• bushvin@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    10 months ago

    There is nothing more important than security patches on a system.

    I used to work at an FMI, which’s motto was “keep things stable”. Even the ciso department bought that crap. Until we hired a white hat hacker. The only thing given was the name of the company. He managed to get into the building, access an employee’s workstation and install a root kit on one of the most important financial message tracking systems (you know, the one that instructs other systems to transfer money), using a security bug, which would have been patched if they kept a regular (security) update cycle. After shit hit the fan, many people were fired and an update cycle was introduced.

    No system is important enough to not patch. And if you believe it is, you’re wrong.