YOU LIKE THIS TYPE OF CONTENT, SUPPORT SOUTHFRONT WORK :Odysee
2025-06-24 21:39:17
2025-06-24 21:39:17
2025-06-24 15:10:40
19018129
2025-06-24 21:38:00
2025-06-24 21:37:58
2025-06-24 16:38:54
19018113
foxnews.com/opinion/gregg-jarr…
static-assets-1.truthsocial.co…
GREGG JARRETT: Trump's deployment of National Guard is justified despite knee-jerk judicial roadblock
We're in the middle of a legal power struggle between Trump and California Gov. Newsom as judge blocks deployment of National Guard troops sent to quell anti-ICE riots in Los Angeles.Gregg Jarrett (Fox News)
2025-06-24 21:37:32
2025-06-24 21:37:32
2025-06-24 18:38:18
19018106
2025-06-24 21:37:25
2025-06-24 21:37:25
2025-06-24 19:20:07
19018102
2025-06-24 21:36:56
2025-06-24 21:36:54
2025-06-24 20:36:27
19018095
Fight the Proscription of Palestine Action
crowdjustice.com/case/palestin…
Palestine Action has instructed lawyers who will fight against the Home Secretary's attempt to ban our movement.
Contribute to the legal fundraiser to help us stop the proscription.
Fight the Proscription of Palestine Action
A direct action network crowdfunding to fight proscriptionCrowdJustice
2025-06-24 21:36:08
2025-06-24 21:36:03
2025-06-24 20:51:13
19018086
in reply to Incal
maybe true but how else would we deal with such states except to try to keep the state the makes us happy?
2025-06-24 21:37:49
2025-06-24 21:34:04
2025-06-24 20:53:46
19018078
in reply to Madeline Foster
Kraft Heinz, General Mills to remove all artificial dyes from food products! Let's move forward to removing seed oils & high fructose corn syrup!
usatoday.com/story/money/food/… via @usatoday
usatoday.com/story/money/food/… via @usatoday
Kraft Heinz, General Mills to remove all artificial dyes from food products
Kraft Heinz and General Mills announced Tuesday that they plan to remove artificial dyes from their food products by the end of 2027.Mary Walrath-Holdridge (USA TODAY)
the heiress of the Heinz company married John Kerry the democrat bigwig
2025-06-24 21:33:48
2025-06-24 21:33:47
2025-06-24 19:35:56
19018076
2025-06-24 22:54:32
2025-06-24 21:30:32
2025-06-24 21:30:21
19018041
in reply to matthew - retroedge.tech
in reply to Sebastix
in reply to matthew - retroedge.tech
Blog post on the topic: Broken Fediverse
battlepenguin.com/tech/the-bro…
written by @djsumdog
Good summary of the situation. Also glad that he mentioned alternatives like Nostr
The Broken Fediverse
When Elon Musk originally bought Twitter, a number of people moved over to Mastodon. There were a lot of misunderstandings around how Mastodon works....battlepenguin.com
xianc78 reshared this.
🤙🏻 from the nostrverse
Do you have a npub / nostr profile as well?
Yes
npub1hrjtmuryqz82hxzpvv5ulrcxxgrw42afax8n7d9cnnz0zrrq44tqpv3ft3
I just found you on nostr and followed you there.
2025-06-24 21:30:30
2025-06-24 21:30:27
2024-10-04 18:29:56
19018038
UK activists punished for destroying Israeli weapons facilities, with Huda Ammori and Max Geller
youtu.be/odphRht6aok?si=hTY4G6…
#ElectronicIntifada #PalestineAction #HudaAmmori #MaxGeller #Palestine #DirectAction #activism
UK activists punished for destroying Israeli weapons facilities, with Huda Ammori and Max Geller
We speak to to returning guests Huda Ammori and Max Geller from Palestine Action.Actionists, as members of the direct action group call themselves, deliberat...YouTube
Gary Hill likes this.
2025-06-24 21:30:15
2025-06-24 21:30:15
2024-12-01 18:36:41
19018032
Actionists released after they shut down Shenstone's Israeli weapons factory — all in a day's work
Source: https://x.com/Pal_action/status/1862245804343230812
Gary Hill likes this.
2025-06-24 21:30:14
2025-06-24 21:30:14
2025-06-24 21:30:04
19018031
2025-06-24 21:30:10
2025-06-24 21:30:07
2024-12-02 23:19:25
19018027
Interview with Israeli dissidents taking action for Palestine
youtu.be/y3Ga4DiV7eM?si=u83-0r…
#PalestineAction #activism #Palestine
Interview with Israeli dissidents taking action for Palestine
To mark a year of genocide in Gaza, we publish this powerful interview with two Israeli dissidents who took part in a Palestine Action siege of the Elbit HQ....YouTube
Gary Hill likes this.
2025-06-24 21:30:04
2025-06-24 21:30:04
2025-06-24 21:29:54
19018023
2025-06-24 21:30:03
2025-06-24 21:30:03
2025-06-24 21:30:03
19018024
Toxic Masculinity: A Bourgeois Weapon Against the Working Class classconsciousnessproject.blog…
2025-06-24 21:29:57
2025-06-24 21:29:57
2025-06-24 21:29:03
19018020
Many People Visit Class Education House kcna.co.jp/item/2025/202506/ne…
2025-06-24 21:29:31
2025-06-24 21:29:31
2025-06-24 20:00:49
19018016
in reply to HighHorseStrong 🩸
Good point...
they are not really concerned about Iranian sleeper cells
it is just another fear bomb they throw into society to destabilize it, the communist pathway to power
2025-06-24 21:28:59
2025-06-24 21:28:54
2025-01-12 02:00:04
19018012
Palestine Action keeps winning
presstv.ir/Detail/2024/12/21/7…
#PalestineAction #activism #Palestine
Palestine Action keeps winning
In today’s show, we’ll be exploring how Palestine Action’s activities have struck another costly blow against the Israeli arms manufacturer, Elbit Systems.PressTV
Gary Hill likes this.
2025-06-24 21:28:44
2025-06-24 21:28:43
2025-03-20 23:01:30
19018010
BREAKING: Palestine Action Scotland destroyed the electricity supply to Leonardo's Edinburgh weapons factory, disrupting the production of laser targeting systems for Israel's F-35 fighter jets.
Source: Pal_action on x/twitter
Gary Hill likes this.
2025-06-24 21:28:35
2025-06-24 21:28:35
2025-04-03 21:25:22
19018008
After an action and subsequent correspondence, Hinks Haulage will refuse to take work from Israel's biggest weapons producer and Howmet Aerospace, suppliers of F-35 fighter jet parts.After their quick response to our campaign, they are now no longer a target.
--- Pal_action on x/twitter
Gary Hill likes this.
2025-06-24 21:28:15
2025-06-24 21:28:13
2025-06-15 11:58:01
19018004
Huda Ammori | Free Political Prisoners | 20 September 2024
youtu.be/mJLldwhc3A4?si=baZlwo…
Huda Ammori | Free Political Prisoners | 20 September 2024 | Defend Our Juries
Juries are a microcosm of democracy. Permitted to hear the evidence, they regularly acquit those who act to protect life. Oil and arms industry lobbyists are...YouTube
Gary Hill likes this.
2025-06-24 21:27:30
2025-06-24 21:27:28
2025-06-24 15:09:25
19017993
Just released a new #babashka version that is able to run clerk.vision/ from its main branch. Make notebooks from your babashka scripts! #clojure
Clerk: Moldable Live Programming for Clojure
Clerk takes a Clojure namespace and turns it into a notebook.clerk.vision
2025-07-17 13:08:30
2025-06-24 21:24:29
2025-05-05 16:10:45
19017932
An IT security guy at a place I once worked said the executives were the biggest security vulnerability the company had because they wanted what they wanted and didn't care much about security. I think that's what tool Maersk down a few years ago - some exec installed malware that spread to the entire network.
"they normally put big all caps bold red warning if the person is a VIP, eg C suite, so they get VIP service - ie anything goes."
2025-07-17 13:08:30
2025-06-24 21:24:17
2025-05-05 17:04:56
19017918
@GossiTheDog oh Well BC (Business Continuity) seems not to be on their priority list at all? That's Interesting...
2025-07-17 13:08:30
2025-06-24 21:24:11
2025-05-06 10:29:13
19017910
@GossiTheDog I wonder how that's working in villages where the co-op or its Post Office is the only source of cash
2025-06-24 21:23:19
2025-06-24 21:23:19
2025-06-24 21:19:55
19017854
in reply to Jimmy Johnson
Okay, why is every right winger allowed to criticize Israel all of a sudden?👈🏻
Star Of Remphan Or Seal Of Solomon?
Alex Jones Reveals The True Origin Of Modern Israel's So-Called Star Of David
Not sure. It certainly was not acceptable to criticize them a few years ago.
If I remember correctly, Alex Jones tip toed around the Israel issue for about a decade. I have seen earlier videos where he had criticisms.
2025-06-25 10:56:59
2025-06-24 21:22:22
2025-06-24 21:22:20
19017814
Mohammad Marandi on Western Propaganda
youtu.be/AzrFiLo4y6A?si=CsrSPq…
#MohammadMarandi #propaganda #WesternMedia #Iran
From Truth to Propaganda: Mohammad Marandi Accuses Democracy Now of Echoing U.S.-Israel Agenda
As tensions escalate between Israel and Iran, Iranian analyst Mohammad Marandi exposes how Western media — even so-called progressive outlets like Democracy ...YouTube
2025-06-24 21:19:54
2025-06-24 21:19:54
2025-06-24 21:19:47
19017707
San Francisco's Castro street, a place where "turn the other cheek" has a whole different meaning.
2025-06-24 21:19:51
2025-06-24 21:19:51
2025-06-24 21:19:02
19017703
Abdul-Salam praises great sacrifices made by Iran’s leadership in deterring “Israel” en.ypagency.net/360713
Abdul-Salam praises great sacrifices made by Iran's leadership in deterring "Israel"
SANAA, June 24 (YPA) - Head of the Sanaa negotiating delegation, Mohammed Abdul-Salam, praised the great stance and sacrifices made by Iran's leadership, people, and army during the 12-day war with the Israeli enemy.In a post on X, he emphasized thatاحسن (Yemen Press Agency)
2025-06-24 21:54:02
2025-06-24 21:18:34
2025-06-24 21:18:25
19017525
in reply to Electronic Frontier Foundation
in reply to Electronic Frontier Foundation
Tell companies to stop tracking you by installing Privacy Badger today! privacybadger.org/
Been using it for years. It's good.
2025-06-24 21:17:39
2025-06-24 21:17:36
2025-06-24 21:04:40
19017440
UPDATE: NARA has taken this down/rescinded, and stated that it had "many inaccuracies."
This is NOT GOOD. #archives "
Restricted-Access Federal Facility, Effective July 7, 2025
Effective July 7, 2025, the National Archives at College Park, MD, will become a restricted-access federal facility with access only for visitors with a legitimate business need. It will no longer be open to the general public." archives.gov/college-park
The National Archives at College Park, Maryland
We hold permanent records created by Federal agencies that include: Textual records from civilian agencies Army unit records dating from WW1 Navy unit records dating from WW2 Still pictures Electronic records Cartographic and architectural holdings …The National Archives at College Park, Maryland
This entry was edited (4 weeks ago)
2025-06-24 21:17:03
2025-06-24 21:17:03
2025-06-24 17:59:17
19017424
forbidden secrets of ancient X11 scaling technology revealed
People keep telling me that X11 doesn’t support DPI scaling, or fractional scaling, or multiple monitors, or something. There’s nothing you can do to make it work. I find this surprising. Why doesn’t it work? I figure the best way to find out is try the impossible and see how far we get.
I’m just going to draw a two inch circle on the screen. This screen, that screen, any screen, the circle should always be two inches. Perhaps not the most exciting task, but I figure it’s isomorphic to any other scaling challenge. Just imagine it’s the letter o or a button we wish to draw at a certain size.
