• Bonjour à tous ! Aujourd'hui, parlons de "Wuchang: Fallen Feathers"! Bien que le jeu ait rencontré des défis sur Steam en raison de problèmes de performance sur des configurations moins puissantes, il est incroyable de voir comment une mise à jour rapide a été déployée pour améliorer l'expérience de jeu !

    L'éditeur a pris en compte les retours des joueurs et fait tout son possible pour rendre le jeu encore meilleur. Cela montre l'importance de la communication et de la volonté d'améliorer les choses. Chaque obstacle peut devenir une opportunité de croissance !

    Restons positifs et soutenons les développeurs dans leur quête pour offrir une expérience de jeu exceptionnelle !
    🌟 Bonjour à tous ! Aujourd'hui, parlons de "Wuchang: Fallen Feathers"! 🎮 Bien que le jeu ait rencontré des défis sur Steam en raison de problèmes de performance sur des configurations moins puissantes, il est incroyable de voir comment une mise à jour rapide a été déployée pour améliorer l'expérience de jeu ! 💪✨ L'éditeur a pris en compte les retours des joueurs et fait tout son possible pour rendre le jeu encore meilleur. Cela montre l'importance de la communication et de la volonté d'améliorer les choses. Chaque obstacle peut devenir une opportunité de croissance ! 🚀 Restons positifs et soutenons les développeurs dans leur quête pour offrir une expérience de jeu exceptionnelle !
    KOTAKU.COM
    Wuchang: Fallen Feathers Rushes Out Emergency Patch Amid Review-Bombing On Steam
    Wuchang: Fallen Feathers is getting slammed on Steam over what many users claim is terrible PC performance for those playing on anything but the most upgraded rigs. A fresh day-two update has now been rushed out to try and solve the worst issues pl
    Like
    Love
    Wow
    Sad
    27
    1 Commentarii 0 Distribuiri 0 previzualizare
  • Les configurations recommandées pour jouer au Souls-like Wuchang: Fallen Feathers sur PC sont enfin là. Si vous êtes fatigué de faire des runs sur Elden Ring: Nightreign, peut-être que ça vous intéressera. Mais bon, qui a vraiment envie de se soucier des configurations techniques, non ? L'article sur ActuGaming.net vous dit ce qu'il faut, mais au final, c'est juste un autre jeu dans un océan de jeux. Pas de quoi sauter de joie.

    #Wuchang #SoulsLike #PCGaming #ActuGaming #EldenRing
    Les configurations recommandées pour jouer au Souls-like Wuchang: Fallen Feathers sur PC sont enfin là. Si vous êtes fatigué de faire des runs sur Elden Ring: Nightreign, peut-être que ça vous intéressera. Mais bon, qui a vraiment envie de se soucier des configurations techniques, non ? L'article sur ActuGaming.net vous dit ce qu'il faut, mais au final, c'est juste un autre jeu dans un océan de jeux. Pas de quoi sauter de joie. #Wuchang #SoulsLike #PCGaming #ActuGaming #EldenRing
    WWW.ACTUGAMING.NET
    Voici les configurations recommandées pour jouer au Souls-like Wuchang: Fallen Feathers sur PC
    ActuGaming.net Voici les configurations recommandées pour jouer au Souls-like Wuchang: Fallen Feathers sur PC Si vous n’en pouvez déjà plus d’enchaîner les runs sur Elden Ring: Nightreign, vous pourrez […] L'article Voici les confi
    Like
    Love
    Wow
    Angry
    Sad
    158
    1 Commentarii 0 Distribuiri 0 previzualizare
  • EasyDMARC Integrates With Pax8 Marketplace To Simplify Email Security For MSPs

    Originally published at EasyDMARC Integrates With Pax8 Marketplace To Simplify Email Security For MSPs by Anush Yolyan.

    The integration will deliver simple, accessible, and streamlined email security for vulnerable inboxes

    Global, 4 November 2024 – US-based email security firm EasyDMARC has today announced its integration with Pax8 Marketplace, the leading cloud commerce marketplace. As one of the first DMARC solution providers on the Pax8 Marketplace, EasyDMARC is expanding its mission to protect inboxes from the rising threat of phishing attacks with a rigorous, user-friendly DMARC solution.

    The integration comes as Google highlights the impressive results of recently implemented email authentication measures for bulk senders: a 65% reduction in unauthenticated messages to Gmail users, a 50% increase in bulk senders following best security practices, and 265 billion fewer unauthenticated messages sent in 2024. With email being such a crucial communication channel for businesses, email authentication measures are an essential part of any business’s cybersecurity offering. 

    Key features of the integration include:

    Centralized billing

    With centralized billing, customers can now streamline their cloud services under a single pane of glass, simplifying the management and billing of their EasyDMARC solution. This consolidated approach enables partners to reduce administrative complexity and manage all cloud expenses through one interface, providing a seamless billing and support experience.

    Automated provisioning 

    Through automated provisioning, Pax8’s automation capabilities make deploying DMARC across client accounts quick and hassle-free. By eliminating manual configurations, this integration ensures that customers can implement email security solutions rapidly, allowing them to safeguard client inboxes without delay.

    Bundled offerings

    The bundled offerings available through Pax8 allow partners to enhance their service portfolios by combining EasyDMARC with complementary security solutions. By creating all-in-one security packages, partners can offer their clients more robust protection, addressing a broader range of security needs from a single, trusted platform.

    Gerasim Hovhannisyan, Co-Founder and CEO of EasyDMARC, said:

    “We’re thrilled to be working with Pax8  to provide MSPs with a streamlined, effective way to deliver top-tier email security to their clients, all within a platform that equips them with everything needed to stay secure.  As phishing attacks grow in frequency and sophistication, businesses can no longer afford to overlook the importance of email security. Email authentication is a vital defense against the evolving threat of phishing and is crucial in preserving the integrity of email communication. This integration is designed to allow businesses of all sizes to benefit from DMARC’s extensive capabilities.”

    Ryan Burton, Vice President of Marketplace Vendor Strategy, at Pax8 said: 

    “We’re delighted to welcome EasyDMARC to the Pax8 Marketplace as an enterprise-class DMARC solution provider. This integration gives MSPs the tools they need to meet the growing demand for email security, with simplified deployment, billing, and bundling benefits. With EasyDMARC’s technical capabilities and intelligence, MSPs can deliver robust protection against phishing threats without the technical hassle that often holds businesses back.”

    About EasyDMARC

    EasyDMARC is a cloud-native B2B SaaS solution that addresses email security and deliverability problems with just a few clicks. For Managed Service Providers seeking to increase their revenue, EasyDMARC presents an ideal solution. The email authentication platform streamlines domain management, providing capabilities such as organizational control, domain grouping, and access management.

    Additionally, EasyDMARC offers a comprehensive sales and marketing enablement program designed to boost DMARC sales. All of these features are available for MSPs on a scalable platform with a flexible pay-as-you-go pricing model.

    For more information on the EasyDMARC, visit: /

    About Pax8 

    Pax8 is the technology marketplace of the future, linking partners, vendors, and small to midsized businessesthrough AI-powered insights and comprehensive product support. With a global partner ecosystem of over 38,000 managed service providers, Pax8 empowers SMBs worldwide by providing software and services that unlock their growth potential and enhance their security. Committed to innovating cloud commerce at scale, Pax8 drives customer acquisition and solution consumption across its entire ecosystem.

