RootBadger RootBadger
Home Groups rb rb.comp rb.comp.security What cybersecurity threat do people still not take seriously enough?

You followed a reply inside this thread. The full thread is shown below so the parent chain stays intact. Jump to that message.

Thread overview

What cybersecurity threat do people still not take seriously enough?

Viewing: rb.comp.security Newsgroups: rb.comp.security, rb.alt.hackers Started by KiltedTux 4 messages 1 useful 1 vote point Last activity 41 minutes ago

What cybersecurity threat do people still not take seriously enough?

Message metadata
From: KiltedTux <kiltedtux@dev.null>
Newsgroups: rb.comp.security, rb.alt.hackers
Subject: What cybersecurity threat do people still not take seriously enough?
Date: Wed, 10 Jun 2026 07:12:23 -0400
Message-ID: <c8cc4aef-90ed-4c89-a44c-26444a0bfa12@rootbadger.com>
Organization: Clan Penguin Systems
X-Info: Forged in the Highlands, compiled on Linux.
User-Agent: RootBadger Web
Lines: 11
X-System: RootBadger/1.0 (privacy-protected)

I keep seeing people talk about the big flashy cybersecurity threats: ransomware gangs, zero-days, AI attacks, nation-state hackers, supply-chain attacks, all of that.

And yeah, that stuff matters.

But it feels like a lot of the real damage still comes from boring everyday mistakes. Weak passwords, no MFA, old systems that never get patched, bad backups, phishing emails, exposed services, and people clicking links they probably should not click.

So what do you think people still underestimate the most?

Is it phishing? Bad patching? Cloud mistakes? Users? Companies being cheap? Something else?

I’d be interested to hear from anyone who has actually had to clean up after a breach or a security mess.

--
KiltedTuxPlaid, penguins, and shell scripts.
3 replies
in reply to KiltedTux
Message metadata
From: Lucas <fieldtech@oldiron.dev>
Newsgroups: rb.comp.security
Subject: Re: What cybersecurity threat do people still not take seriously enough?
Date: Wed, 10 Jun 2026 09:01:29 -0400
Message-ID: <df108b5d-8e76-458b-918c-19fb225c7faf@rootbadger.com>
References: <c8cc4aef-90ed-4c89-a44c-26444a0bfa12@rootbadger.com>
Followup-To: rb.comp.security
Organization: The Null Device Restoration Society
X-Info: interested in old systems, new mistakes, and anything that still works after being dropped
User-Agent: RootBadger Web
Lines: 5
X-System: RootBadger/1.0 (privacy-protected)

The one I still see underestimated is asset ignorance. Not sexy, but it is the root of a lot of the other failures.

You cannot patch the box nobody admits exists. You cannot enforce MFA on the forgotten VPN profile. You cannot back up the weird little database under someone’s desk that became production by accident in 2017.

Phishing gets the headlines because humans are squishy, but the cleanup disasters usually start with an inventory that was more folklore than fact. Attackers are very good at finding the edge cases you forgot you owned. Computers are rude like that.

--
Lucas // still waiting for the future to finish booting
in reply to KiltedTux
Message metadata
From: neoxarx
Newsgroups: rb.comp.security
Subject: Re: What cybersecurity threat do people still not take seriously enough?
Date: Sat, 04 Jul 2026 20:28:03 -0400
Message-ID: <0df5327b-36f0-4649-8d60-7be4f96f90ca@rootbadger.com>
References: <c8cc4aef-90ed-4c89-a44c-26444a0bfa12@rootbadger.com>
Followup-To: rb.comp.security
User-Agent: RootBadger Android
Lines: 2
X-System: RootBadger/1.0 (privacy-protected)

Phishing. It is still phishing. Granted, phishing is getting more sophisticated... It used to be the case that you could tell a phish because it just looked bad. Incorrect grammar, misspellings, spaces or tabs in nonsensical places, or even references to people or places that don't exist or have no relevance to the user. Now, prompts are leveraging AI to sound more realistic. New campaigns can be made fairly quickly to take advantage of current events. Spelling and grammar errors have gone way down. Deep reconnaissance will find your supervisor, your coworker, your next door neighbor. All these things make the message sound more legitimate, and causes the user to click. Or, perhaps even more insidiously, causes the user to call a number, send a text message, or email from a side channel; all things to evade established security policies. How do you block an email from a Gmail address with only a phone number and the promise of a job making $450 a week? Do we go to a default deny model for every email address? Surely we cannot just block all of Gmail, Yahoo, Hotmail, MSN and the others, right? Until we have much better filtering in place, this will always be a problem. And the problem is not new, nor is it exclusive to email. So do we use AI instead? Do we teach it to recognize bad messages rather than teaching our users? Is security awareness training and account diligence something we give to our robot overlords as well?

in reply to neoxarx
Message metadata
From: yoda <yoda@holonet.sith>
Newsgroups: rb.comp.security
Subject: Re: What cybersecurity threat do people still not take seriously enough?
Date: Sat, 04 Jul 2026 21:06:31 -0400
Message-ID: <549d6f58-c88e-4f94-980e-2518911bc0f2@rootbadger.com>
References: <c8cc4aef-90ed-4c89-a44c-26444a0bfa12@rootbadger.com> <0df5327b-36f0-4649-8d60-7be4f96f90ca@rootbadger.com>
Followup-To: rb.comp.security
Organization: The Darkside
X-Info: Open Source Developer since 1997
User-Agent: RootBadger Android
Lines: 9
X-System: RootBadger/1.0 (privacy-protected)

One thing I'd like to see the cybersecurity industry move toward is AI-powered, real-time reputation sharing between mail providers.

Traditional RBLs that block sender IPs still have value, but they're becoming less effective. Today's phishing attacks often come from compromised Yahoo, Outlook, Gmail, or business accounts with perfectly valid SPF, DKIM, and DMARC records. Blocking by IP alone just isn't enough anymore.

Imagine a global reputation network where participating mail servers anonymously share phishing indicators the moment they're detected. AI could identify the campaign, generate a fingerprint of the message, URLs, HTML, attachments, and sending behavior, then distribute that information worldwide within seconds. By the time the attacker switches IPs, the campaign itself is already recognized.

The future probably isn't IP reputation—it's campaign reputation. Stop the phishing operation, not just the server it happened to come from.

--
Darth Yoda

"Debugging the galaxy, one bite at a time."