I have gathered around me a few screens of different sizes and resolutions. My laptop screen, and then a bit to the right a desktop monitor, and then somewhere over that way a nice big TV. Specifically:
$ xrandr | grep \ connected
eDP connected primary 2880x1800+0+0 (normal left inverted right x axis y axis) 302mm x 189mm
DisplayPort-0 connected 2560x1440+2880+0 (normal left inverted right x axis y axis) 590mm x 334mm
DisplayPort-1 connected 3840x2160+5440+0 (normal left inverted right x axis y axis) 1600mm x 900mmI think I just spoiled the ending, but here we go anyway.
I’m going to draw the circle with OpenGL, using a simple shader and OBT. There’s a bunch of not very exciting code to create a window and a GLX context, but eventually we’re going to be looking at the shader. This may not be the best way to draw a circle, but it’s my way. For reference, the full code is in circle.c.
<span class=tp>void</span> main<span class=st>(</span><span class=st>)</span>
<span class=st>{</span>
float thick <span class=op>=</span> radius <span class=op>/</span> <span class=nm>10</span>;
<span class=kw>if</span> <span class=kw>(</span>abs<span class=cm>(</span>center<span class=op>.</span>y <span class=op>-</span> gl_FragCoord<span class=op>.</span>y<span class=cm>)</span> <span class=op><</span> thick<span class=op>/</span><span class=nm>2</span><span class=kw>)</span>
thick <span class=op>=</span> <span class=nm>2</span>;
float pi <span class=op>=</span> <span class=nm>3</span><span class=op>.</span><span class=nm>14159</span>;
float d <span class=op>=</span> distance<span class=kw>(</span>gl_FragCoord<span class=op>.</span>xy<span class=op>,</span> center<span class=kw>)</span>;
float angle <span class=op>=</span> atan<span class=kw>(</span>gl_FragCoord<span class=op>.</span>y <span class=op>-</span> center<span class=op>.</span>y<span class=op>,</span> gl_FragCoord<span class=op>.</span>x <span class=op>-</span> center<span class=op>.</span>x<span class=kw>)</span>;
angle <span class=op>/=</span> <span class=nm>2</span> <span class=op>*</span> pi;
angle <span class=op>+=</span> <span class=nm>0</span><span class=op>.</span><span class=nm>5</span>;
angle <span class=op>+=</span> <span class=nm>0</span><span class=op>.</span><span class=nm>25</span>;
<span class=kw>if</span> <span class=kw>(</span>angle <span class=op>></span> <span class=nm>1</span><span class=op>.</span><span class=nm>0</span><span class=kw>)</span> angle <span class=op>-=</span> <span class=nm>1</span><span class=op>.</span><span class=nm>0</span>;
float amt <span class=op>=</span> <span class=kw>(</span>thick <span class=op>-</span> abs<span class=cm>(</span>d <span class=op>-</span> radius<span class=cm>)</span><span class=kw>)</span> <span class=op>/</span> thick;
<span class=kw>if</span> <span class=kw>(</span>d <span class=op><</span> radius <span class=op>+</span> thick && d <span class=op>></span> radius <span class=op>-</span> thick<span class=kw>)</span>
fragment <span class=op>=</span> vec4<span class=kw>(</span>rgb<span class=cm>(</span>angle<span class=cm>)</span><span class=op>*</span>amt<span class=op>,</span> <span class=nm>1</span><span class=op>.</span><span class=nm>0</span><span class=kw>)</span>;
<span class=kw>else</span>
discard;
<span class=st>}</span>I got a little carried away and made a pretty color wheel instead of a flat circle.
The key variable is radius which tells us how many pixels from the center the circle should be. But where does the shader get this from?
glUniform1f(0, radius);Okay, but seriously. We listen for configure events. This is the X server telling us our window has been moved or resized. Something has changed, so we should figure out where we are and adjust accordingly.
<span class=kw>case</span> ConfigureNotify<span class=op>:</span>
<span class=st>{</span>
XConfigureEvent <span class=op>*</span>xev <span class=op>=</span> <span class=kw>(</span><span class=tp>void</span> <span class=op>*</span><span class=kw>)</span>&ev;
<span class=tp>int</span> x <span class=op>=</span> xev<span class=op>-></span>x;
<span class=kw>for</span> <span class=kw>(</span><span class=tp>int</span> i <span class=op>=</span> <span class=nm>0</span>; i <span class=op><</span> <span class=nm>16</span>; i<span class=op>++</span><span class=kw>)</span> <span class=kw>{</span>
<span class=kw>if</span> <span class=cm>(</span>x <span class=op>>=</span> screen_x<span class=bi>[</span>i<span class=bi>]</span> && x <span class=op>-</span> screen_x<span class=bi>[</span>i<span class=bi>]</span> <span class=op><</span> screen_w<span class=bi>[</span>i<span class=bi>]</span><span class=cm>)</span> <span class=cm>{</span>
float r <span class=op>=</span> screen_w<span class=bi>[</span>i<span class=bi>]</span> <span class=op>/</span> screen_mm<span class=bi>[</span>i<span class=bi>]</span> <span class=op>*</span> <span class=nm>25</span><span class=op>.</span><span class=nm>4</span>;
<span class=kw>if</span> <span class=bi>(</span>r <span class=op>!=</span> radius<span class=bi>)</span> <span class=bi>{</span>
radius <span class=op>=</span> r;
<span class=bi>}</span>
<span class=kw>break</span>;
<span class=cm>}</span>
<span class=kw>}</span>
width <span class=op>=</span> xev<span class=op>-></span>width;
height <span class=op>=</span> xev<span class=op>-></span>height;
<span class=st>}</span>Getting closer. The numbers we need come from the X server.
XRRScreenResources <span class=op>*</span>res <span class=op>=</span> XRRGetScreenResourcesCurrent<span class=st>(</span>disp<span class=op>,</span> root<span class=st>)</span>;
float screen_mm<span class=st>[</span><span class=nm>16</span><span class=st>]</span> <span class=op>=</span> <span class=st>{</span> <span class=nm>0</span> <span class=st>}</span>;
float screen_w<span class=st>[</span><span class=nm>16</span><span class=st>]</span> <span class=op>=</span> <span class=st>{</span> <span class=nm>0</span> <span class=st>}</span>;
float screen_x<span class=st>[</span><span class=nm>16</span><span class=st>]</span> <span class=op>=</span> <span class=st>{</span> <span class=nm>0</span> <span class=st>}</span>;
<span class=tp>int</span> j <span class=op>=</span> <span class=nm>0</span>;
<span class=kw>for</span> <span class=st>(</span><span class=tp>int</span> i <span class=op>=</span> <span class=nm>0</span>; i <span class=op><</span> res<span class=op>-></span>noutput; i<span class=op>++</span><span class=st>)</span> <span class=st>{</span>
XRROutputInfo <span class=op>*</span>info <span class=op>=</span> XRRGetOutputInfo<span class=kw>(</span>disp<span class=op>,</span> res<span class=op>,</span> res<span class=op>-></span>outputs<span class=cm>[</span>i<span class=cm>]</span><span class=kw>)</span>;
screen_mm<span class=kw>[</span>j<span class=op>++</span><span class=kw>]</span> <span class=op>=</span> info<span class=op>-></span>mm_width;
<span class=st>}</span>
j <span class=op>=</span> <span class=nm>0</span>;
<span class=kw>for</span> <span class=st>(</span><span class=tp>int</span> i <span class=op>=</span> <span class=nm>0</span>; i <span class=op><</span> res<span class=op>-></span>ncrtc; i<span class=op>++</span><span class=st>)</span> <span class=st>{</span>
XRRCrtcInfo <span class=op>*</span>info <span class=op>=</span> XRRGetCrtcInfo<span class=kw>(</span>disp<span class=op>,</span> res<span class=op>,</span> res<span class=op>-></span>crtcs<span class=cm>[</span>i<span class=cm>]</span><span class=kw>)</span>;
screen_w<span class=kw>[</span>j<span class=kw>]</span> <span class=op>=</span> info<span class=op>-></span>width;
screen_x<span class=kw>[</span>j<span class=op>++</span><span class=kw>]</span> <span class=op>=</span> info<span class=op>-></span>x;
<span class=st>}</span>It’s somewhat annoying that physical width and virtual width are in different structures, and we have to put the puzzle back together, but there it is.
Some more code to handle expose events, the draw loop, etc., and that’s it. A beautiful circle sized just right. Drag it over onto the next monitor, and it changes size. Or rather, it maintains its size. Send it over to the next monitor, and same as before.
Time for the visual proof. A nice pretty circle on my laptop. Another circle on my monitor. And despite the 4K resolution, a somewhat pixely circle on my TV. Turns out the hardest part of this adventure was trying to hold an uncooperative tape measure in place with one hand while trying to get a decent, or not, photo with the other.
We were so close to perfection. Somebody at the factory screwed up, and my TV is actually 66.5” wide, not the claimed 63 inches. So if we learn anything today, it’s that you shouldn’t use a consumer LG TV for accurately measuring the scale of structural engineering diagrams, at least not without further calibration.
The good news is we’ve done the impossible. Even better, I didn’t mention that I wasn’t actually running this program on my laptop. It was running on my router in another room, but everything worked as if by MIT-MAGIC-COOKIE-1. Alas, we are still no closer to understanding why people say this is impossible.
Anyway, I think the point is we should probably ignore the people who can’t do something when they tell us we can’t do it either. I woke up this morning not knowing precisely how to draw a scaled circle, having never done so before, but armed with a vague sense that surely it must be possible, because come on of course it is, I got it working. And now look at me, driven insane by the relentless stare of three unblinking eyes.
With my new knowledge, I also wrote an onscreen ruler using the shape extension. Somewhat tautological for measuring the two inch circle, but in the event anyone asks, I can now tell them my terminal line height is 1/8”, and yes, I measured.
2025-06-24 21:16:49
2025-06-24 21:16:49
2025-06-24 21:15:08
19017420
Forbidden secrets of ancient X11 scaling technology revealed
Link: flak.tedunangst.com/post/forbi…
Discussion: news.ycombinator.com/item?id=4…
2025-07-17 13:08:30
2025-06-24 21:15:05
2025-05-02 16:56:56
18045817
in reply to Kevin Beaumont
Unknown parent
Unknown parent
Unknown parent
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Flippin' 'eck, Tucker!
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
in reply to Kevin Beaumont
Unknown parent
Unknown parent
DragonForce Ransomware Cartel are claiming credit for attacks on Marks and Spencer, Co-op and Harrods and say more victim orgs are coming bloomberg.com/news/articles/20…
M&S Cyber Attack: ‘DragonForce’ Hacking Gang Takes Credit for UK Retail Attacks
The UK supermarket chain Co-op said hackers were able to access and extract customer data from one of its systems during a recent cyberattack.Ryan Gallagher (Bloomberg)
This entry was edited (2 months ago)
The gang has a "spokesperson"? Do they hold press conferences too?
@se I wonder... maybe the Palo Alto Global Protect firewalls are somehow related to the breach perhaps? That particular software product has had some well documented (CVE) vulnerabilities in the past year related to VPN, plus there's been some pretty serious PAN-OS RCE issues too. Hope everything was patched!
I'm going to make this the new ongoing megathread for DragonForce Ransomware Cartel's attack on UK retailers as they're all connected.
Why it matters: these are some of the UK's largest retailers, think Target or some such in a US sense.
Prior threads
M&S: cyberplace.social/@GossiTheDog…
Co-op: cyberplace.social/@GossiTheDog…
Harrods:
cyberplace.social/@GossiTheDog…
Kevin Beaumont (@GossiTheDog@cyberplace.social)
Attached: 1 image Co-op Group have shut down some systems due to a cyber incident, however retail stores are still trading uninterrupted (which is core to their business).Cyberplace
The individuals operating under the DragonForce banner are using social engineering for entry.
Defenders should urgently make sure they have read the CISA briefs on Scattered Spider and LAPSUS$ as it's a repeat of the 2022-2023 activity.