    Find out more: /

    The post EasyDMARC Integrates With Pax8 Marketplace To Simplify Email Security For MSPs appeared first on EasyDMARC.
    #easydmarc #integrates #with #pax8 #marketplace
    EasyDMARC Integrates With Pax8 Marketplace To Simplify Email Security For MSPs
    Originally published at EasyDMARC Integrates With Pax8 Marketplace To Simplify Email Security For MSPs by Anush Yolyan. The integration will deliver simple, accessible, and streamlined email security for vulnerable inboxes Global, 4 November 2024 – US-based email security firm EasyDMARC has today announced its integration with Pax8 Marketplace, the leading cloud commerce marketplace. As one of the first DMARC solution providers on the Pax8 Marketplace, EasyDMARC is expanding its mission to protect inboxes from the rising threat of phishing attacks with a rigorous, user-friendly DMARC solution. The integration comes as Google highlights the impressive results of recently implemented email authentication measures for bulk senders: a 65% reduction in unauthenticated messages to Gmail users, a 50% increase in bulk senders following best security practices, and 265 billion fewer unauthenticated messages sent in 2024. With email being such a crucial communication channel for businesses, email authentication measures are an essential part of any business’s cybersecurity offering.  Key features of the integration include: Centralized billing With centralized billing, customers can now streamline their cloud services under a single pane of glass, simplifying the management and billing of their EasyDMARC solution. This consolidated approach enables partners to reduce administrative complexity and manage all cloud expenses through one interface, providing a seamless billing and support experience. Automated provisioning  Through automated provisioning, Pax8’s automation capabilities make deploying DMARC across client accounts quick and hassle-free. By eliminating manual configurations, this integration ensures that customers can implement email security solutions rapidly, allowing them to safeguard client inboxes without delay. Bundled offerings The bundled offerings available through Pax8 allow partners to enhance their service portfolios by combining EasyDMARC with complementary security solutions. By creating all-in-one security packages, partners can offer their clients more robust protection, addressing a broader range of security needs from a single, trusted platform. Gerasim Hovhannisyan, Co-Founder and CEO of EasyDMARC, said: “We’re thrilled to be working with Pax8  to provide MSPs with a streamlined, effective way to deliver top-tier email security to their clients, all within a platform that equips them with everything needed to stay secure.  As phishing attacks grow in frequency and sophistication, businesses can no longer afford to overlook the importance of email security. Email authentication is a vital defense against the evolving threat of phishing and is crucial in preserving the integrity of email communication. This integration is designed to allow businesses of all sizes to benefit from DMARC’s extensive capabilities.” Ryan Burton, Vice President of Marketplace Vendor Strategy, at Pax8 said:  “We’re delighted to welcome EasyDMARC to the Pax8 Marketplace as an enterprise-class DMARC solution provider. This integration gives MSPs the tools they need to meet the growing demand for email security, with simplified deployment, billing, and bundling benefits. With EasyDMARC’s technical capabilities and intelligence, MSPs can deliver robust protection against phishing threats without the technical hassle that often holds businesses back.” About EasyDMARC EasyDMARC is a cloud-native B2B SaaS solution that addresses email security and deliverability problems with just a few clicks. For Managed Service Providers seeking to increase their revenue, EasyDMARC presents an ideal solution. The email authentication platform streamlines domain management, providing capabilities such as organizational control, domain grouping, and access management. Additionally, EasyDMARC offers a comprehensive sales and marketing enablement program designed to boost DMARC sales. All of these features are available for MSPs on a scalable platform with a flexible pay-as-you-go pricing model. For more information on the EasyDMARC, visit: / About Pax8  Pax8 is the technology marketplace of the future, linking partners, vendors, and small to midsized businessesthrough AI-powered insights and comprehensive product support. With a global partner ecosystem of over 38,000 managed service providers, Pax8 empowers SMBs worldwide by providing software and services that unlock their growth potential and enhance their security. Committed to innovating cloud commerce at scale, Pax8 drives customer acquisition and solution consumption across its entire ecosystem. Find out more: / The post EasyDMARC Integrates With Pax8 Marketplace To Simplify Email Security For MSPs appeared first on EasyDMARC. #easydmarc #integrates #with #pax8 #marketplace
    EASYDMARC.COM
    EasyDMARC Integrates With Pax8 Marketplace To Simplify Email Security For MSPs
    Originally published at EasyDMARC Integrates With Pax8 Marketplace To Simplify Email Security For MSPs by Anush Yolyan. The integration will deliver simple, accessible, and streamlined email security for vulnerable inboxes Global, 4 November 2024 – US-based email security firm EasyDMARC has today announced its integration with Pax8 Marketplace, the leading cloud commerce marketplace. As one of the first DMARC solution providers on the Pax8 Marketplace, EasyDMARC is expanding its mission to protect inboxes from the rising threat of phishing attacks with a rigorous, user-friendly DMARC solution. The integration comes as Google highlights the impressive results of recently implemented email authentication measures for bulk senders: a 65% reduction in unauthenticated messages to Gmail users, a 50% increase in bulk senders following best security practices, and 265 billion fewer unauthenticated messages sent in 2024. With email being such a crucial communication channel for businesses, email authentication measures are an essential part of any business’s cybersecurity offering.  Key features of the integration include: Centralized billing With centralized billing, customers can now streamline their cloud services under a single pane of glass, simplifying the management and billing of their EasyDMARC solution. This consolidated approach enables partners to reduce administrative complexity and manage all cloud expenses through one interface, providing a seamless billing and support experience. Automated provisioning  Through automated provisioning, Pax8’s automation capabilities make deploying DMARC across client accounts quick and hassle-free. By eliminating manual configurations, this integration ensures that customers can implement email security solutions rapidly, allowing them to safeguard client inboxes without delay. Bundled offerings The bundled offerings available through Pax8 allow partners to enhance their service portfolios by combining EasyDMARC with complementary security solutions. By creating all-in-one security packages, partners can offer their clients more robust protection, addressing a broader range of security needs from a single, trusted platform. Gerasim Hovhannisyan, Co-Founder and CEO of EasyDMARC, said: “We’re thrilled to be working with Pax8  to provide MSPs with a streamlined, effective way to deliver top-tier email security to their clients, all within a platform that equips them with everything needed to stay secure.  As phishing attacks grow in frequency and sophistication, businesses can no longer afford to overlook the importance of email security. Email authentication is a vital defense against the evolving threat of phishing and is crucial in preserving the integrity of email communication. This integration is designed to allow businesses of all sizes to benefit from DMARC’s extensive capabilities.” Ryan Burton, Vice President of Marketplace Vendor Strategy, at Pax8 said:  “We’re delighted to welcome EasyDMARC to the Pax8 Marketplace as an enterprise-class DMARC solution provider. This integration gives MSPs the tools they need to meet the growing demand for email security, with simplified deployment, billing, and bundling benefits. With EasyDMARC’s technical capabilities and intelligence, MSPs can deliver robust protection against phishing threats without the technical hassle that often holds businesses back.” About EasyDMARC EasyDMARC is a cloud-native B2B SaaS solution that addresses email security and deliverability problems with just a few clicks. For Managed Service Providers seeking to increase their revenue, EasyDMARC presents an ideal solution. The email authentication platform streamlines domain management, providing capabilities such as organizational control, domain grouping, and access management. Additionally, EasyDMARC offers a comprehensive sales and marketing enablement program designed to boost DMARC sales. All of these features are available for MSPs on a scalable platform with a flexible pay-as-you-go pricing model. For more information on the EasyDMARC, visit: https://easydmarc.com/ About Pax8  Pax8 is the technology marketplace of the future, linking partners, vendors, and small to midsized businesses (SMBs) through AI-powered insights and comprehensive product support. With a global partner ecosystem of over 38,000 managed service providers, Pax8 empowers SMBs worldwide by providing software and services that unlock their growth potential and enhance their security. Committed to innovating cloud commerce at scale, Pax8 drives customer acquisition and solution consumption across its entire ecosystem. Find out more: https://www.pax8.com/en-us/ The post EasyDMARC Integrates With Pax8 Marketplace To Simplify Email Security For MSPs appeared first on EasyDMARC.
    0 Commentarii 0 Distribuiri 0 previzualizare
  • New Zealand’s Email Security Requirements for Government Organizations: What You Need to Know

    The Secure Government EmailCommon Implementation Framework
    New Zealand’s government is introducing a comprehensive email security framework designed to protect official communications from phishing and domain spoofing. This new framework, which will be mandatory for all government agencies by October 2025, establishes clear technical standards to enhance email security and retire the outdated SEEMail service. 
    Key Takeaways

    All NZ government agencies must comply with new email security requirements by October 2025.
    The new framework strengthens trust and security in government communications by preventing spoofing and phishing.
    The framework mandates TLS 1.2+, SPF, DKIM, DMARC with p=reject, MTA-STS, and DLP controls.
    EasyDMARC simplifies compliance with our guided setup, monitoring, and automated reporting.

    Start a Free Trial

    What is the Secure Government Email Common Implementation Framework?
    The Secure Government EmailCommon Implementation Framework is a new government-led initiative in New Zealand designed to standardize email security across all government agencies. Its main goal is to secure external email communication, reduce domain spoofing in phishing attacks, and replace the legacy SEEMail service.
    Why is New Zealand Implementing New Government Email Security Standards?
    The framework was developed by New Zealand’s Department of Internal Affairsas part of its role in managing ICT Common Capabilities. It leverages modern email security controls via the Domain Name Systemto enable the retirement of the legacy SEEMail service and provide:

    Encryption for transmission security
    Digital signing for message integrity
    Basic non-repudiationDomain spoofing protection

    These improvements apply to all emails, not just those routed through SEEMail, offering broader protection across agency communications.
    What Email Security Technologies Are Required by the New NZ SGE Framework?
    The SGE Framework outlines the following key technologies that agencies must implement:

    TLS 1.2 or higher with implicit TLS enforced
    TLS-RPTSPFDKIMDMARCwith reporting
    MTA-STSData Loss Prevention controls

    These technologies work together to ensure encrypted email transmission, validate sender identity, prevent unauthorized use of domains, and reduce the risk of sensitive data leaks.