Links: cisa.gov/sites/default/files/2…
cisa.gov/sites/default/files/2…
I would also suggest these NCSC guides on incident management: ncsc.gov.uk/collection/inciden…
and effective cyber crisis comms: ncsc.gov.uk/guidance/effective…
This entry was edited (2 months ago)
Is DragonForce and Scattered Spider the same thing?
Co-op Group have now admitted a significant amount of member (customer) information has been stolen by DragonForce Ransomware Cartel, saying they "accessed data relating to a significant number of our current and past members" - around 20 million people. The Membership database, basically. That includes home addresses and phone numbers etc.
Up until now Co-op hadn't even used the words cyber or threat actor, referring to an "IT issue" and "third party" in comms.
bbc.co.uk/news/articles/crkx3v…
Co-op DragonForce cyber attack includes customer data, firm admits
The firm previously said there was "no evidence that customer data was compromised".Joe Tidy (BBC News)
This entry was edited (2 months ago)
for someone who is unfamiliar with the UK retail market, do you happen to know if Co-op is at all related to the Swedish company Coop that suffered from a major ransomware attack a couple of years ago?
bbc.com/news/technology-577075…
Swedish Coop supermarkets shut due to US ransomware cyber-attack
Some 500 stores are forced to close due to the ripple effects of a major cyber attack in the US.Joe Tidy (BBC News)
New by me - breaking down the attacks on UK highstreet retailers
doublepulsar.com/dragonforce-r…
DragonForce Ransomware Cartel attacks on UK high street retailers: walking in the front door
The individuals operating under the DragonForce banner and attacking UK high street retailers are using social engineering for entry. I think it’s in the public interest to break down what is…Kevin Beaumont (DoublePulsar)
"Advanced Persistant Toerags", as Ian Levy would put it. Basics don't sell boxes, and when the narrative is controlled by the box-sellers, the basics get neglected.
Was reading your "Actions for Defenders", pt #1 - what are some good suggestions for IT/helpdesk to vet the legitimacy of an "employee" - when was the last time you called the helpdesk? who is your boss's boss? how many times have you worked from home/used VPN in the past month? like what else would be a surefire thing that ONLY a legit employee would know... that the helpdesk could look up that an intruder wouldn't be able to?
Regarding IOCs around the UK retailer activity - there’s loads doing the rounds, and they’re almost all not useful.
Eg hundreds of dynamic VPN IPs from 2022. If you google them you’ll find them on vendor blogs from years ago for Scattered Spider - people are recycling in panic and passing around in panic.
Don’t hunt on random IOCs. IP addresses change. Strengthen foundational controls. Review sign in logs for abnormal activity etc.
[Googling "should I be concerned when one of my service accounts starts logging in from a public IP somewhere in Russia/Eastern Europe?"]
Orgs need to review their password reset process, share awareness to individuals who conduct password reset requests (IT helpdesk).
No IOC will help you identify social engineering activity.
They're not Red and Dembe. They're Elizabeth Keen.
...that is a surprising amount of technical detail for a news report, I like 
UK cyber security at private firms tends to be very poor on average but social engineering remains the hacker's most effective tool.
Slack and Teams access in particular seems like a large attack vector. I believe the Twitter hack a few years back - when it was Twitter - was facillitated by superuser creds being pinned to a slack channel.
One of M&S’ biggest suppliers have said they have reverted to pen and paper for orders due to M&S lacking IT.
Additionally, M&S staff are raising concern about how they will be paid due to lack of IT systems.
M&S are over a week into a ransomware incident and still don’t have their online store working.
bbc.com/news/articles/cvgnyplv…
M&S supplier back to pen and paper after cyber attack
What's going on behind the scenes in the aftermath of the cyber attack on M&S.Emma Simpson (BBC News)
Rebuilding business is prioritised by importance. If the online shop is a small side hustle compared to the brick&mortar ones (or is much slower), then it’s lower priority.
Communicating the current status and expected progress is better, builds trust.
Wages usually are handled as lump payment, i.e. the same sum as last mont - and corrected later when the HR systems are back online.
The incidence response team should cover IT forensics, BCM and communication.
Mr. Rumbold is sure going to be busy…
When I was in an M&S yesterday they had card payment working fine but they were having obvious fresh stock problems. While M&S online shopping is probably large for them, they also have a deal with Ocado to do M&S food deliveries, so I suspect that might still be partially going.
By the way, this is absolutely terrible advice for dealing with a major and high visibility ransomware incident.
"PR advisor" sounds like the *absolute last* person you should take advice from on any matters regarding infosec TBH
are they talking about Oracle? 😂
You'd think Dido Harding would know better by now...
He should fire that PR advisor for not doing a proper job.
“a former chief executive at another firm and had to deal with a data breach” is an awkward way to say “overpaid jackass who was fired for his handling of a data breach”
the PR advisor probably believes they were told everything.
There's a report on ITV News that Co-op member data is available on the Dark Web(tm), but as far as I know this isn't accurate. DragonForce's portal hasn't been available for over a week.
Here's the ITV News report anyhoo, logline: "ITV News understands the the ongoing cyberattack faced by the supermarket has worsened since Friday, impacting the ordering system, drivers and warehouse staff."
I'm not sure people realise that "members" are mutual owners, but "customers" are anyone using co-op services, whether members or not. Not sure which are in the data breach - perhaps both? I think the members' db is probably separate.
Sunday Times has a piece looking into ransomware incident at Marks and Spencer. It's pretty good, goes into their contain and eradicate focus.
"By shutting down parts of the IT estate, Higham’s team had worked to prevent the attack from spreading, but had also stopped parts of its digital operations from functioning. This was considered a worthy trade-off."
One error in the article - lack of recovery doesn't mean no ransomware paid. Paying is not quick restoration.
thetimes.com/business-money/co…
Icare4America reshared this.
A wrote a piece about paying ransoms does not equal quick restoration - in fact, quite often it makes things worse. doublepulsar.com/big-game-rans…
Big Game Ransomware: the myths experts tell board members
There’s a piece in The Sunday Times today about the DragonForce ransomware incident at Marks and Spencer which caught my eye. It’s a great piece, e.g. it looks at M&S containing the threat to…Kevin Beaumont (DoublePulsar)
Great NCSC piece by @ollie_whitehouse
I’d add - block by Entra policy specifically High risk logins (below is too FP prone), and SOC monitor them. SOC playbook = account probably compromised. How?
Sky News quote a source in M&S head office saying Marks and Spencer have no ransomware incident plan so they are making it up as they go along apparently, with staff sleeping in the office and communicating via WhatsApp.
M&S dispute this, saying they have robust business continuity plans.
news.sky.com/story/amp/mands-h…
M&S 'had no plan' for cyber attacks, insider claims, with 'staff left sleeping in the office amid paranoia and chaos'
A source describes chaotic scenes - as hackers continue to hold the High Street company to ransom.Tom Cheshire (Sky News)
BBC News has a look at teenagers phoning helpdesks and pretending to be the CISO. bbc.com/news/articles/c4grn878…
Beware phony IT calls after Co-op and M&S hacks, says UK cyber centre
The NCSC urges firms to check IT help desk "password reset processes" as hackers target retailers.Joe Tidy (BBC News)
One of the points of exploitation of large orgs is they usually outsource their Service Desk to somewhere cheap offshore who don’t know the org staff, and when you call and say your name, they normally put big all caps bold red warning if the person is a VIP, eg C suite, so they get VIP service - ie anything goes.
Co-op Group appear to be trying to course correct with their cyber incident comms.
They’re calling it a cyber incident now, and have put a statement on the front page of their website, along with an FAQ. They haven’t yet emailed members (they should). Edit: they’ve started emailing members.
This entry was edited (2 months ago)
It sounds like the situation at Co-op has got worse. They’ve stopped taking card payments in some stores, it’s cash only. telegraph.co.uk/business/2025/…
Co-op shops stop taking card payments amid cyber attack
Stores display handmade signs to warn customers they can only pay in cash after hackers hit retailerDaniel Woolfson (The Telegraph)
This entry was edited (2 months ago)
People are also taking to social media to post pictures of apparently emptying store shelves.
The Co-op website claims it is down to "technical issues".
Contactless payment has been fixed at all Co-op Group stores.
One thing for media covering the Co-op thing - attackers are not impersonating IT help desks to gain access. They’re impersonating *staff* calling in to the IT help desks - they’re different things.
Co-op Group are redirecting supplies from their urban stores to remote and island locations due to stock shortages.
The article mentions their EDI platform is suffering “technical issues”. retailgazette.co.uk/blog/2025/…
Co-op reroutes stock to rural stores amid cyber attack disruptions - Retail Gazette
The Co-op is redirecting food and drink supplies to stores in rural and remote areas in a bid to protect isolated communities from shortages following a serious cyber attack.Georgia Wright (Retail Gazette)
I just did a Shodan Safari on Co-op - basically all their Windows and Linux systems in their core DCs at network boundary are down, it's not just EDI. It's been like that for just under a week, prior to that things were still online.
I feel really bad for them as it's a great org. Also their CEO is basically the only one who stood up like this for trans people.
telegraph.co.uk/business/2025/…
Co-op boss vows to ‘protect trans people to the end’
Interview: Shirine Khoury-Haq says non-binary people bring a ‘massive business benefit’Hannah Boland (The Telegraph)
If you're wondering about Marks and Spencer - I just did a Shodan Safari of their network boundary, Palo-Alto GlobalProtect VPN remote access access is still offline, 15 days later.
Online orders are still not working, and the store stock checker is disabled now.
Co-op have paused all non-essential products in stores retailgazette.co.uk/blog/2025/…
Co-op pauses deliveries of non-essential items amid cyber attack - Retail Gazette
Co-op has paused its orders of non-essential products amid the fallout from its cyber attack.Eloise Hill (Retail Gazette)
Every detail in this article is wrong. The M&S incident had nothing to do with hybrid working.
Marks and Spencer’s online shopping is still offline 3 weeks later. It is thought they have lost around £63m so far, excluding IR, BCP and ransom payment costs. drapersonline.com/news/ms-onli…
M&S online shopping outage enters third week
Marks & Spencer enters the third week of its ecommerce platform suspension today (9 May), as the retailer continues to battle a cyber-attack.Sabina Weston (Drapers)
This entry was edited (2 months ago)
M&S had a significant amount of data stolen btw, but they’ve opted not to tell customers or staff.
The Grocer reports 4 regional Co-ops, who aren’t part of Co-op Group, are suffering stock shortages as they are supplied by Co-op Group.
They expect customers to start to see availability issues on shelves in the coming days.
thegrocer.co.uk/news/co-op-soc…
Co-op societies hit by availability issues amid cyberattack
Midcounties Co-op, Heart of England Co-op and Lincolnshire Co-op have all confirmed disruption to the supply of food to storesAlice Leader (The Grocer)
This entry was edited (2 months ago)
For orgs looking for defence tips for the attacks on UK retailers, this blog from 2022 about the UK teenagers in LAPSUS$ has relevance.
As a plot twist - not documented anywhere online, but LAPSUS$ first attacks in 2021 were against UK high street retailers.
microsoft.com/en-us/security/b…
DEV-0537 criminal actor targeting organizations for data exfiltration and destruction | Microsoft Security Blog
The activity we have observed has been attributed to a threat group that Microsoft tracks as DEV-0537, also known as LAPSUS$. DEV-0537 is known for using a pure extortion and destruction model without deploying ransomware payloads.Microsoft Threat Intelligence (Microsoft Security Blog)
For anybody wondering what 'dial into the incident response bridge' means, it means they'll literally Teams call into cyber IR bridges as themselves and just extort you to your face. They'll also call CISOs etc. Bad Times at the El Royale.
Marks & Spencer bureau de change staff are being forced to use pen and paper to serve customers as a result of the cyber attack on the retailer and cannot accept card payment. thisismoney.co.uk/money/market…
Hack rocks Marks & Spencer bureau de change
M&S bureau de change staff are being forced to use pen and paper to serve customers. The travel money desks are also unable to accept card payments in some cases.John-Paul Ford Rojas (This Is Money)
Co-op Group have provided some more detail about what it’s doing about remote lifeline stores (ones where they’re the main/only retailer on an island):
“From Monday, 12 of the most remote lifeline stores will receive treble the volume of available product, and another 20 lifeline stores will get double the volume.” bbc.com/news/articles/c071e7x8…
Co-op cyber attack: Islanders facing empty shelves say 'get the people fed'
The picturesque island of Islay in the Western Isles is dealing with the real world impacts of the major supermarket hack.Paul Ward and Lorna Gordon (BBC News)
DragonForce Ransomware Cartel’s portal is back online after a multi week outage. No sign of M&S or Co-op’s data.
All M&S recruitment is still stopped, 19 days in. jobs.marksandspencer.com/
Home
Explore exciting job opportunities at M&S across various sectors: In-Store, Digital & Tech, Clothing, Food, Support, and Logistics. Be part of Britain's best-loved brand, championing sustainability, inclusion, and innovation.jobs.marksandspencer.com
I think Co-op may have stopped recruitment too, they’re a big employer so usually have hundreds of open positions - currently they have 17, and most close today and the rest in a few days.
The Record quotes a Co-op worker as saying they are operating at well below 20% of their normal capacity in depots. therecord.media/co-op-cyberatt…
Fears 'hackers still in the system' leave Co-op shelves running empty across UK
U.K. retailer the Co-op is still having trouble with keeping grocery shelves stocked as it continues to respond to an attempted cyberattack that forced it to shut down some systems two weeks ago.Alexander Martin (The Record)
Allianz supplies Marks and Spencer's cyber insurance, and will apparently suffer a full tower loss (i.e. it's going to be expensive) insuranceinsider.com/article/2…
Allianz leads cyber cover for M&S ransomware attack
The Willis-brokered coverage also includes the Willis CyXS facility.Abbie Day (Insurance Insider)
People in Machynlleth are apparently turning up at local farms in search of food due to lack of produce at Co-op cambrian-news.co.uk/news/cyber…
Co-op stores in Sheffield, Badenoch, Dunfermline and many other places are apparently running out of produce - it's not possible to keep up with the local media reports but they're basically bored reporters get sent out to photograph half empty fridges.
This ITV News report linking the Co-op and M&S breaches to SIM swapping is not accurate, no source given. itv.com/news/2025-05-12/sim-sw…
They also have a report today saying Co-op stores are restocked, which is also not accurate - that one is sourced from Co-op, but obviously doesn’t stack up to looking in Co-op stores.
If anybody is wondering, all of Marks and Spencer's Palo-Alto GlobalProtect VPN boxes are still offline, 3 weeks later. Pretty good containment method to keep attackers out.
Co-op's VDE environment is still down, too.
cyberplace.social/@GossiTheDog…
Kevin Beaumont (@GossiTheDog@cyberplace.social)
Attached: 1 image M&S use Palo-Alto GlobalProtect for VPN, they took all the endpoints offline days ago (usually first stage containment for ransomware/extortion groups).Cyberplace
M&S confirm my toot from 3 days ago that a significant amount of customer and staff data was stolen. They’ve known for weeks but opted not to tell anybody. bbc.com/news/articles/c62v34zv…
M&S says personal customer data stolen in recent cyber attack
The retail giant is still not taking online orders following a cyber attack three weeks ago.Michael Race & Joe Tidy (BBC News)
Re the Co-op Group breach, Co-op say home addresses of customers were exfiltrated (it was the membership database). This one dates back to my May 2nd toot upthread re home addresses - at the time, they didn't specify home addresses.
This entry was edited (2 months ago)
Co-op Group have 5 open jobs left, with nothing posted for 11 days.
Co-op's AGM is this weekend, and M&S yearly results and investor contact are next week.
Gonna be awkward for different reasons, e.g. Co-op is member (customer) owned, so the people's data Co-op had stolen are effectively the shareholders and are invited.
The Channel Islands Coop, which is different to Co-op Group, has been able to restock shelves by moving away from Co-op Group for supply distribution and moving to local suppliers. bbc.co.uk/news/articles/c3d4xv…
CI Coop secures local supplies amid stock shortages
Bosses expect "steady improvements each day", after a cyber attack leads to empty shop shelves.Caitlin Klein (BBC News)
The Grocer reports Nisa and Costcutter are running out of fruit & veg, fresh meat and poultry, dairy products, chilled ready meals, snacks and desserts.
Nisa and Costcutter are supplied by Co-op Wholesale, which is dependent on Co-op Group.
“It’s really poor. I feel bad for them but what makes it worse is their hush-hush mentality about it. There’s no proper level of communication and we get random updates.”
Co-op Wholesale claim there are no problems. thegrocer.co.uk/news/nisa-and-…
Nisa and Costcutter hit by Co-op cyberattack stock shortages
In communications sent to retailers, the symbol groups listed products that were either ‘temporarily unavailable’ or ‘out of stock’ as a result of supplier issuesAlice Leader (The Grocer)
A look at supplies in stores today, after Co-op told ITV yesterday that stores were restocked 😅
Co-op Group have told their suppliers that "systemic-based orders will resume for ambient, fresh, and frozen products commencing Wednesday 14 May". They say forecasting system will still be impacted.
thegrocer.co.uk/news/co-op-to-…
Co-op to get systems back on track after cyberattack
As the Co-op turns orders back online, it has warned suppliers that it is unable to provide ‘accurate product forecasting ahead of Wednesday’s orders’Alice Leader (The Grocer)
Harrods say they are not asking customers to do anything differently at this point.
Financial Times report Marks and Spencer expect to claim £100m on their cyber insurance, the maximum allowed, suggesting losses probably more. ft.com/content/723b6195-1ce7-4…
M&S cyber insurance payout to be worth up to £100mn
UK retailer to file big claim as it admits for first time that some customer data was stolen in recent hackLaura Onita (Financial Times)
Co-op Group say they have exited containment and begun recovery phase theguardian.com/business/2025/…
Marks and Spencer are still in containment
If you want figures for your board to set expectations in big game ransomware incidents, Co-op containment just over 2 weeks, M&S just over 3 weeks so far - recovery comes after.
In terms of external assistance, Co-op have Microsoft Incident Response (DART), KPMG and crisis comms. M&S have CrowdStrike, Microsoft, Fenix and crisis comms.
Co-op cyber-attack: stock availability in stores ‘will not improve until weekend’
Group in ‘recovery phase’ and working closely with suppliers after customers complain of empty shelvesSarah Butler (The Guardian)
This entry was edited (2 months ago)
The threat actor at Co-op says Co-op shut systems down, which appears to have really pissed off the threat actor. This was the right, and smart, thing to do.
While I was at Co-op we did a rehearsal of ransomware deployment on point of sale devices with the retail team, and the outcome was a business ending event due to the inability to take payments for a prolonged period of time. So early intervention with containment was the right thing to do, 100%.
bbc.co.uk/news/articles/cwy382…
'They yanked their own plug': How Co-op averted an even worse cyber attack
The revelation - from the criminals responsible - explains why the Co-op is getting back to business faster than M&S.Joe Tidy (BBC News)
Co-op Group recruitment looks like it is starting again, first new roles in two weeks posted. hcnq.fa.em2.oraclecloud.com/hc…
Marks and Spencer say food distribution to their stores is returning to normal. It follows Co-op's announcement yesterday that food and drink distribution will begin to return to normal from the weekend. reuters.com/business/retail-co…
27 new jobs at Co-op added today, and it's only midday. So recruitment was definitely paused for two weeks and now active again.
M&S have finally told staff that data about themselves was stolen: telegraph.co.uk/business/2025/…
You may notice I said they had staff data stolen on May 9th in this thread.
M&S staff data stolen by hackers in cyber attack
Employees’ email addresses and full names have been taken by hackers, sources claimMatthew Field (The Telegraph)
For the record, the tools listed in this article aren't used by Co-op.
computing.co.uk/news/2025/secu…
The link in the article to Vectra Cognito AI has a Coop Sweden logo on it, and the Coop Sweden CISO is named. Coop Sweden is different company. Coop Sweden went on to have a ransomware attack that crippled the org, including point of sale, so I don't think it's a good sales point. Same with Silverfort.
Google AI has ingested the article and now uses it to claim Co-op Group use the tools.
Here are the cyber tools Co-op used to help defeat its recent ransomware attack
Computing research has identified the security tools and partners the Co-op used to stop last month’s cyberattack in its tracks.www.computing.co.uk
M&S recruitment is still fully stopped, almost a month in. Co-op opened 46 new vacancies today.
Marks and Spencer’s CEO will lose a £1.1m share grant as a result of their cyber incident. ft.com/content/43531d25-4f7a-4…
M&S chief executive faces £1.1mn pay hit after cyber attack
Stuart Machin’s awards set to shrink after UK retailer’s share price drops following disclosure of sweeping hackLaura Onita (Financial Times)
This entry was edited (2 months ago)
The Times reports M&S were breached through a contractor and that human error is to blame. (Both M&S and Co-op use TCS for their IT Service Desk).
The threat actor went undetected for 52 hours. (I suspect detection was when their ESXi cluster got encrypted).
M&S have told the Times they had no “direct” communication with DragonForce, which is code for they’re using a third party to negotiate - standard practice.
M&S looks to be moving to reposition their incident as a third party failure, which I imagine will help redirect some of the blame (they present their financial results during the week to investors): bbc.co.uk/news/articles/cpqe21…
Both M&S and Co-op outsourced their IT, including their Service Desk (helpdesk), to TCS (Tata) around 2018, as part of cost savings.
M&S hackers believed to have gained access through third party
The retailer has been struggling to get its services back to normal after a cyber-attack in April.Emma Simpson (BBC News)
There's nothing to suggest TCS itself have a breach btw.
Basically, if you go for the lowest cost helpdesk - you might want to follow the NCSC advice on authenticating password and MFA token resets.
I've put a 3 part deep dive blog series coming out probably next week called Living-Off-The-Company, which is about how teenagers have realised large orgs have outsourced to MSPs who follow the same format of SOP documentation, use of cloud services etc. Orgs have introduced commonality to surf.
The Office of the Privacy Commissioner for Personal Data (PCPD) has confirmed that Marks and Spencer (M&S) Hong Kong has not informed it of a recent customer data leak, nor responded to its enquiries. hongkongfp.com/2025/05/19/ms-h…
M&S Hong Kong not responding to Privacy Commissioner's Office after online customer data breach
The Office of the Privacy Commissioner for Personal Data says M&S Hong Kong has not informed it of a recent customer data leak, nor responded to its enquiries.Tom Grundy (Hong Kong Free Press HKFP)
"Cyber analysts and retail executives said the company had been the victim of a ransomware attack, had refused to pay - following government advice - and was working to reinstall all of its computer systems."
Not sure who those analysts are, but since DragonForce haven't released any data and M&S won't comment other than to say they haven't had any "direct" contact with DragonForce, I wouldn't make that assumption.
There's also a line in the article from an cyber industry person saying "if it can happen to M&S, it can happen to anyone" - it's ridiculous and defeatist given Marks and Spencer haven't shared any technical information about how it happened, other than to tell The Sunday Times it was "human error"
The Air Safety version of cyber industry would be a plane crashing into 14 other planes, and industry air safety people going "Gosh, if that can happen to British Airways it could happen to anybody!"
Tomorrow it’s one month since Marks and Spencer started containment, it’s also their financial results day.
Online ordering still down, all recruitment stopped, Palo-Alto VPNs still offline.
TCS have been linked to the Marks and Spencer breach, at least in part.
reuters.com/business/retail-co…
I made this point a few weeks ago, but... outsourcing all your IT, Networks, Service Desk (helpdesk) and operational cybersecurity is a temporary cost saving and basically paints a ticking timebomb on the org, IMHO.