    Get in touch

    When Do NZ Government Agencies Need to Comply with this Framework?
    All New Zealand government agencies are expected to fully implement the Secure Government EmailCommon Implementation Framework by October 2025. Agencies should begin their planning and deployment now to ensure full compliance by the deadline.
    The All of Government Secure Email Common Implementation Framework v1.0
    What are the Mandated Requirements for Domains?
    Below are the exact requirements for all email-enabled domains under the new framework.
    ControlExact RequirementTLSMinimum TLS 1.2. TLS 1.1, 1.0, SSL, or clear-text not permitted.TLS-RPTAll email-sending domains must have TLS reporting enabled.SPFMust exist and end with -all.DKIMAll outbound email from every sending service must be DKIM-signed at the final hop.DMARCPolicy of p=reject on all email-enabled domains. adkim=s is recommended when not bulk-sending.MTA-STSEnabled and set to enforce.Implicit TLSMust be configured and enforced for every connection.Data Loss PreventionEnforce in line with the New Zealand Information Security Manualand Protective Security Requirements.
    Compliance Monitoring and Reporting
    The All of Government Service Deliveryteam will be monitoring compliance with the framework. Monitoring will initially cover SPF, DMARC, and MTA-STS settings and will be expanded to include DKIM. Changes to these settings will be monitored, enabling reporting on email security compliance across all government agencies. Ongoing monitoring will highlight changes to domains, ensure new domains are set up with security in place, and monitor the implementation of future email security technologies. 
    Should compliance changes occur, such as an agency’s SPF record being changed from -all to ~all, this will be captured so that the AoGSD Security Team can investigate. They will then communicate directly with the agency to determine if an issue exists or if an error has occurred, reviewing each case individually.
    Deployment Checklist for NZ Government Compliance

    Enforce TLS 1.2 minimum, implicit TLS, MTA-STS & TLS-RPT
    SPF with -all
    DKIM on all outbound email
    DMARC p=reject 
    adkim=s where suitable
    For non-email/parked domains: SPF -all, empty DKIM, DMARC reject strict
    Compliance dashboard
    Inbound DMARC evaluation enforced
    DLP aligned with NZISM

    Start a Free Trial

    How EasyDMARC Can Help Government Agencies Comply
    EasyDMARC provides a comprehensive email security solution that simplifies the deployment and ongoing management of DNS-based email security protocols like SPF, DKIM, and DMARC with reporting. Our platform offers automated checks, real-time monitoring, and a guided setup to help government organizations quickly reach compliance.
    1. TLS-RPT / MTA-STS audit
    EasyDMARC enables you to enable the Managed MTA-STS and TLS-RPT option with a single click. We provide the required DNS records and continuously monitor them for issues, delivering reports on TLS negotiation problems. This helps agencies ensure secure email transmission and quickly detect delivery or encryption failures.

    Note: In this screenshot, you can see how to deploy MTA-STS and TLS Reporting by adding just three CNAME records provided by EasyDMARC. It’s recommended to start in “testing” mode, evaluate the TLS-RPT reports, and then gradually switch your MTA-STS policy to “enforce”. The process is simple and takes just a few clicks.

    As shown above, EasyDMARC parses incoming TLS reports into a centralized dashboard, giving you clear visibility into delivery and encryption issues across all sending sources.
    2. SPF with “-all”In the EasyDARC platform, you can run the SPF Record Generator to create a compliant record. Publish your v=spf1 record with “-all” to enforce a hard fail for unauthorized senders and prevent spoofed emails from passing SPF checks. This strengthens your domain’s protection against impersonation.

    Note: It is highly recommended to start adjusting your SPF record only after you begin receiving DMARC reports and identifying your legitimate email sources. As we’ll explain in more detail below, both SPF and DKIM should be adjusted after you gain visibility through reports.
    Making changes without proper visibility can lead to false positives, misconfigurations, and potential loss of legitimate emails. That’s why the first step should always be setting DMARC to p=none, receiving reports, analyzing them, and then gradually fixing any SPF or DKIM issues.
    3. DKIM on all outbound email
    DKIM must be configured for all email sources sending emails on behalf of your domain. This is critical, as DKIM plays a bigger role than SPF when it comes to building domain reputation, surviving auto-forwarding, mailing lists, and other edge cases.
    As mentioned above, DMARC reports provide visibility into your email sources, allowing you to implement DKIM accordingly. If you’re using third-party services like Google Workspace, Microsoft 365, or Mimecast, you’ll need to retrieve the public DKIM key from your provider’s admin interface.
    EasyDMARC maintains a backend directory of over 1,400 email sources. We also give you detailed guidance on how to configure SPF and DKIM correctly for major ESPs. 
    Note: At the end of this article, you’ll find configuration links for well-known ESPs like Google Workspace, Microsoft 365, Zoho Mail, Amazon SES, and SendGrid – helping you avoid common misconfigurations and get aligned with SGE requirements.
    If you’re using a dedicated MTA, DKIM must be implemented manually. EasyDMARC’s DKIM Record Generator lets you generate both public and private keys for your server. The private key is stored on your MTA, while the public key must be published in your DNS.

    4. DMARC p=reject rollout
    As mentioned in previous points, DMARC reporting is the first and most important step on your DMARC enforcement journey. Always start with a p=none policy and configure RUA reports to be sent to EasyDMARC. Use the report insights to identify and fix SPF and DKIM alignment issues, then gradually move to p=quarantine and finally p=reject once all legitimate email sources have been authenticated. 
    This phased approach ensures full protection against domain spoofing without risking legitimate email delivery.

    5. adkim Strict Alignment Check
    This strict alignment check is not always applicable, especially if you’re using third-party bulk ESPs, such as Sendgrid, that require you to set DKIM on a subdomain level. You can set adkim=s in your DMARC TXT record, or simply enable strict mode in EasyDMARC’s Managed DMARC settings. This ensures that only emails with a DKIM signature that exactly match your domain pass alignment, adding an extra layer of protection against domain spoofing. But only do this if you are NOT a bulk sender.

    6. Securing Non-Email Enabled Domains
    The purpose of deploying email security to non-email-enabled domains, or parked domains, is to prevent messages being spoofed from that domain. This requirement remains even if the root-level domain has SP=reject set within its DMARC record.
    Under this new framework, you must bulk import and mark parked domains as “Parked.” Crucially, this requires adjusting SPF settings to an empty record, setting DMARC to p=reject, and ensuring an empty DKIM record is in place: • SPF record: “v=spf1 -all”.
    • Wildcard DKIM record with empty public key.• DMARC record: “v=DMARC1;p=reject;adkim=s;aspf=s;rua=mailto:…”.
    EasyDMARC allows you to add and label parked domains for free. This is important because it helps you monitor any activity from these domains and ensure they remain protected with a strict DMARC policy of p=reject.
    7. Compliance Dashboard
    Use EasyDMARC’s Domain Scanner to assess the security posture of each domain with a clear compliance score and risk level. The dashboard highlights configuration gaps and guides remediation steps, helping government agencies stay on track toward full compliance with the SGE Framework.

    8. Inbound DMARC Evaluation Enforced
    You don’t need to apply any changes if you’re using Google Workspace, Microsoft 365, or other major mailbox providers. Most of them already enforce DMARC evaluation on incoming emails.
    However, some legacy Microsoft 365 setups may still quarantine emails that fail DMARC checks, even when the sending domain has a p=reject policy, instead of rejecting them. This behavior can be adjusted directly from your Microsoft Defender portal. about this in our step-by-step guide on how to set up SPF, DKIM, and DMARC from Microsoft Defender.
    If you’re using a third-party mail provider that doesn’t enforce having a DMARC policy for incoming emails, which is rare, you’ll need to contact their support to request a configuration change.
    9. Data Loss Prevention Aligned with NZISM
    The New Zealand Information Security Manualis the New Zealand Government’s manual on information assurance and information systems security. It includes guidance on data loss prevention, which must be followed to be aligned with the SEG.
    Need Help Setting up SPF and DKIM for your Email Provider?
    Setting up SPF and DKIM for different ESPs often requires specific configurations. Some providers require you to publish SPF and DKIM on a subdomain, while others only require DKIM, or have different formatting rules. We’ve simplified all these steps to help you avoid misconfigurations that could delay your DMARC enforcement, or worse, block legitimate emails from reaching your recipients.
    Below you’ll find comprehensive setup guides for Google Workspace, Microsoft 365, Zoho Mail, Amazon SES, and SendGrid. You can also explore our full blog section that covers setup instructions for many other well-known ESPs.
    Remember, all this information is reflected in your DMARC aggregate reports. These reports give you live visibility into your outgoing email ecosystem, helping you analyze and fix any issues specific to a given provider.
    Here are our step-by-step guides for the most common platforms:

    Google Workspace

    Microsoft 365

    These guides will help ensure your DNS records are configured correctly as part of the Secure Government EmailFramework rollout.
    Meet New Government Email Security Standards With EasyDMARC
    New Zealand’s SEG Framework sets a clear path for government agencies to enhance their email security by October 2025. With EasyDMARC, you can meet these technical requirements efficiently and with confidence. From protocol setup to continuous monitoring and compliance tracking, EasyDMARC streamlines the entire process, ensuring strong protection against spoofing, phishing, and data loss while simplifying your transition from SEEMail.
    #new #zealands #email #security #requirements
    New Zealand’s Email Security Requirements for Government Organizations: What You Need to Know
    The Secure Government EmailCommon Implementation Framework New Zealand’s government is introducing a comprehensive email security framework designed to protect official communications from phishing and domain spoofing. This new framework, which will be mandatory for all government agencies by October 2025, establishes clear technical standards to enhance email security and retire the outdated SEEMail service.  Key Takeaways All NZ government agencies must comply with new email security requirements by October 2025. The new framework strengthens trust and security in government communications by preventing spoofing and phishing. The framework mandates TLS 1.2+, SPF, DKIM, DMARC with p=reject, MTA-STS, and DLP controls. EasyDMARC simplifies compliance with our guided setup, monitoring, and automated reporting. Start a Free Trial What is the Secure Government Email Common Implementation Framework? The Secure Government EmailCommon Implementation Framework is a new government-led initiative in New Zealand designed to standardize email security across all government agencies. Its main goal is to secure external email communication, reduce domain spoofing in phishing attacks, and replace the legacy SEEMail service. Why is New Zealand Implementing New Government Email Security Standards? The framework was developed by New Zealand’s Department of Internal Affairsas part of its role in managing ICT Common Capabilities. It leverages modern email security controls via the Domain Name Systemto enable the retirement of the legacy SEEMail service and provide: Encryption for transmission security Digital signing for message integrity Basic non-repudiationDomain spoofing protection These improvements apply to all emails, not just those routed through SEEMail, offering broader protection across agency communications. What Email Security Technologies Are Required by the New NZ SGE Framework? The SGE Framework outlines the following key technologies that agencies must implement: TLS 1.2 or higher with implicit TLS enforced TLS-RPTSPFDKIMDMARCwith reporting MTA-STSData Loss Prevention controls These technologies work together to ensure encrypted email transmission, validate sender identity, prevent unauthorized use of domains, and reduce the risk of sensitive data leaks. Get in touch When Do NZ Government Agencies Need to Comply with this Framework? All New Zealand government agencies are expected to fully implement the Secure Government EmailCommon Implementation Framework by October 2025. Agencies should begin their planning and deployment now to ensure full compliance by the deadline. The All of Government Secure Email Common Implementation Framework v1.0 What are the Mandated Requirements for Domains? Below are the exact requirements for all email-enabled domains under the new framework. ControlExact RequirementTLSMinimum TLS 1.2. TLS 1.1, 1.0, SSL, or clear-text not permitted.TLS-RPTAll email-sending domains must have TLS reporting enabled.SPFMust exist and end with -all.DKIMAll outbound email from every sending service must be DKIM-signed at the final hop.DMARCPolicy of p=reject on all email-enabled domains. adkim=s is recommended when not bulk-sending.MTA-STSEnabled and set to enforce.Implicit TLSMust be configured and enforced for every connection.Data Loss PreventionEnforce in line with the New Zealand Information Security Manualand Protective Security Requirements. Compliance Monitoring and Reporting The All of Government Service Deliveryteam will be monitoring compliance with the framework. Monitoring will initially cover SPF, DMARC, and MTA-STS settings and will be expanded to include DKIM. Changes to these settings will be monitored, enabling reporting on email security compliance across all government agencies. Ongoing monitoring will highlight changes to domains, ensure new domains are set up with security in place, and monitor the implementation of future email security technologies.  Should compliance changes occur, such as an agency’s SPF record being changed from -all to ~all, this will be captured so that the AoGSD Security Team can investigate. They will then communicate directly with the agency to determine if an issue exists or if an error has occurred, reviewing each case individually. Deployment Checklist for NZ Government Compliance Enforce TLS 1.2 minimum, implicit TLS, MTA-STS & TLS-RPT SPF with -all DKIM on all outbound email DMARC p=reject  adkim=s where suitable For non-email/parked domains: SPF -all, empty DKIM, DMARC reject strict Compliance dashboard Inbound DMARC evaluation enforced DLP aligned with NZISM Start a Free Trial How EasyDMARC Can Help Government Agencies Comply EasyDMARC provides a comprehensive email security solution that simplifies the deployment and ongoing management of DNS-based email security protocols like SPF, DKIM, and DMARC with reporting. Our platform offers automated checks, real-time monitoring, and a guided setup to help government organizations quickly reach compliance. 1. TLS-RPT / MTA-STS audit EasyDMARC enables you to enable the Managed MTA-STS and TLS-RPT option with a single click. We provide the required DNS records and continuously monitor them for issues, delivering reports on TLS negotiation problems. This helps agencies ensure secure email transmission and quickly detect delivery or encryption failures. Note: In this screenshot, you can see how to deploy MTA-STS and TLS Reporting by adding just three CNAME records provided by EasyDMARC. It’s recommended to start in “testing” mode, evaluate the TLS-RPT reports, and then gradually switch your MTA-STS policy to “enforce”. The process is simple and takes just a few clicks. As shown above, EasyDMARC parses incoming TLS reports into a centralized dashboard, giving you clear visibility into delivery and encryption issues across all sending sources. 2. SPF with “-all”In the EasyDARC platform, you can run the SPF Record Generator to create a compliant record. Publish your v=spf1 record with “-all” to enforce a hard fail for unauthorized senders and prevent spoofed emails from passing SPF checks. This strengthens your domain’s protection against impersonation. Note: It is highly recommended to start adjusting your SPF record only after you begin receiving DMARC reports and identifying your legitimate email sources. As we’ll explain in more detail below, both SPF and DKIM should be adjusted after you gain visibility through reports. Making changes without proper visibility can lead to false positives, misconfigurations, and potential loss of legitimate emails. That’s why the first step should always be setting DMARC to p=none, receiving reports, analyzing them, and then gradually fixing any SPF or DKIM issues. 3. DKIM on all outbound email DKIM must be configured for all email sources sending emails on behalf of your domain. This is critical, as DKIM plays a bigger role than SPF when it comes to building domain reputation, surviving auto-forwarding, mailing lists, and other edge cases. As mentioned above, DMARC reports provide visibility into your email sources, allowing you to implement DKIM accordingly. If you’re using third-party services like Google Workspace, Microsoft 365, or Mimecast, you’ll need to retrieve the public DKIM key from your provider’s admin interface. EasyDMARC maintains a backend directory of over 1,400 email sources. We also give you detailed guidance on how to configure SPF and DKIM correctly for major ESPs.  Note: At the end of this article, you’ll find configuration links for well-known ESPs like Google Workspace, Microsoft 365, Zoho Mail, Amazon SES, and SendGrid – helping you avoid common misconfigurations and get aligned with SGE requirements. If you’re using a dedicated MTA, DKIM must be implemented manually. EasyDMARC’s DKIM Record Generator lets you generate both public and private keys for your server. The private key is stored on your MTA, while the public key must be published in your DNS. 4. DMARC p=reject rollout As mentioned in previous points, DMARC reporting is the first and most important step on your DMARC enforcement journey. Always start with a p=none policy and configure RUA reports to be sent to EasyDMARC. Use the report insights to identify and fix SPF and DKIM alignment issues, then gradually move to p=quarantine and finally p=reject once all legitimate email sources have been authenticated.  This phased approach ensures full protection against domain spoofing without risking legitimate email delivery. 5. adkim Strict Alignment Check This strict alignment check is not always applicable, especially if you’re using third-party bulk ESPs, such as Sendgrid, that require you to set DKIM on a subdomain level. You can set adkim=s in your DMARC TXT record, or simply enable strict mode in EasyDMARC’s Managed DMARC settings. This ensures that only emails with a DKIM signature that exactly match your domain pass alignment, adding an extra layer of protection against domain spoofing. But only do this if you are NOT a bulk sender. 6. Securing Non-Email Enabled Domains The purpose of deploying email security to non-email-enabled domains, or parked domains, is to prevent messages being spoofed from that domain. This requirement remains even if the root-level domain has SP=reject set within its DMARC record. Under this new framework, you must bulk import and mark parked domains as “Parked.” Crucially, this requires adjusting SPF settings to an empty record, setting DMARC to p=reject, and ensuring an empty DKIM record is in place: • SPF record: “v=spf1 -all”. • Wildcard DKIM record with empty public key.• DMARC record: “v=DMARC1;p=reject;adkim=s;aspf=s;rua=mailto:…”. EasyDMARC allows you to add and label parked domains for free. This is important because it helps you monitor any activity from these domains and ensure they remain protected with a strict DMARC policy of p=reject. 7. Compliance Dashboard Use EasyDMARC’s Domain Scanner to assess the security posture of each domain with a clear compliance score and risk level. The dashboard highlights configuration gaps and guides remediation steps, helping government agencies stay on track toward full compliance with the SGE Framework. 8. Inbound DMARC Evaluation Enforced You don’t need to apply any changes if you’re using Google Workspace, Microsoft 365, or other major mailbox providers. Most of them already enforce DMARC evaluation on incoming emails. However, some legacy Microsoft 365 setups may still quarantine emails that fail DMARC checks, even when the sending domain has a p=reject policy, instead of rejecting them. This behavior can be adjusted directly from your Microsoft Defender portal. about this in our step-by-step guide on how to set up SPF, DKIM, and DMARC from Microsoft Defender. If you’re using a third-party mail provider that doesn’t enforce having a DMARC policy for incoming emails, which is rare, you’ll need to contact their support to request a configuration change. 9. Data Loss Prevention Aligned with NZISM The New Zealand Information Security Manualis the New Zealand Government’s manual on information assurance and information systems security. It includes guidance on data loss prevention, which must be followed to be aligned with the SEG. Need Help Setting up SPF and DKIM for your Email Provider? Setting up SPF and DKIM for different ESPs often requires specific configurations. Some providers require you to publish SPF and DKIM on a subdomain, while others only require DKIM, or have different formatting rules. We’ve simplified all these steps to help you avoid misconfigurations that could delay your DMARC enforcement, or worse, block legitimate emails from reaching your recipients. Below you’ll find comprehensive setup guides for Google Workspace, Microsoft 365, Zoho Mail, Amazon SES, and SendGrid. You can also explore our full blog section that covers setup instructions for many other well-known ESPs. Remember, all this information is reflected in your DMARC aggregate reports. These reports give you live visibility into your outgoing email ecosystem, helping you analyze and fix any issues specific to a given provider. Here are our step-by-step guides for the most common platforms: Google Workspace Microsoft 365 These guides will help ensure your DNS records are configured correctly as part of the Secure Government EmailFramework rollout. Meet New Government Email Security Standards With EasyDMARC New Zealand’s SEG Framework sets a clear path for government agencies to enhance their email security by October 2025. With EasyDMARC, you can meet these technical requirements efficiently and with confidence. From protocol setup to continuous monitoring and compliance tracking, EasyDMARC streamlines the entire process, ensuring strong protection against spoofing, phishing, and data loss while simplifying your transition from SEEMail. #new #zealands #email #security #requirements