M&S say online ordering will be stopped until sometime in July, and it has taken a £300m hit, far higher than analysts had predicted. bbc.co.uk/news/articles/c93llk…
M&S cyber-attack disruption to last until July and cost £300m
Customers have been unable to order online for almost a month due to the cyber-attack.Lucy Hooker (BBC News)
Their CEO has commented they’ve drawn a line under the hack, without recovering, which has a bit of this energy honestly
The NCA has confirmed on the record that the investigation into the M&S and Co-op hack is focused on English teenagers. I could toot the names of the people I think they’ll pick up, but won’t.
bbc.co.uk/news/articles/ckgnnd…
M&S and Co-op hacks: Scattered Spider is focus of police investigation
The National Crime Agency tells the BBC how it is trying to find the culprits of the M&S and Co-op hacks.Joe Tidy (BBC News)
This entry was edited (2 months ago)
The CEO of M&S has declined to comment if they have paid a ransom. For the record: I’ve heard they have, in secret, via their insurance. reuters.com/business/retail-co…
Co-op Group announces it's getting rid of paper prices in stores, going to electric displays. Good luck during a ransomware incident 😒
Take something from the shelf and when you reach the checkout, it costs twice as much! Nice!
I guess it's low risk since the electronic displays are basically paper - Dumb eink displays that you update via RFID from a handheld. (The ones I saw in the local coop worked that way anyway.)
This entry was edited (2 months ago)
This stuff is brilliant. Based on e-paper and runs on Zigbee.
And they can raise the prices between you picking things off the shelf and going through the checkout and you'll have no proof that it was offered at a lower price.
Distraction News Friday 🙂🤷♂️
They have just added them in my local co-op,
Has been done since the ransomware incident.
Has been done since the ransomware incident.
pssscht. Like that would ever happen lol
bbc.com/news/technology-577075…
Swedish Coop supermarkets shut due to US ransomware cyber-attack
Some 500 stores are forced to close due to the ripple effects of a major cyber attack in the US.By Joe Tidy (BBC News)
e-paper price labels are apparently extremely common in mainland Europe. The UK is extremely slow to adopt things like this.
*In theory*, during an incident, the labels would remain as-is until they receive a new price. So TAs would specifically need to target the pricing database prior to wiping.
I for one welcome our surge-pricing overlords
TCS has a security incident running around the M&S breach.
Interestingly the source claims TCS aren't involved in Co-op's IT - which is categorically false, they took over most of it while I worked there, including the helpdesk, and my team (SecOps) after I left.
ft.com/content/c658645d-289d-4…
Tata Consultancy Services carries out internal probe into M&S hack
Indian IT company investigating whether it was gateway used by criminals to access retailerChris Kay (Financial Times)
This entry was edited (2 months ago)
TCS will find a low-level engineer/analyst and their manager to fire. Say they've dealt with it and it'll never happen again.
Insurance Insider say Co-op Group have no cyber insurance policy.
It’s got the insurance industry hard as they think they can ambulance chase other orgs with it.
insuranceinsider.com/article/2…
M&S attacks could be the key to winning new cyber business
While M&S had a cyber policy in place, Co-op and Harrods did not, Insurance Insider revealed.Abbie Day (Insurance Insider)
That is really surprising. I wonder why they didn't?
I don't know whether I get this right… I guess they don't have a cyber insurance policy for a reason: Nobody wanted to sell them one.
Seven weeks in, Marks and Spencer still have recruitment closed, online orders stopped and no Palo-Alto GlobalProtect VPN.
any indication that the Sophos report here: news.sophos.com/en-us/2025/05/… is linked to TCS?
DragonForce actors target SimpleHelp vulnerabilities to attack MSP, customers
Ransomware actor exploited RMM to access multiple organizations; Sophos EDR blocked encryption on customer’s networkSophos News
The sla got reset because the helpdesk marked the ticket closed, reopen if the problem persists.
While Co-op have restored every customer facing system and internal systems like recruitment and remote working, M&S still don't even have recruitment back.
I'm reliably told they paid the ransom, so they'll be target #1 basically forever with other ransomware groups now due to resiliency woes and willingness to pay.
we/they/someone/anyone *really* need to think very hard about how to properly redo absolutely secure internet facing IT systems.
guess they're going to need to fully embrace "it's *when* you get hacked not *if* you get hacked."
If they paid it did them precisely no good and put an even bigger target on their back. Stupid decision that will see their premiums go up massively.
This entry was edited (1 month ago)
Marks and Spencer's remuneration committee have opted not to dock the CEOs pay as expected and prior reported over the cyber incident, but instead increased it by £2m.
bbc.co.uk/news/articles/c23mz5…
bbc.co.uk/news/articles/c23mz5…
M&S boss's pay hits £7m before cyber attack chaos
Stuart Machin's money is not affected by the IT disruption but it will be considered for next year's pay.BBC News
The greatest lie Office Space ever told is that "What would you say you do here?" is primarily a question to be asked down rather than up.
I guess, compared to that, paying the ransom was just peanuts, yes?
CISO is an ablative role
Marks & Spencer is holding walk-in in-store recruitment open days to fill vacant roles while its online hiring system remains offline following its ransomware attack in April. thegrocer.co.uk/news/mands-sto…
M&S staging walk-in recruitment open days amid cyberattack disruption
M&S suspended online recruitment, along with clothing and home orders, after hackers took control of its systems in a cyberattack in AprilSteve Farrell (The Grocer)
Think they'll have you fill out various paper forms asking for your CV information then as you for a copy of your CV and a customised cover letter?
Since Marks & Spencer paid ransoms, can we call them "Marks & Spencer, cybercrime funders"?
This Daily Mail piece about security leaders thinking work-from-home means they will be crippled is horseshit, I'm not linking it.
They've taken a survey about how security people think their businesses couldn't survive ransomware, and linked it to working from home. WFH isn't the problem: business IT and resilience being built on quicksand is the problem.
Sounds like their companies rely on a hard outer shell and a squishy inside defense and nearly no layers of security.
Looks like a product of the "a good lie contains as much truth as possible" school.
The connection to WFH is spurious; but only two thirds sounds low for "We don't really understand our problems; but they are probably apocalyptic".
The 'WFH' allegations seem in especially bad faith given the suspected entry point for the M&S compromise: the outsourced helpdesk.
Those guys are even more compliant labor than work-not-from-home employees, so the Daily Heil isn't going to say anything; but lack even the (informal; but in practice often at least reasonably effective) "does the IT person you just poked recognize who is interrupting with a password question?" ID verification step with onsite workers and onsite IT.
Just about everything Daily Mail publishes is horseshit.
I could draft an opposing headline about how ransomware and cyber threats will naturally proliferate faster and more easily within a physical network than it will in a distributed environment.
It wouldn't be the whole story either, but it's just as true.
It wouldn't be the whole story either, but it's just as true.
I WFH 100% of the time. I never connect to an office "network". The only way I could spread any form of malicious payload to my colleagues is through shared communications platforms which not only requires ME to fuck up so that my account is used to send that payload to others, but it then requires the recipients to ALSO screw up and make mistakes like open dodgy links or attachments. WFH provises an additional buffer to protect an organisation, in my opinion.
Co-op say they have largely completed recovery, and have removed the cyber attack banner and statement from their website
retailgazette.co.uk/blog/2025/…
I think they did a great job. They do call it a "highly sophisticated attack", which, frankly.. isn't true and may come out in open court later if the suspects are ever caught.
6 weeks from containment to "near full" recovery, for statto nerds like me who track this stuff.
Co-op nears ‘complete recovery’ from cyber attack - Retail Gazette
Co-op has said it’s in a “much stronger position” as store deliveries return to normal following its cyber attack.Aoife Morgan (Retail Gazette)
This entry was edited (1 month ago)
that's really impressive. and have they confirmed no ransom paid?
can confirm my local co-op's shelves are mostly full now - and they have earl grey tea, which was the only thing I really missed!
I think they could reasonably argue that the common use of the term “sophisticated” when applied to attacks, is merely used to refer to an attack that succeeded.
M&S had their ransomware incident communicated via internal email - from the account of a staff member who works for TCS.
The way TCS work is you give them accounts on your AD.
bbc.co.uk/news/articles/cr58pq…
M&S hackers sent abuse and ransom demand directly to CEO
The criminals told the retailer's boss he could make things "fast and easy" if he complied with their demands.Joe Tidy (BBC News)
I'm sure the logic of 'work from home' being an existential threat while extensive exposure to outsourced managed services is just good sense must only baffle me because I'm not the sort of person who deserves a bonus that brings me up to £7 million for the year; not because it's questionable.
Marks and Spencer have started partial online shopping again.
For statto nerds, around 7 weeks from containment to partial recovery
bbc.co.uk/news/articles/c4gevk…
M&S restarts online orders after cyber attack
The return of online shopping marks a key milestone for the retailer, which has struggling to get services back to normal.Michael Race (BBC News)
That counts as "taking a heavy hit".
M&S still have no recruitment system, two months in.
TCS have told shareholders their systems were not compromised in the hack of M&S.
As an explainer here (not in the article): TCS IT systems weren't compromised. Their helpdesk service (they're AD admins at M&S) was used to gain access to M&S. They manage M&S IT systems.
reuters.com/business/media-tel…
This entry was edited (1 month ago)
Latest Marks and Spencer update is pretty crazy.
M&S haven't been able to supply sales data - so the British Retail Consortium (BRC) - used by the UK government as as economic indicator - basically made up figures for M&S and didn't tell people they had done this.
telegraph.co.uk/business/2025/…
Retail lobby group accused of M&S cyber cover-up
British Retail Consortium published ‘made-up’ sales figures following attack on high street giantHannah Boland (The Telegraph)
To be fair, according to the article it was BRC who told its members about the made up first. Though we may argue it was a bit late.
Ultra spicy post claiming to be from UK retailer employee (M&S or Co-op) about their experience with TCS on their security incident. reddit.com/r/cybersecurity/com…
I'd be very curious to know what the breakdown is between TCS dropping the ball and lying about it and M&S/Co-op not actually insisting on adequate procedure.
It's not terribly uncommon for people to only care about time-to-resolution with some lip service to user satisfaction when it comes to helpdesk metrics; and tacitly discourage things that are slow and unpleasant like hassling people for ID, at least until that becomes a visibly terrible idea.
fun that this is the same TCS who are working on the DWP Child Maintenance Scheme and run the Teachers Pension Scheme for the DfE.
"M-SThrowaway" might indicate M&S?
Or is that too obvious or deliberate obfuscation? 🙂🤷♂️
as someone who has been subjected to Tata on multiple occasions going back over a decade?
This isn't nearly spicy enough. I don't even describe them as a 'body shop' because they'd gladly route you to a corpse and try to charge extra for '24x7 coverage.'
When one employer did a basic security audit of their helpdesk services, Tata failed so severely that the contract was pulled for cause before the audit was even completed. They moved it all back in-house.
The root problem here isn't that TCS are shockingly bad (they are, just about everyone knows that).
The root problem is that "management decisions" constantly overrule those that raise concerns about their service and tell any remaining internal IT and security staff to "deal with it as best you can."
I'm very much of the view that, yes, the outsourced provider can be the cause of an incident, they can provide a shockingly bad service, they can cost your business millions of pounds. But the decision to continue to use them when you already know this is a real possibility - that's a decision by senior management within the company. That's on you.
ATOS in the past have operated in a similar way (my experience). But if a post mortem investigation finds that the IT contractor was at fault and created an attack vector, as perhaps is being implied here, then I believe that any current business insurance policy might not cover the financial losses. I guess that the affected businesses might need to pursue legal action. What a mess 🤦
Interesting. I don't have the background on this specific attack, but I'm reminded of the Target credit card theft. An HVAC company near me was the point of entry for the attackers; they had high-access keys to Target's intranet because they install and maintain shopping-mall-grade HVAC and can remote-override it for maintenance and schedule reasons (nation-scale chain stores with giant footprints save not-inconsequential money on things like "Don't power up the HVAC to normal capacity on days nobody is here").
They had the keys on the same machine running their webserver.
(Meanwhile, Target actually did get an SEC slap-on-the-wrist for one specific thing: the HVAC intranet piece wasn't firewalled from the financial transactions and cash register source code pieces).
I wonder what the liquidated damages cap is in the contract.
And who brought them in and kept them? Culpa in eligendo.
K. Krithivasan, also known as Krithi, aka the face of quality IT, that you can trust.
Hash tag
These Indian, "IT", call centers probably do double time as scamming operations.
Hilarious twist would be that it was an inside job, faked to look like a compromise.
Marks and Spencer’s CEO says half of their online ordering is still offline after their ransomware incident, they hope to get open in next 4 weeks.
They are also rebuilding internal systems and hope a majority of that will be done by August.
Lesson: mass contain early. M&S didn’t. Co-op did.
It was a lot easier for the IT folk in The Co-op to make that call to pull the plug after they'd just seen what happened to M&S!
17 and two 19 year old teens picked up over Co-op and M&S hacks, and a 20 year old woman.
Pretend to be surprised.
bbc.com/news/articles/cwykgrv3…
Four arrested in connection with M&S and Co-op cyber attacks
Three men and one woman - aged between 17 and 20 - have been arrested in London and the midlands.Joe Tidy (BBC News)
I’m certainly no IT security expert, but if your system is getting popped by three kids, does that perhaps indicate that you may have missed a few opportunities for improvement in the past? 🤔
kids these days 🙄
Just stay away from my bins!
Another Pesky Teenager
If you ever doubted the link between Scattered Spider(tm) and LAPSUS$ - one of the people arrested today was a key part of the LAPSUS$ attacks a few years ago.
*Surprised Pikachu*
did they get caught and sentenced at the time?
After almost 3 months, Marks and Spencer recruitment system came back online just now. First 4 jobs posted.
One would think they would post for cyber security engineers or something
kek and no SECURTY STRATEGIST xD
social media lewd
scared to list jobs in case the hackers applied but now they're arrested it's safe?
. @briankrebs has broken the story that the key member (and teenager) of LAPSUS$ runs Scattered Spider
krebsonsecurity.com/2025/07/uk…
UK Charges Four in ‘Scattered Spider’ Ransom Group
Authorities in the United Kingdom this week arrested four alleged members of "Scattered Spider," a prolific data theft and extortion group whose recent victims include multiple airlines and the U.K. retail chain Marks & Spencer.krebsonsecurity.com
Co-op finally admitted the entire membership database was stolen
I had this in the thread months ago, they originally tried to deny it entirely then tried to say ‘some’ data was accessed when they knew it was the whole thing.
bbc.co.uk/news/articles/cql0pl…
Co-op boss says sorry to 6.5m people who had data stolen in hack
In her first interview since the attack, Co-op's chief executive said she was "incredibly sorry" to customers.Joe Tidy (BBC News)
Personally I think Co-op did a really good job getting out of that situation and minimising impact.
I definitely think if you have a LAPSUS$ style advanced persistent teenagers situation, tilt towards open and honest comms as those kids will use secrecy against ya. It’s 2025, it’s okay to say you got hacked, people largely understand. Also, in IR, lawyers are usually stuck in 1980 advice - it’s just advice, they ain’t yo boss.
When GDPR was being introduced, I got to see *so much* bad advice being given to companies by their lawyers that it made me realise how many lawyers really are making it up in the spot as much as everyone else - and therefore bringing their own biases and misapplied experiences.
This entry was edited (1 week ago)
It’s 2025, it’s okay to say you got hacked, people largely understand.
Probably the most damning indictment of the entire computing industry that I've seen for a long time.
I don't disagree at all. But this absolutely should not be the case and wouldn't be if we weren't still building core infrastructure around ideas that were known to be bad by the mid 1980s.
As consumers by now we know getting hacked is a probability. We just want to be told honestly with timely updates.
This is my 3rd order and as earlier, Fast delivery and excellent outcome from JBEE SPY TEAM on telegram +44 7456 058620
The people arrested as part of the Co-op and M&S hack investigation have been released on bail.
nation.cymru/news/four-people-…
Previously when this happened with LAPSUS$, they just continued hacking stuff.
Four people bailed after arrests over cyber attacks on M&S, Co-op and Harrods
Four young people who were arrested for their suspected involvement in the damaging cyber attacks against Marks & Spencer, the Co-op and Harrods, have been bailed.Emily Price (Nation.Cymru)
Sweet holy mother of surprise, I nearly raised an eyebrow 😁
that took longer than expected
at this point I'm much more surprised when someone over 25 gets picked up for hacking stuff, I think some dude was helping gangs smuggle drugs into Rotterdam via hacking into the port logistical systems, they were like 41 with kids, that was way more unexpected to me lol
occrp.org/en/project/narcofile…
Inside Job: How a Hacker Helped Cocaine Traffickers Infiltrate Europe’s Biggest Ports
Europe’s commercial ports are top entry points for cocaine flooding in at record rates. The work of a Dutch hacker, who was hired by drug traffickers to penetrate port IT networks, reveals how this type of smuggling has become easier than ever.OCCRP
At least the companies used sophisticated defense in depth.
“The BBC later discovered from the criminals that the company disconnected the internet from IT networks in the nick of time to stop the hackers from deploying ransomware and so causing even more disruption.
"Shortly after Co-op announced it had been attacked, luxury retailer Harrods said it too had been targeted and had been forced to disconnect IT systems from the internet to keep the criminals out.”
If it is the case then the leaders of businesses like M&S who outsource these services to the lowest cost providers should also be held to account
It’s typical of British business management to know the cost of technology but not the value of it
Why does an offshore call center even have access to administrator passwords?
In other words, their wetware was targeted.
"Our staff is our most valued asset. We depreciate on it."
it's the classic case of telling the literal truth in a way that implies something entirely false.
so their systems were not compromised, but their employees’ creds into the M&S environment were?
The term 'user' in "no TCS systems or users compromised" could be more interesting to argue on in a civil liabilities case.
If a TCS staff member falls for social engineering (even if the action they take is within an assigned M&S tenant account...), is that not the same as a TCS user being compromised?
Anyway... I'm sure that statement won't at all be like rubbing salt in M&S's wounds.
This entry was edited (1 month ago)
I keep reminding people who mention this that M&S outsourced their IT services to the cheapest possible option. That immediately tells you how much they care about your data safety and security. It’s so important to them that they phone it in. Absolute joke.
could it be that they are unable to recruit anybody to help fix the recruitment system, asking for an unemployed recruitment portal technician....
This entry was edited (1 month ago)
Still didn’t have any Percy Pigs at the last store I checked either. Staff told me they don’t know what they’re going to receive one delivery to the next.
the daily mail publishing click bait headlines with sensationalist takes that fit the narrative the rich and powerful want to push? Who could have predicted that ahead of time?
bankers are so afraid of WFH destroying the commercial real estate market, they'll pay for all kinds of bogus studies and make sure they get published and repeated far and wide to attempt to stop the wave of progress and modernization that is WFH. WFH is better for EVERYONE except the bankers who own your office. Fuck them. Fuck companies that capitulate to bankers and enact RTO policies to get preferential lending rates. Stay home
anything to discredit wfh!
only two thirds of security leaders think that if they got successfully ransomwared that it could 'cripple' their business? I guess some people are just really confident in their incident response.
its always so funny bc with current technology there could be really no difference someone break in and use workplace vs break in and use home work station (some could even say properly deployed WFH setups could be even more protected than onsite devices where no one really cares) ^^
dammit I read WFH as Waffle House in my head and now I can’t stop
wasn't there some event, maybe 5 years ago, that meant a lot of WFH? Or did I hallucinate those times.
Is it suddenly a problem now or this is the same RTO bullshit being peddled?
Nice job if you can get it
Incredible. I'm sure the blame will be passed on to some lowly IT personnel and the leadership will take none of it. Leadership loves taking credit for profits but when it comes to losses, that's not on them.
Marks and Spencer abandoned my city to take themselves out in the sticks where the only way to get to them from here, is by car, so I have abandoned Marks and Spencer's, they have nothing really original anyway.
and so the ransomware machine grinds on. Ffs.
> I could toot the names of the people I think they’ll pick up, but won’t. < Encrypt them with GPG and release the key afterwards?
scattered spider/people with ties to the com and zero opsec, name a more iconic duo
I'm sure the book deal and mini series docudrama contracts are in the final discussion stages 🤨🤦♂️
Make a timestamped list so when it does get published you can show the comparison guess 😛
I took that to mean that they (or more likely the analysts they hired) have concluded it's cheaper/quicker/safer to rebuild new systems from scratch than to continue any further recovery. So drawing a line in a financial & investigative sense, rather than saying that £300 million is just a scratch.
And rebuilding from the ground up would seem to tie in with their statement about online orders being unavailable until at least July and then "ramping up" after that.
I wonder if they will take the opportunity to re-work their IT infrastructure rather than just replace like for like?
I must admit to not being particularly enamoured by the overall concept of third party identity security services.
how do in register a future "I told you so" without disclosing who it's for? Asking for a friend...
I can imagine many business leaders going "oh, it's okay, we don't use TCS, we have another outsourced supplier..."
unless maybe you outsource, but to a bunch of different providers, spreading risk? ie use local OpenLDAP as an organisation management tool (does not eerste a huge amount of resources, then set up mail with A, storage with B, web with C, etc. ?
Want to guess how much of my IT leadership career has been focused on building in-house expertise and dialing back the presence of MSPs?
Enough that it's made for a pretty good living...
Its rather hypocritical that the Coop would be wading into the outsourcing game
Every company is a computer company now
I'm guessing it's a liability thing? I.e. they can recover a significant chunk of the losses from TCS contractually?
when I got my business degree, one of my management profs said that the instant you outsource, you give up control. To the service provider, you move from income to liability on the balance sheet because you now are costing them money, and to eke out any profit they need to cut costs related to providing service to you.
Thus you get all this *gestures vaguely*
"paints a ticking timebomb" - bit of a mixed metaphor, could be "paints a target" or "plants a ticking timebomb" ? 😎
The shortsightedness of outsourcing everything is undeniable though!
This entry was edited (2 months ago)
I would buy one of those action that goes up when it goes done ! Would that be considered 'outsider trading' ?
They are still within the contract sla period for a response from the outsourced help desk. Sorry. But the contract sla only covers time to first response to the ticket not when the ticket will be done. Also orders for that many new machines exceeds the average % of requests and so is subject to delays from the equipment supplier
I would love for IT to publish accident investigation reports in the same way as aviation.
No blame, no liability, no finger pointing, just lessons for everyone to learn and hopefully avoid the same.
(I know there have been some like the Irish Health Service that were excellent.)
The “human error” is the humans in the boardroom and the C-suite not putting sufficient effort or resources into securing their networks.
yeah, breach the "low cost" IT outsourcer - whose staff feel little connection or affinity with the corporate customer - and *bingo* you hit the jackpot 🎰 with multiple corporate accounts to ransom.
How's that "low cost IT outsourcing" looking now?
One of the big MSP's from India was adamant:
1. Personnel is not allowed to store passwords.
2. Must use unique passwords for every service.
3. Passwords must rotate every X days.
4. Only sanctioned apps are allowed.
5. No password manager is sanctioned or installed by default.
1. Personnel is not allowed to store passwords.
2. Must use unique passwords for every service.
3. Passwords must rotate every X days.
4. Only sanctioned apps are allowed.
5. No password manager is sanctioned or installed by default.
I recall it was a "TCS_80_ip" list in Entra Id marked "Trusted"/"MFA exempt" that contained 80 ranges from /15 to /24...
Yet happily pivoting through 3 layer deep RDP to get to a system to manage 
I wonder would there be a drop in threat activity if someone made sure all teenagers are in school/training/work/at a youthclub (if there were any).
Something, something, can't outsource risk.