    EASYDMARC.COM
    New Zealand’s Email Security Requirements for Government Organizations: What You Need to Know
    The Secure Government Email (SGE) Common Implementation Framework New Zealand’s government is introducing a comprehensive email security framework designed to protect official communications from phishing and domain spoofing. This new framework, which will be mandatory for all government agencies by October 2025, establishes clear technical standards to enhance email security and retire the outdated SEEMail service.  Key Takeaways All NZ government agencies must comply with new email security requirements by October 2025. The new framework strengthens trust and security in government communications by preventing spoofing and phishing. The framework mandates TLS 1.2+, SPF, DKIM, DMARC with p=reject, MTA-STS, and DLP controls. EasyDMARC simplifies compliance with our guided setup, monitoring, and automated reporting. Start a Free Trial What is the Secure Government Email Common Implementation Framework? The Secure Government Email (SGE) Common Implementation Framework is a new government-led initiative in New Zealand designed to standardize email security across all government agencies. Its main goal is to secure external email communication, reduce domain spoofing in phishing attacks, and replace the legacy SEEMail service. Why is New Zealand Implementing New Government Email Security Standards? The framework was developed by New Zealand’s Department of Internal Affairs (DIA) as part of its role in managing ICT Common Capabilities. It leverages modern email security controls via the Domain Name System (DNS) to enable the retirement of the legacy SEEMail service and provide: Encryption for transmission security Digital signing for message integrity Basic non-repudiation (by allowing only authorized senders) Domain spoofing protection These improvements apply to all emails, not just those routed through SEEMail, offering broader protection across agency communications. What Email Security Technologies Are Required by the New NZ SGE Framework? The SGE Framework outlines the following key technologies that agencies must implement: TLS 1.2 or higher with implicit TLS enforced TLS-RPT (TLS Reporting) SPF (Sender Policy Framework) DKIM (DomainKeys Identified Mail) DMARC (Domain-based Message Authentication, Reporting, and Conformance) with reporting MTA-STS (Mail Transfer Agent Strict Transport Security) Data Loss Prevention controls These technologies work together to ensure encrypted email transmission, validate sender identity, prevent unauthorized use of domains, and reduce the risk of sensitive data leaks. Get in touch When Do NZ Government Agencies Need to Comply with this Framework? All New Zealand government agencies are expected to fully implement the Secure Government Email (SGE) Common Implementation Framework by October 2025. Agencies should begin their planning and deployment now to ensure full compliance by the deadline. The All of Government Secure Email Common Implementation Framework v1.0 What are the Mandated Requirements for Domains? Below are the exact requirements for all email-enabled domains under the new framework. ControlExact RequirementTLSMinimum TLS 1.2. TLS 1.1, 1.0, SSL, or clear-text not permitted.TLS-RPTAll email-sending domains must have TLS reporting enabled.SPFMust exist and end with -all.DKIMAll outbound email from every sending service must be DKIM-signed at the final hop.DMARCPolicy of p=reject on all email-enabled domains. adkim=s is recommended when not bulk-sending.MTA-STSEnabled and set to enforce.Implicit TLSMust be configured and enforced for every connection.Data Loss PreventionEnforce in line with the New Zealand Information Security Manual (NZISM) and Protective Security Requirements (PSR). Compliance Monitoring and Reporting The All of Government Service Delivery (AoGSD) team will be monitoring compliance with the framework. Monitoring will initially cover SPF, DMARC, and MTA-STS settings and will be expanded to include DKIM. Changes to these settings will be monitored, enabling reporting on email security compliance across all government agencies. Ongoing monitoring will highlight changes to domains, ensure new domains are set up with security in place, and monitor the implementation of future email security technologies.  Should compliance changes occur, such as an agency’s SPF record being changed from -all to ~all, this will be captured so that the AoGSD Security Team can investigate. They will then communicate directly with the agency to determine if an issue exists or if an error has occurred, reviewing each case individually. Deployment Checklist for NZ Government Compliance Enforce TLS 1.2 minimum, implicit TLS, MTA-STS & TLS-RPT SPF with -all DKIM on all outbound email DMARC p=reject  adkim=s where suitable For non-email/parked domains: SPF -all, empty DKIM, DMARC reject strict Compliance dashboard Inbound DMARC evaluation enforced DLP aligned with NZISM Start a Free Trial How EasyDMARC Can Help Government Agencies Comply EasyDMARC provides a comprehensive email security solution that simplifies the deployment and ongoing management of DNS-based email security protocols like SPF, DKIM, and DMARC with reporting. Our platform offers automated checks, real-time monitoring, and a guided setup to help government organizations quickly reach compliance. 1. TLS-RPT / MTA-STS audit EasyDMARC enables you to enable the Managed MTA-STS and TLS-RPT option with a single click. We provide the required DNS records and continuously monitor them for issues, delivering reports on TLS negotiation problems. This helps agencies ensure secure email transmission and quickly detect delivery or encryption failures. Note: In this screenshot, you can see how to deploy MTA-STS and TLS Reporting by adding just three CNAME records provided by EasyDMARC. It’s recommended to start in “testing” mode, evaluate the TLS-RPT reports, and then gradually switch your MTA-STS policy to “enforce”. The process is simple and takes just a few clicks. As shown above, EasyDMARC parses incoming TLS reports into a centralized dashboard, giving you clear visibility into delivery and encryption issues across all sending sources. 2. SPF with “-all”In the EasyDARC platform, you can run the SPF Record Generator to create a compliant record. Publish your v=spf1 record with “-all” to enforce a hard fail for unauthorized senders and prevent spoofed emails from passing SPF checks. This strengthens your domain’s protection against impersonation. Note: It is highly recommended to start adjusting your SPF record only after you begin receiving DMARC reports and identifying your legitimate email sources. As we’ll explain in more detail below, both SPF and DKIM should be adjusted after you gain visibility through reports. Making changes without proper visibility can lead to false positives, misconfigurations, and potential loss of legitimate emails. That’s why the first step should always be setting DMARC to p=none, receiving reports, analyzing them, and then gradually fixing any SPF or DKIM issues. 3. DKIM on all outbound email DKIM must be configured for all email sources sending emails on behalf of your domain. This is critical, as DKIM plays a bigger role than SPF when it comes to building domain reputation, surviving auto-forwarding, mailing lists, and other edge cases. As mentioned above, DMARC reports provide visibility into your email sources, allowing you to implement DKIM accordingly (see first screenshot). If you’re using third-party services like Google Workspace, Microsoft 365, or Mimecast, you’ll need to retrieve the public DKIM key from your provider’s admin interface (see second screenshot). EasyDMARC maintains a backend directory of over 1,400 email sources. We also give you detailed guidance on how to configure SPF and DKIM correctly for major ESPs.  Note: At the end of this article, you’ll find configuration links for well-known ESPs like Google Workspace, Microsoft 365, Zoho Mail, Amazon SES, and SendGrid – helping you avoid common misconfigurations and get aligned with SGE requirements. If you’re using a dedicated MTA (e.g., Postfix), DKIM must be implemented manually. EasyDMARC’s DKIM Record Generator lets you generate both public and private keys for your server. The private key is stored on your MTA, while the public key must be published in your DNS (see third and fourth screenshots). 4. DMARC p=reject rollout As mentioned in previous points, DMARC reporting is the first and most important step on your DMARC enforcement journey. Always start with a p=none policy and configure RUA reports to be sent to EasyDMARC. Use the report insights to identify and fix SPF and DKIM alignment issues, then gradually move to p=quarantine and finally p=reject once all legitimate email sources have been authenticated.  This phased approach ensures full protection against domain spoofing without risking legitimate email delivery. 5. adkim Strict Alignment Check This strict alignment check is not always applicable, especially if you’re using third-party bulk ESPs, such as Sendgrid, that require you to set DKIM on a subdomain level. You can set adkim=s in your DMARC TXT record, or simply enable strict mode in EasyDMARC’s Managed DMARC settings. This ensures that only emails with a DKIM signature that exactly match your domain pass alignment, adding an extra layer of protection against domain spoofing. But only do this if you are NOT a bulk sender. 6. Securing Non-Email Enabled Domains The purpose of deploying email security to non-email-enabled domains, or parked domains, is to prevent messages being spoofed from that domain. This requirement remains even if the root-level domain has SP=reject set within its DMARC record. Under this new framework, you must bulk import and mark parked domains as “Parked.” Crucially, this requires adjusting SPF settings to an empty record, setting DMARC to p=reject, and ensuring an empty DKIM record is in place: • SPF record: “v=spf1 -all”. • Wildcard DKIM record with empty public key.• DMARC record: “v=DMARC1;p=reject;adkim=s;aspf=s;rua=mailto:…”. EasyDMARC allows you to add and label parked domains for free. This is important because it helps you monitor any activity from these domains and ensure they remain protected with a strict DMARC policy of p=reject. 7. Compliance Dashboard Use EasyDMARC’s Domain Scanner to assess the security posture of each domain with a clear compliance score and risk level. The dashboard highlights configuration gaps and guides remediation steps, helping government agencies stay on track toward full compliance with the SGE Framework. 8. Inbound DMARC Evaluation Enforced You don’t need to apply any changes if you’re using Google Workspace, Microsoft 365, or other major mailbox providers. Most of them already enforce DMARC evaluation on incoming emails. However, some legacy Microsoft 365 setups may still quarantine emails that fail DMARC checks, even when the sending domain has a p=reject policy, instead of rejecting them. This behavior can be adjusted directly from your Microsoft Defender portal. Read more about this in our step-by-step guide on how to set up SPF, DKIM, and DMARC from Microsoft Defender. If you’re using a third-party mail provider that doesn’t enforce having a DMARC policy for incoming emails, which is rare, you’ll need to contact their support to request a configuration change. 9. Data Loss Prevention Aligned with NZISM The New Zealand Information Security Manual (NZISM) is the New Zealand Government’s manual on information assurance and information systems security. It includes guidance on data loss prevention (DLP), which must be followed to be aligned with the SEG. Need Help Setting up SPF and DKIM for your Email Provider? Setting up SPF and DKIM for different ESPs often requires specific configurations. Some providers require you to publish SPF and DKIM on a subdomain, while others only require DKIM, or have different formatting rules. We’ve simplified all these steps to help you avoid misconfigurations that could delay your DMARC enforcement, or worse, block legitimate emails from reaching your recipients. Below you’ll find comprehensive setup guides for Google Workspace, Microsoft 365, Zoho Mail, Amazon SES, and SendGrid. You can also explore our full blog section that covers setup instructions for many other well-known ESPs. Remember, all this information is reflected in your DMARC aggregate reports. These reports give you live visibility into your outgoing email ecosystem, helping you analyze and fix any issues specific to a given provider. Here are our step-by-step guides for the most common platforms: Google Workspace Microsoft 365 These guides will help ensure your DNS records are configured correctly as part of the Secure Government Email (SGE) Framework rollout. Meet New Government Email Security Standards With EasyDMARC New Zealand’s SEG Framework sets a clear path for government agencies to enhance their email security by October 2025. With EasyDMARC, you can meet these technical requirements efficiently and with confidence. From protocol setup to continuous monitoring and compliance tracking, EasyDMARC streamlines the entire process, ensuring strong protection against spoofing, phishing, and data loss while simplifying your transition from SEEMail.
    0 Commentarii 0 Distribuiri 0 previzualizare
  • Fortifying retail: how UK brands can defend against cyber breaches