Argh, flashbacks to trying to convince directors that outsourcing IT is bad. Very bad.
having recently dealt with TCS, nothing would surprise me.
“we aren’t a computer company, so off to India / China / Vietnam / Philippines / etc for all this non-core-business shit”
…
“Why company not run without computers? Who did this?”
more CEOs should have this sort of consequence for getting breached like this.
to be fair, IIRC, Coop Sweden went down because their payment provider used Kaseya.
So, it was ransomware on a fourth party, nothing Coop Sweden had any direct control over
This was yesterday evening in my local co-op store (close to central Manchester.) Still lots of empty spaces on the shelves.
This entry was edited (2 months ago)
All the co-op stores near me have been bare, was like the early covid days
And I was expecting the first vacancy to be CTO 😆
No opening for a new CISO yet then...
This entry was edited (2 months ago)
They need to advertise for some cyber security positions, perhaps...
Those who know this is going to become more and more.
The quote
> They torched shareholder value
made me laugh
they have no idea what the Coop is
This entry was edited (2 months ago)
I have memories of those exercises 😅 (particularly logistics chiming in with 'erm, we'd need to kill all supplier orders asap' and the room going quiet 😳)
Just glad some of the lessons sank in....
Just glad some of the lessons sank in....
wait, they both have professional crisis comms? They appear to be overpaying them...
Confident on containment within 2 weeks?
I will henceforth not do anything differntly and therefore continue not to be a Harrods customer.
exactly... They should be talking to the butler.
Forecasting system [right now] === manual stock checks and supply chain staff guessing on spreadsheets where to send things
title sounds like a bad rap line.
supplies, supplies...
All six of the islanders must be happy.
Wouldn't be surprised if customers demanded to keep local goods if restock is available again
the thieves could probably show up at the AGM and present themselves as a member, since they have access to all the information the Co-Op has on it's membership...number, address, etc.
Short of checking govt. ID or requiring a hard copy of the meeting invite that was mailed to their address. Even then, the thieves might've gotten away with that too.
And none of those jobs is CISO! 🤣(yet)
I wonder if the M&S and Co-op PR departments are constantly waiting for the other to announce something so that they themselves can push out an announcement and hope theirs goes under the radar?
Oh no, which was this Kevin?
I've just had an email from M&S. It's a sort-of-nothing-really email.
Incident response specialists the world over wince into their keyboards.
This is another object lesson in how not to do it. It'll be taught to students in future.
Makes me wonder if this is where my credit card number leaked from a few weeks back.
I can only hope this data breach is the kick up the arse needed to abolish the common practice of using date of birth as an (immutable!) security password. Once it’s public knowledge it’s beyond useless… it’s a liability. Especially in banks.
I will not be holding my breath on this one.
Today they apparently emailed all customers that have ever purchased items from their online store. I received two such emails, an apologetic one from Stuart (CEO), and a slightly more explanatory one from Jayne Wall (Customer Services).
Hey Kevin, How can we connect on message?
This is a remarkably shit email.
![Dear David,
I'm Jayne Wall, and I look after Customer Service here at M&S. | am sure that you will have seen
in the news that we have been dealing with a cyber incident and | wanted to write to you about
what this means for you.
What has happened?
To proactively manage the incident, we immediately took steps to protect our systems and engaged leading cyber security experts. We also reported the incident to relevant government
authorities and law enforcement, who we continue to work closely with.
Unfortunately, the nature of the incident means that some personal customer data has been
taken, but there is no evidence that it has been shared. The personal data could include
contact details, date of birth and online order history. However, importantly, the data does not
include useable card or payment details, and it also does not include any account passwords.
For more detail, see our FAQs.
How does this affect me and what should | do?
You do not need to take any action, but you might receive emails, calls or texts claiming to be
from M&S when they are not, so do be cautious. Remember that we will never contact you and
ask you to provide us with personal account information, like usernames, and we will never ask you to give us your password.
For more information, FAQs and hints and tips on how to stay safe online visit
corporate.marksandspencer.com/cyber-update
To give you extra peace of mind, next time you visit or login to your M&S.com account on our [truncated]](https://friendica.eskimo.com/photo/preview/640/7778075 "Dear David,
I'm Jayne Wall, and I look after Customer Service here at M&S. | am sure that you will have seen
in the news that we have been dealing with a cyber incident and | wanted to write to you about
what this means for you.
What has happened?
To proactively manage the incident, we immediately took steps to protect our systems and engaged leading cyber security experts. We also reported the incident to relevant government
authorities and law enforcement, who we continue to work closely with.
Unfortunately, the nature of the incident means that some personal customer data has been
taken, but there is no evidence that it has been shared. The personal data could include
contact details, date of birth and online order history. However, importantly, the data does not
include useable card or payment details, and it also does not include any account passwords.
For more detail, see our FAQs.
How does this affect me and what should | do?
You do not need to take any action, but you might receive emails, calls or texts claiming to be
from M&S when they are not, so do be cautious. Remember that we will never contact you and
ask you to provide us with personal account information, like usernames, and we will never ask you to give us your password.
For more information, FAQs and hints and tips on how to stay safe online visit
corporate.marksandspencer.com/cyber-update
To give you extra peace of mind, next time you visit or login to your M&S.com account on our [truncated]")
It would end not with a bang but with a hamper.
[Random villager running off with a pig under their arm] "I've always been an advocate for 'Direct Farm to Fork'"
To be fair a lot of small producers do have farm shops, not just Jeremy flippin' Clarkson 😆🤷♂️
its prob fraud, why you need an cyber insurance? to increase the manager bonuses, with the salaries of the workers ... it must be fraud
Did someone take their portal down, saying that they shouldn't "do crime"?
(treasonable talk about why can't these people fuck up a newspaper or two?)
surely they're limited at the volume of available product; how to can any store receive a multiple of what's available? 🤔
I was on holidays in Brodick (Arran, Scotland) last sunday, I can confirm the Co-op was low on products, with only potatoes available as fresh vegetables 😬
I though it was because it was a sunday late afternoon, but reading your thread it was clearly linked to the cyber incident
That's the ballerest thing I've ever heard. Call into the IT bridge for the bridge trying to mitigate your attack.
Mmh I don’t understand. Could you explain a bit more please?
bbc.co.uk/news/articles/cp8v82…
Co-op cyber attack leaves island shop shelves empty
The attack has disrupted deliveries to island communities where Co-op is one of the biggest retailers.BBC News
Our local Midcounties Co-op hasn’t had a delivery from the Co-op Group all week, the shelves are basically bare already.
I am hoping that the local Co-Ops might be able to bypass the Co-Op Group for some items if the problem persists. The Southern Co-Op shops sell local/regional items where a nearby "Manchester" Co-op (as I have heard some of the Southern staff refer to the Co-op Group) shop doesn't.
why do firms do this
Not sure if it is related, but M&S shuttered a flag-ship store without notice and earlier than planned on May 7th.
🔗 Marks and Spencer suddenly closes Aberdeen’s flagship St Nicholas branch after more than 80 years in city centre pressandjournal.co.uk/fp/news/…
They've now admitted it -
BBC News - Personal customer data stolen in M&S cyber attack
bbc.com/news/articles/c62v34zv…
M&S says personal customer data stolen in recent cyber attack
The retail giant is still not taking online orders following a cyber attack three weeks ago.Michael Race & Joe Tidy (BBC News)
That value feels low or are M&S not huge online like other properties?
This entry was edited (2 months ago)
When will the world learn: IT opsec is everything. More important than the countless millions they spend on physical security in terms of potential incident costs....
ah yes, the new corollary to Rumsfeld's 'never let a crisis go to waste' - 'never miss an opportunity to lie to push your agenda'
maybe by hybrid, they mean a workforce consisting of vastly overpaid & mostly useless execs, and grossly understaffed, underpaid, & unappreciated workers trying to keep the wheels from falling off?
you don't understand, I lost at least 700 million to the drugs I had to buy to help my paranoia because I can't watch my wageslaves Imean workers do their job 
Meanwhile, some other organisations have learned how to implement zero trust properly. Yes, it’s sometimes annoying, but it does work pretty well overall. 🤷♂️
This entry was edited (2 months ago)
Management's view on the importance of office-based work and IT remote access:
How many of those who own that alleged newspaper own commercial property?
Thoughts and prayers I guess 
is this another one you think?
it’s a nice idea, but she’s just saying she’s ok with exploiting trans labour. “Massive business benefit” is never to the benefit of the workers.
the Co-op really do try to do the right thing. Glad I'm not working in Co-op Food IS any more but their social mission is pretty darn solid.
Auwch, it helpdesk falling victim of social engineering.
Ehm, they're doing both things. The easiest way to get physical access to most companies is to pretend being an employee of their it service contractor. They often just open all of the doors and show you the way right into the server room or ask you if they should log out before you take over (followed by if you'd like tea or coffee). At most what you as an attacker risk is getting also tasked with fixing the printer or copy machine "now that you're already here"...
Well, that's an easy one. Just say that you are calling regarding the reported problem with Outlook.
On the one hand you have a ~90% Chance, that the called person had.a Problem in the last Week, and on the other hand will hand you over the username as well as the password immediately.
I'm somewhat surprised, that this had not been tried earlier.
Very valid point, i'll find the current way to nudge our editorial folks. Definitely an important distinction 👍🏻
Edit: Done
Edit: Done
This entry was edited (2 months ago)
I will go full Benicio Del Toro on the ransomware gang for many many millions of vegetables.
Signs for Cash Payment Only and many itemns out of stock at the coop I use this morning. I'll see if it is still the case tomorrow (most likely)
Local one is plentifully stocked despite Bank Hols.
Co-op just sent an email to all members about this. No website link to the copy. Want me to forward you the email?
There's always money in the Hawala stand. /s
voluntarily, or has their card processing company got twitchy?
Huh, might also explain why some of the shelves were so bare at my local yesterday.
(Also, it was a Bank Holiday Monday, but still)
I got an email from the Co-op a couple of hours ago.
This entry was edited (2 months ago)
I got an email (as a member) at about 16:20 this afternoon on the subject
they've stopped taking cash payments today in my local one for first time
noticed the shelves in my local Co-op were not looking good this evening. Looks like they are struggling getting items ordered via their fallback methods.
interestingly enough, trying to folloy the link gave me this.
While in #BandQ today, the staff said they'd been having "some IT Issues like M&S"
Not sure if this was the staff just making a parallel of "generic IT issues" or if there has been some incident they haven't admitted yet
Can also confirm, from several years ago, that sometimes there is also an Executive Assistant with a flag in some systems to ‘call on behalf of’ C-Suite/VPs.
It’s like a privilege escalation on people exploit 🤣😂
The cult of “it’s an exec!” and thus able to bypass normal protocols has always made me cry - especially seeing as how they’re the ones with access to the juicy stuff and (usually) have low IT literacy and awareness.
Often, when I’ve worked with an org to help strengthen the help desk, the push back has been from the service desk management (scared that they’ll been seen as impeding the exec in the course of Important Work). Usually asking the question “would you rather be responsible for an extra 60 seconds on a call, or for the entire company being breached?” helps them to see the light.
The other source of friction is from the admin assistants of the execs who seem even more entitled than the execs themselves. An appeal to vanity (“we have to be extra careful when you call in because you’re in a very privileged position”) can work wonders.
Every time I’ve spoken directly with said execs and explained exactly why they are going to be asked to positively ID themselves for any interaction they have been 100% supportive.
I mean "lying about it and living in crisis mode" is a continuity plan right?
Let me guess, the robust plan is to make it up as they go along and keep systems down for at least a week?
Both can be true, I imagine?
What’s the Mike Tyson quote? “Everybody has a plan until they get punched in the face”?
This is basically the plan for most businesses in reality.
It's fine to talk about stuff being "widely known best practice," but when IT shows up with big expenses for backups and security, the MBA's always decide it's more important to rightsize the headcount and operate lean. Many IT departments report up through an MBA and not a technical person, and many IT people are terrible at communicating risk dramatically enough to get money.
the business continuity plans are so robust they've been successfully stopping the CFO's desk from wobbling for the past fourteen years.