    The recent wave of cyber attacks targeting UK retailers has been a moment of reckoning for the entire retail industry. As someone who went through supporting one of the largest retail breaches in history, this news hits close to home.
    The National Cyber Security Centre’scall to strengthen IT support protocols reinforces a hard truth: cybersecurity is no longer just a technical/operational issue. It’s a business issue that directly affects revenue, customer trust, and brand reputation.
    Retailers today are navigating an increasingly complex threat landscape, while also managing a vast user base that needs to stay informed and secure. The recent attacks don’t represent a failure, but an opportunity - an inflection point to invest in stronger visibility, continuous monitoring and a culture of shared responsibility that meets the realities of modern retail.

    We know that the cyber groups responsible for the recent retail hacks used sophisticated social engineering techniques, such as impersonating employees to deceive IT help desks into resetting passwords and providing information, thereby gaining unauthorised access to internal systems.
    Employees are increasingly a target, and retailers employ some of the largest, most diverse workforces, making them an even bigger risk with countless touchpoints for breaches. In these organisations, a cybersecurity-first culture is vital to combatting threats. Cybersecurity-first culture includes employees that are aware of these types of attacks and understand how to report them if they are contacted.
    In order to establish a cybersecurity-first culture, employees must be empowered to recognise and respond to threats, not just avoid them. This can be done through simulation training and threat assessments - showcasing real life examples of threats and brainstorming possible solutions to control and prevent further and future damage.
    This allows security teams to focus on strategy instead of constant firefighting, while leadership support - through budget, tools, and tone - reinforces its importance at every level.

    In addition to support workers, vendors also pose a significant attack path for bad actors. According to data from Elastic Path, 42% of retailers admit that legacy technology could be leaving them exposed to cyber risks. And with the accelerating pace of innovation, modern cyber threats are not only more complex, but often enter through unexpected avenues, like third-party vendors. Research from Vanta shows 46% of organisations say that a vendor of theirs has experienced a data breach since they started working together.
    The M&S breach is a case in point, with it being reported that attackers exploited a vulnerability in a contractor’s systems, not the retailer’s own. This underscores that visibility must extend beyond your perimeter to encompass the entire digital supply chain, in real time.
    Threats don’t wait for your quarterly review or annual audit. If you're only checking your controls or vendor status once a year, you're already behind. This means real-time visibility is now foundational to cyber defence. We need to know when something changes the moment it happens. This can be done through continuous monitoring, both for the technical controls and the relationships that introduce risk into your environment.
    We also need to rethink the way we resource and prioritise that visibility. Manual processes don’t scale with the complexity of modern infrastructure. Automation and tooling can help surface the right signals from the noise - whether it’s misconfigurations, access drift, or suspicious vendor behavior.

    The best case scenario is that security measures are embedded into all digital architecture, utilising a few security ‘must haves’ such as secure coding, continuous monitoring, and regular testing and improvement. Retailers who want to get proactive and about breaches following the events of the last few weeks can follow this action plan to get started:
    First, awareness - have your security leadership send a message out to managers of help desks and support teams to make sure they are aware of the recent attacks on retailers, and are in a position to inform teams of what to look out for.
    Then, investigate - pinpoint the attack path used on other retailers to make sure you have a full understanding of the risk to your organisation.
    After that, assess - conduct a threat assessment to identify what could go wrong, or how this attack path could be used in your organisation.
    The final step is to identify - figure out the highest risk gaps in your organisation, and the remediation steps to address each one.

    Strong cybersecurity doesn’t come from quick fixes - it takes time, leadership buy-in, and a shift in mindset across the organisation. My advice to security teams is simple: speak in outcomes. Frame cyber risk as business risk, because that’s what it is. The retailers that have fallen victim to recent attacks are facing huge financial losses, which makes this not just an IT issue - it’s a boardroom issue.
    Customers are paying attention. They want to trust the brands they buy from, and that trust is built on transparency and preparation. The recent retail attacks aren’t a reason to panic - they’re a reason to reset, evaluate current state risks, and fully understand the potential impacts of what is happening elsewhere. This is the moment to invest in your infrastructure, empower your teams, and embed security into your operations. The organisations that do this now won’t just be safer - they’ll be more competitive, more resilient, and better positioned for whatever comes next.
    Jadee Hanson is the Chief Information Security Officer at Vanta

    about cyber security in retail
    Content Goes Here
    Harrods becomes latest UK retailer to fall victim to cyber attack
    Retail cyber crime spree a ‘wake-up call’, says NCSC CEO
    Retail cyber attacks hit food distributor Peter Green Chilled
    #fortifying #retail #how #brands #can
    Fortifying retail: how UK brands can defend against cyber breaches
    The recent wave of cyber attacks targeting UK retailers has been a moment of reckoning for the entire retail industry. As someone who went through supporting one of the largest retail breaches in history, this news hits close to home. The National Cyber Security Centre’scall to strengthen IT support protocols reinforces a hard truth: cybersecurity is no longer just a technical/operational issue. It’s a business issue that directly affects revenue, customer trust, and brand reputation. Retailers today are navigating an increasingly complex threat landscape, while also managing a vast user base that needs to stay informed and secure. The recent attacks don’t represent a failure, but an opportunity - an inflection point to invest in stronger visibility, continuous monitoring and a culture of shared responsibility that meets the realities of modern retail. We know that the cyber groups responsible for the recent retail hacks used sophisticated social engineering techniques, such as impersonating employees to deceive IT help desks into resetting passwords and providing information, thereby gaining unauthorised access to internal systems. Employees are increasingly a target, and retailers employ some of the largest, most diverse workforces, making them an even bigger risk with countless touchpoints for breaches. In these organisations, a cybersecurity-first culture is vital to combatting threats. Cybersecurity-first culture includes employees that are aware of these types of attacks and understand how to report them if they are contacted. In order to establish a cybersecurity-first culture, employees must be empowered to recognise and respond to threats, not just avoid them. This can be done through simulation training and threat assessments - showcasing real life examples of threats and brainstorming possible solutions to control and prevent further and future damage. This allows security teams to focus on strategy instead of constant firefighting, while leadership support - through budget, tools, and tone - reinforces its importance at every level. In addition to support workers, vendors also pose a significant attack path for bad actors. According to data from Elastic Path, 42% of retailers admit that legacy technology could be leaving them exposed to cyber risks. And with the accelerating pace of innovation, modern cyber threats are not only more complex, but often enter through unexpected avenues, like third-party vendors. Research from Vanta shows 46% of organisations say that a vendor of theirs has experienced a data breach since they started working together. The M&S breach is a case in point, with it being reported that attackers exploited a vulnerability in a contractor’s systems, not the retailer’s own. This underscores that visibility must extend beyond your perimeter to encompass the entire digital supply chain, in real time. Threats don’t wait for your quarterly review or annual audit. If you're only checking your controls or vendor status once a year, you're already behind. This means real-time visibility is now foundational to cyber defence. We need to know when something changes the moment it happens. This can be done through continuous monitoring, both for the technical controls and the relationships that introduce risk into your environment. We also need to rethink the way we resource and prioritise that visibility. Manual processes don’t scale with the complexity of modern infrastructure. Automation and tooling can help surface the right signals from the noise - whether it’s misconfigurations, access drift, or suspicious vendor behavior. The best case scenario is that security measures are embedded into all digital architecture, utilising a few security ‘must haves’ such as secure coding, continuous monitoring, and regular testing and improvement. Retailers who want to get proactive and about breaches following the events of the last few weeks can follow this action plan to get started: First, awareness - have your security leadership send a message out to managers of help desks and support teams to make sure they are aware of the recent attacks on retailers, and are in a position to inform teams of what to look out for. Then, investigate - pinpoint the attack path used on other retailers to make sure you have a full understanding of the risk to your organisation. After that, assess - conduct a threat assessment to identify what could go wrong, or how this attack path could be used in your organisation. The final step is to identify - figure out the highest risk gaps in your organisation, and the remediation steps to address each one. Strong cybersecurity doesn’t come from quick fixes - it takes time, leadership buy-in, and a shift in mindset across the organisation. My advice to security teams is simple: speak in outcomes. Frame cyber risk as business risk, because that’s what it is. The retailers that have fallen victim to recent attacks are facing huge financial losses, which makes this not just an IT issue - it’s a boardroom issue. Customers are paying attention. They want to trust the brands they buy from, and that trust is built on transparency and preparation. The recent retail attacks aren’t a reason to panic - they’re a reason to reset, evaluate current state risks, and fully understand the potential impacts of what is happening elsewhere. This is the moment to invest in your infrastructure, empower your teams, and embed security into your operations. The organisations that do this now won’t just be safer - they’ll be more competitive, more resilient, and better positioned for whatever comes next. Jadee Hanson is the Chief Information Security Officer at Vanta about cyber security in retail Content Goes Here Harrods becomes latest UK retailer to fall victim to cyber attack Retail cyber crime spree a ‘wake-up call’, says NCSC CEO Retail cyber attacks hit food distributor Peter Green Chilled #fortifying #retail #how #brands #can
    WWW.COMPUTERWEEKLY.COM
    Fortifying retail: how UK brands can defend against cyber breaches
    The recent wave of cyber attacks targeting UK retailers has been a moment of reckoning for the entire retail industry. As someone who went through supporting one of the largest retail breaches in history, this news hits close to home. The National Cyber Security Centre’s (NCSC) call to strengthen IT support protocols reinforces a hard truth: cybersecurity is no longer just a technical/operational issue. It’s a business issue that directly affects revenue, customer trust, and brand reputation. Retailers today are navigating an increasingly complex threat landscape, while also managing a vast user base that needs to stay informed and secure. The recent attacks don’t represent a failure, but an opportunity - an inflection point to invest in stronger visibility, continuous monitoring and a culture of shared responsibility that meets the realities of modern retail. We know that the cyber groups responsible for the recent retail hacks used sophisticated social engineering techniques, such as impersonating employees to deceive IT help desks into resetting passwords and providing information, thereby gaining unauthorised access to internal systems. Employees are increasingly a target, and retailers employ some of the largest, most diverse workforces, making them an even bigger risk with countless touchpoints for breaches. In these organisations, a cybersecurity-first culture is vital to combatting threats. Cybersecurity-first culture includes employees that are aware of these types of attacks and understand how to report them if they are contacted. In order to establish a cybersecurity-first culture, employees must be empowered to recognise and respond to threats, not just avoid them. This can be done through simulation training and threat assessments - showcasing real life examples of threats and brainstorming possible solutions to control and prevent further and future damage. This allows security teams to focus on strategy instead of constant firefighting, while leadership support - through budget, tools, and tone - reinforces its importance at every level. In addition to support workers, vendors also pose a significant attack path for bad actors. According to data from Elastic Path, 42% of retailers admit that legacy technology could be leaving them exposed to cyber risks. And with the accelerating pace of innovation, modern cyber threats are not only more complex, but often enter through unexpected avenues, like third-party vendors. Research from Vanta shows 46% of organisations say that a vendor of theirs has experienced a data breach since they started working together. The M&S breach is a case in point, with it being reported that attackers exploited a vulnerability in a contractor’s systems, not the retailer’s own. This underscores that visibility must extend beyond your perimeter to encompass the entire digital supply chain, in real time. Threats don’t wait for your quarterly review or annual audit. If you're only checking your controls or vendor status once a year, you're already behind. This means real-time visibility is now foundational to cyber defence. We need to know when something changes the moment it happens. This can be done through continuous monitoring, both for the technical controls and the relationships that introduce risk into your environment. We also need to rethink the way we resource and prioritise that visibility. Manual processes don’t scale with the complexity of modern infrastructure. Automation and tooling can help surface the right signals from the noise - whether it’s misconfigurations, access drift, or suspicious vendor behavior. The best case scenario is that security measures are embedded into all digital architecture, utilising a few security ‘must haves’ such as secure coding, continuous monitoring, and regular testing and improvement. Retailers who want to get proactive and about breaches following the events of the last few weeks can follow this action plan to get started: First, awareness - have your security leadership send a message out to managers of help desks and support teams to make sure they are aware of the recent attacks on retailers, and are in a position to inform teams of what to look out for. Then, investigate - pinpoint the attack path used on other retailers to make sure you have a full understanding of the risk to your organisation. After that, assess - conduct a threat assessment to identify what could go wrong, or how this attack path could be used in your organisation. The final step is to identify - figure out the highest risk gaps in your organisation, and the remediation steps to address each one. Strong cybersecurity doesn’t come from quick fixes - it takes time, leadership buy-in, and a shift in mindset across the organisation. My advice to security teams is simple: speak in outcomes. Frame cyber risk as business risk, because that’s what it is. The retailers that have fallen victim to recent attacks are facing huge financial losses, which makes this not just an IT issue - it’s a boardroom issue. Customers are paying attention. They want to trust the brands they buy from, and that trust is built on transparency and preparation. The recent retail attacks aren’t a reason to panic - they’re a reason to reset, evaluate current state risks, and fully understand the potential impacts of what is happening elsewhere. This is the moment to invest in your infrastructure, empower your teams, and embed security into your operations. The organisations that do this now won’t just be safer - they’ll be more competitive, more resilient, and better positioned for whatever comes next. Jadee Hanson is the Chief Information Security Officer at Vanta Read more about cyber security in retail Content Goes Here Harrods becomes latest UK retailer to fall victim to cyber attack Retail cyber crime spree a ‘wake-up call’, says NCSC CEO Retail cyber attacks hit food distributor Peter Green Chilled
    0 Commentarii 0 Distribuiri 0 previzualizare
  • No Kings: protests in the eye of the storm