If you don’t test it properly, it doesn’t count. See also failover and backups.
The thing that gets me is that the two statements are probably true for the people who said them. The Security group may have wargamed and prepared for malware attacks, and done so in a way that no one else in the technical stack even noticed happening (beyond some new agent installs being requested). So when the attack comes, the Security plan swings into action and no one outside of Security knows what it is or has practiced it.
This is high visibility. Executives step in to make Declarations, complicating the response. This is an incident big enough to need sub-commands to track various workflows, reporting up to a rotating incident command. Everyone wants to help, the workflows aren't well defined yet, and people help on their own authority (thanks to Command not having a clear picture yet and guiding where help would be good) and maybe make things worse in a few spots.
We had a plan.
It is chaos.
Both are true.
In fairness, I don't think I've ever believed a ransomware incident response plan would *actually* be used in any meaningful circumstance beyond an ISO audit anyway.
@ollie_whitehouse
Do egress filtering (esp. for servers) with alerting.
If there is unknown communication, then you have either a misconfiguration or a problem.
Keep critical IT infrastructure (network, firewalls, SAN/NAS, virtualisation, backups) separated from Active Directory.
Do not couple internet-facing systems (including VPN and M365) with your local AD.
@ollie_whitehouse One Entra Conditional Access policy to block high risk logins, a second policy to block high risk users. You most likely want to do both, and need to do them in separate policies
I agree with most of your arguments. (In fact, the only one I take exception with is comparing ransomware with climate change. Ransomware is a much more real and urgent problem.) Those are pretty much arguments I've used myself when advising customers hit by ransomware not to pay.
But, ultimately, it's the company's decision. Even if the company makes the wrong decision, the government shouldn't be the one who decides for them.
See also this:
coveware.com/blog/2025/4/29/th…
"Decryption tools are worse than they’ve ever been."
The organizational structure of ransomware threat actor groups is evolving before our eyes
The Ransomware-as-a-service (RaaS) model has not recovered from law enforcement disruption, and the entrance of novice actors along with non-Russian state-linked cybercriminals has led to uncertain outcomes for victims.Bill Siegel (Coveware: Ransomware Recovery First Responders)
superb summary. Surprising it still hasn't been made mandatory to report incidents, and clearly payments to criminal groups should have been outlawed before now. You'd have thought that would easily have fallen foul of the existing anti-money laundering/anti corruption regs.
My thought after reading this is very old school.
When the first indication appears, shut everything down. I have seen banks do this, and watched tellers calmly tell customers "I'm sorry, but the system is temporarily shut down" and start from there.
If the breach is stopped quickly enough, you may have a chance.
Also, what about off site storage, that would not be accessible to the attacker?
Ultimately, the decision is a risk management decision, to evaluate as quickly as you can
When the first indication appears, shut everything down. I have seen banks do this, and watched tellers calmly tell customers "I'm sorry, but the system is temporarily shut down" and start from there.
If the breach is stopped quickly enough, you may have a chance.
Also, what about off site storage, that would not be accessible to the attacker?
Ultimately, the decision is a risk management decision, to evaluate as quickly as you can
I caught a typo similar to ones I make, hope this helps.
"Travelex aren’t alone. When I covered the Capita ransomware, they paid quietly paid"
maybe delete one of the "paid"s
"Travelex aren’t alone. When I covered the Capita ransomware, they paid quietly paid"
maybe delete one of the "paid"s
it's good to make that known, i remember reading pieces about how professional the "commercial" side of these groups were and how companies found it so compeling to pay for the "service", that gave me an impression of a much better argument for doing so (with the downside that it does fund crime and rewards it).
it absolutely blows my mind that *anybody* pays ransomware attackers off, *ever.* Taking your lumps is better even WITHOUT the fact that you're literally funding them to continue attacking people, and that eventually (if not much, MUCH sooner) they're going to come right back to YOU again for another handout. Very likely, for the same damn attack you just paid them to keep quiet about in the first place.
Apple News link apple.news/ArfJU5fghR0WwaguZc8…
Inside the M&S meltdown: 3am meetings and £40m a week in lost sales — The Times and The Sunday Times
Stuart Machin had been looking forward to a long weekend. It was Easter Saturday and the chief executive of Marks & Spencer had retired to his south London home for the evening, after a long day inspecting the aisles of his local M&S branch — somethi…apple.news
it’s an older meme sir, but it checks out
2025-06-24 21:13:58
2025-06-24 21:13:58
2025-06-24 21:09:02
19017330
Unknown drone attack targets Taji Camp in Baghdad, Iraq english.almayadeen.net/news/po…
Unknown drone attack targets Taji Camp in Baghdad, Iraq
Multiple explosions were heard in the Iraqi capital, Baghdad, particularly at Camp Taji, a military installation used by Iraqi and the US-led coalition forces.Al Mayadeen English (Unknown drone attack targets Taji Camp in Baghdad, Iraq)
2025-06-24 21:12:02
2025-06-24 21:12:02
2025-06-24 21:12:02
19017320
On the History of the Question of the Unfortunate Peace marx2mao.com/Lenin/HUP18.html
2025-06-24 21:11:48
2025-06-24 21:11:48
2025-06-24 21:11:40
19017315
#OtD 24 Jun 1855 crowds gathered in Hyde Park, London against the Sunday Trading Bill introduced to close shops, public transport and pubs on the Sabbath. The crowds grew over the next two Sundays, culminating in a riot on 1 July. stories.workingclasshistory.co…
2025-06-24 21:09:01
2025-06-24 21:09:01
2025-06-24 21:08:53
19017299
if you suspect that an enemy is about to make a move on you, what do you do?
A. prepare defenses?
B. attack first?
C. do what the enemy wanted before they get a chance to do it?
A. prepare defenses?
B. attack first?
C. do what the enemy wanted before they get a chance to do it?
2025-06-25 12:51:28
2025-06-24 21:06:19
2025-06-24 21:06:01
19017264
🔞Warning: NSFW, nude Japanese/Asian women, occasionally BDSM.
in reply to Japanese Beauties
🔞Warning: NSFW, nude Japanese/Asian women, occasionally BDSM.
Sensitive content
YUINA Ema #結菜えま
mastodon.social/@ethal/1146801…
#EmaYUINA #YUINA_Ema #SexyJapanese #SexyAsian #gravure #JAV
Sensitive content
❤️
2025-06-24 21:05:17
2025-06-24 21:05:17
2025-06-24 21:05:03
19017254
Sensitive content
2025-06-25 12:51:45
2025-06-24 21:05:17
2025-06-24 21:05:01
19017252
🔞Warning: NSFW, nude Japanese/Asian women, occasionally BDSM.
in reply to Japanese Beauties
🔞Warning: NSFW, nude Japanese/Asian women, occasionally BDSM.
Sensitive content
😍
2025-06-24 21:03:10
2025-06-24 21:03:09
2025-06-24 19:57:26
19017249
Import the third world, you get the third world.
2025-06-24 21:10:22
2025-06-24 21:02:48
2025-06-24 19:57:15
19017247
I have similar beliefs
Nanook likes this.
2025-06-24 21:11:41
2025-06-24 21:02:18
2025-06-24 19:56:13
19017244
in reply to EastBayTruther
Lets keep blaming it all on the Jews when Lucifarians set this shit up. All three of these pieces of shit worship Lucifer. Motherfuckers smell like sulphur.
@EastBayTruther Three fifty feet craters in a hill over a complex buried 1600 feet is only going to incentivize them to get their bomb built faster.
2025-06-24 21:12:38
2025-06-24 21:01:48
2025-06-24 19:45:46
19017239
in reply to HeyokaChiefBigMouth
@HeyokaChiefBigMouth What I find strange is the comparison of deportation to kidnapping. Since when do kidnappers return their victims to their homes?
2025-06-24 21:01:03
2025-06-24 21:01:03
2025-06-24 21:01:03
19017232
Comintern Archive revolutionary literature ciml.250x.com/archive/literatu…
2025-06-26 08:23:55
2025-06-24 21:00:26
2025-06-24 21:00:14
19017223
2025-06-24 21:00:03
2025-06-24 21:00:03
2025-06-24 19:27:59
19017219
B-2 diplomacy works.
2025-06-24 21:00:02
2025-06-24 21:00:02
2025-06-24 20:59:03
19017217
Xi to attend gathering marking 80th anniversary of victory against Japanese aggression, fascism eng.chinamil.com.cn/CHINA_2091…
Xi to attend gathering marking 80th anniversary of victory against Japanese aggression, fascism - China Military
Chinese President Xi Jinping will attend a gathering marking the 80th anniversary of the victory in the Chinese People's War of Resistance Against Japanese Aggression and the World Anti-Fascist War.eng.chinamil.com.cn
2025-06-24 20:59:19
2025-06-24 20:59:19
2025-06-24 20:59:19
19017213
You can follow us in other languages. Visit our website for more information wordsmith.social/protestation/…
Social
English– @protestation@friendica.eskimo.comFrançais– @protestation@social.trom.tf– @protestation@mastodon.social
Deutsch– @protestation@friendica.opensocial.space
Português– @protestation@mastodon.acc.sunet.se– @protestation@friendicarg.nsupdate.info
Quotes– @protestation@embers.social– @protestation@freeradical.zone
2025-06-24 20:59:15
2025-06-24 20:59:15
2025-06-24 20:52:10
19017211
Hamas' Al-Qassam Brigades execute complex ambush on zionist force in Gaza
Hamas' Al-Qassam Brigades execute complex ambush on zionist force in Gaza
Al-Qassam Brigades, the military wing of the Islamic Resistance Movement (Hamas), announced on Tuesday that its fighters carried out a complex ambush targeting a Zionist force entrenched inside a house south of Khan Younis in the southern Gaza Strip.www.saba.ye
2025-06-24 20:59:03
2025-06-24 20:59:02
2025-06-24 20:51:20
19017205
#gaza #palestinian #children #palestine #civilians #siblings #parents #children #loss #suffering #pain #deaths #killings #endisraelswarcrimes #stopisrael #childmurder
This Palestinian boy was #MurderedbyIsrael yesterday.
This entry was edited (4 weeks ago)
2025-06-24 21:13:26
2025-06-24 20:58:52
2025-06-24 20:50:54
19017201
Workers and students in Manchester and Bradford speak out against Iran war, Palestine Action ban - World Socialist Web Site
wsws.org/en/articles/2025/06/2…
Workers and students in Manchester and Bradford speak out against Iran war, Palestine Action ban
Ahmed, a rail worker, told WSWS, “The attack on Iran is totally unjustified, it’s also a total threat to democracy… Before we know it, we won’t be able to protest.”World Socialist Web Site
reshared this
Nanook reshared this.
So‑Called Vaughn
in reply to Dave Goldsmith • • •For anyone wondering about the text:
“CATONSVILLE NINE
ON MAY 17, 1968, NINE CATHOLIC ACTIVISTS RAIDED THE SELECTIVE SERVICE OFFICE IN CATONSVILLE AND BURNED SEVERAL HUNDRED DRAFT FILES TO PROTEST THE VIETNAM MAR. IN A HIGHLY-PUBLICIZED TRIAL, THE "NINE." WHO INCLUDED PRIESTS DANIEL AND PHILIP BERRIGAN, WERE CONVICTED AND SENTENCED TO PRISON. THE CATONSVILLE ACTION PLAYED AN IMPORTANT ROLE IN THE ANTIWAR MOVEMENT, INSPIRING SIMILAR ACTS OF CIVIL DISOBEDIENCE ACROSS THE COUNTRY.
MARYLAND HISTORICAL TRUST
MARYLAND STATE HIGHWAY ADMINISTRATION”
Dave Goldsmith reshared this.
Dave Goldsmith
in reply to So‑Called Vaughn • • •@vaughnsc
Nice move!
So‑Called Vaughn
in reply to Dave Goldsmith • • •