    As President Donald Trump kicked off a birthday military parade on the streets of Washington, DC, what’s estimated as roughly 2,000 events were held across the US and beyond — protesting Trump and Elon Musk’s evisceration of government services, an unprecedented crackdown by Immigration and Customs Enforcement, and countless other actions from the administration in its first five months. Held under the title “No Kings”, they’re the latest in several mass protests, following April’s Hands Off events and a wave of Tesla Takedown demonstrations in March.As The Verge’s Tina Nguyen went to downtown DC, we also sent reporters to No Kings demonstrations spanning the country, plus a “No Tyrants” event in the UK. How would they unfold after promises of “very heavy force” against protesters in the capital, after the deployment of thousands of military troops in a move a judge has bluntly called illegal, and after promises to “liberate” the city of Los Angeles from its “burdensome leadership” by local elected officials? What about the overnight killing of a Minnesota Democratic state representative and her husband, and the shooting of a Democratic state senator and his wife?The answer, at the events we attended, was fairly calmly — even against a backdrop of chaos.Downtown Los Angeles, CaliforniaAn inflatable baby Donald Trump, dressed in a diaper, hovered over throngs of people rallying outside of Los Angeles City Hall. Demonstrators outnumbered clumps of California National Guard members in fatigues posted up along sidewalks. “Go home to your families, we don’t need you in our streets,” one young person wearing a long braid down her back tells them while marching past. “Trump come catch these hands foo!” the back of her sign reads. I can’t see what the front says, but I can tell there’s an empty bag of Cheetos pasted to it.The big baby joins the march, floating through the streets of Downtown LA over demonstrators. A flatbed truck rolls ahead of it, the band — maybe LA’s own Ozomatli? — singing “We don’t like Trump” to the tune of “We Want The Funk.” Ducking inside Grand Central Market from the march, I talk to Puck and Twinkle Toes — two demonstrators in line for the public restrooms. Twinkle Toes tells me she’s part of an activist clown collective called Imp and Circumstance, wearing pink and white clown makeup and a striped pink and white bow wrapped around a loose hair bun atop her head. She’s here exercising her right to free speech, she says. Demonstrators in Los Angeles marched alongside an inflatable Donald Trump baby dressed in a diaper.“The more people that are out here, the more we know that this is not okay. That we don’t want an autocrat. We want democracy,” Puck tells me, adding that the Pride March in Hollywood last weekend was “nothing but love and sunshine” despite protests and burning driverless cars making headlines in downtown. “The news tries to make you think all of LA is rioting. It’s not.” Puck says.Back out on the streets, a young man quickly writes “Fuck ICE” on a black wall with white spray paint before a group of older demonstrators wearing floppy hats shushes him away — warning him that tagging will only attract more law enforcement.Further along, another older man with tufts of white hair sticking out under his Lakers cap walks stiffly and slowly along under the summer sun. A Mexican flag draped across his shoulders, he crosses Hope Street. A young man wearing a Nike cap makes his way over to ask if he wants water; the old man accepts a bottle and keeps walking without stopping. The march has looped around downtown, and is coming to an end back at City Hall. As I make my way to my bus stop, a line of police vehicles — sirens blasting — whizzes past me, back toward the crowd still gathering around City Hall.The Los Angeles Police Department issued a dispersal order for parts of downtown Los Angeles later in the afternoon, citing people “throwing rocks, bricks, bottles and other objects.” Law enforcement reportedly cleared crowds using gas, and the LAPD authorized the use of “less lethal” force.— Justine CalmaPortland, OregonFour different “No Kings” protests in the greater Portland area on Saturday drew massive crowds of tens of thousands across the city. Various activists, government officials, and representatives for politicians spoke at the rallies, which also featured music and live performances.Protesters of all ages came with dogs, strollers, flags, banners, and hand-made signs. At the downtown waterfront, some tourist boats appeared to still be departing, but the bike rental standwas closed for the day with a hand-lettered explanation reading “No crowns, no thrones, no kings” and “Americans against oligarchy.” Women appearing to be organizers passed out free American flags; many attendees came with their own American flags modified to fly upside down. Most protesters brought signs expressing a wide range of sentiments on the theme of “No Kings.” Some signs were surprisingly verbosewe’d all still be British”) while others were more succinct. Others opted for simple images, such as a picture of a crown crossed out, or — less frequently — a guillotine. Image: Sarah JeongThe waterfront park area was filled with people from the shoreline to the curb of the nearest street, where protesters held up signs to passing cars that honked in approval. The honking of a passing fire truck sent the crowd into an uproarious cheer. Portland is about a thousand miles from the border with Mexico, but the flag of its distant neighbor nation has emerged as protest iconography in solidarity with Los Angeles. The rainbow pride flag was flown as often as the Mexican flag. Military veterans were scattered throughout the crowd, some identifying themselves as having seen action in conflicts spanning from Vietnam to Afghanistan. Emanuel, an Air Force veteran, told me that he had turned out in defense of the constitution and due process, saying, “Nobody has any rights if one person doesn’t have any rights.” Image: Sarah JeongAnger was directed at ICE and the mass deportations all throughout the day, in signage, in chants, and in rally speeches. The previous night, about 150 people protested at a local ICE facility — coincidentally located by the Tesla dealership — a mile south of downtown, near a highway exit. The ICE facility protests, which have been continuous for some days, have been steadily building up. A couple of “No Kings” signs were present on Friday.. Demonstrators stood on the curb urging passing cars to “Honk if you hate fascists,” successfully eliciting car horns every few seconds, including some from a pristine white Tesla. Federal law enforcement in camo and helmets, their faces obscured, maced and shot at protesters with pepper balls, targeting them through the gates and sniping at them from the rooftop of the building. A handful of protesters — many wearing gas masks and respirators — formed phalanx formations in the driveway, wielding umbrellas and handmade shields. On Saturday, a speaker at one of the “No Kings” rallies advertised the occupation of the ICE facility, saying, “We’re a sanctuary city.” The crowd — replete with American flags both upside down and right side up — cheered. — Sarah JeongNew Port Richey, FloridaNearly every intersection on Pasco County’s State Road 54 looks the same: a cross-section of strip malls, each anchored by a Walmart or Target or Publix, surrounded by a mix of restaurants, nail salons, and gas stations. It’s not an environment that is particularly conducive to protests, but hundreds of people turned out in humid, 90-plus degree weather anyway. The overall size of the crowd is hard to determine, but it’s larger than I — and other attendees — anticipated, given the local demographics.New Port Richey, FL. Image: Gaby Del ValleEveryone is on the sidewalk; an organizer with a megaphone tells people to use crosswalks if they’re going to attempt to brave the six-lane highway. Two days earlier, Governor Ron DeSantis said Floridians could legally run over protesters on the street if they feel “threatened.” New Port Richey, FL. Image: Gaby Del ValleSo far, most drivers seem friendly. There are lots of supportive honks. One woman rolls down her window and thanks the protesters. “I love you! I wish I could be with you, but I have to work today!” she yells as she drives away. Not everyone is amenable. A man in a MAGA hat marches through the crowd waving a “thin green line” flag and yelling “long live the king!” as people in the crowd call him a traitor. A pickup truck drives by blasting “Ice Ice Baby,” waving another pro-law enforcement flag. The protesters have flags, too: American flags large and small, some upside down; Mexican; Ukrainian; Palestinian; Canadian; different configurations of pride and trans flags. Their signs, like their flags, illustrate their diverse reasons for attending: opposition to Trump’s “big beautiful” funding bill, DOGE’s budget cuts, and ICE arrests; support for immigrants, government workers, and Palestinians. One woman wears an inflatable chicken suit. Her friend pulls an effigy of Trump — dressed to look both like an eighteenth-century monarch, a taco, and a chicken — alongside her.New Port Richey, FL. Image: Gaby Del ValleMost of the demonstrators are on the older side, but there are people of all ages in attendance. “I thought it was going to be maybe 20 people with a couple of signs,” Abby, 24, says, adding that she’s pleasantly surprised at both the turnout and the fact that most of the protesters are of retirement age. Abe, 20, tells me this is his first protest. Holding a sign that says “ICE = GESTAPO,” he tells me he came out to support a friend who is Mexican. Three teenagers walk by with signs expressing support for immigrants: “While Trump destroys America, we built it.” “Trump: 3 felonies. My parents: 0.” As I drive away, I notice nine counter-protesters off to the side, around the corner from the main event. They wave their own flags, but the demonstrators seemingly pay them no mind.— Gaby Del ValleHistoric Filipinotown, Los AngelesWearing a camo baseball cap — “Desert Storm Veteran” emblazoned on the front — Joe Arciaga greets a crowd of about 100 people in Los Angeles’ Historic Filipinotown around 9:00AM.“Good morning everyone, are you ready for some beautiful trouble?” Arciaga says into the megaphone, an American flag bandana wrapped around his wrist. The faces of Filipino labor leaders Philip Vera Cruz and Larry Itliong, who organized farm workers alongside Cesar Chavez, peer over his shoulders from a mural that lines the length of Unidad Park where Arciaga and a group called Lakas Collective helped organize this neighborhood No Kings rally. “I’m a Desert Storm veteran, and I’m a father of three and a grandfather of three, and I want to work for a future where democracy is upheld, due process, civil rights, the preservation of the rule of law — That’s all I want. I’m not a billionaire, I’m just a regular Joe, right?”, he tells The Verge.Joe Arciaga speaks to people at a rally in Historic Filipinotown, Los Angeles. Image: Justine Calma“I am mad as hell,” he says, when I ask him about the Army 250th anniversary parade Donald Trump has organized in Washington, DC coinciding with the president’s birthday. “The guy does not deserve to be honored, he’s a draft dodger, right?” Arciaga says. He’s “livid” that the President and DOGE have fired veterans working for federal agencies and slashed VA staff.Arciaga organizes the crowd into two lines that file out of the park to stand along Beverly Blvd., one of the main drags through LA. Arciaga has deputized a handful of attendees with security or medical experience with whistles to serve as “marshals” tasked with flagging and de-escalating any potentially risky situation that might arise. Johneric Concordia, one of the co-founders of the popular The Park’s Finest barbecue joint in the neighborhood, is MCing out on Beverly Blvd. He and Arciaga direct people onto the sidewalks and off the asphalt as honking cars zip by. In between chants of “No hate! No fear! Immigrants are welcome here!” and rap songs from LA artist Bambu that Concordia plays from a speaker, Concordia hypes up the organizers. “Who’s cool? Joe’s cool?” He spits into the microphone connected to his speaker. “Who’s streets? Our streets!” the crowd cheers. An hour later, a man sitting at a red light in a black Prius rolls down his window. “Go home!” he yells from the intersection. “Take your Mexican flag and go home!”The crowd mostly ignores him. One attendee on the corner holds up his “No Kings” sign to the Prius without turning his head to look at him. A few minutes later, a jogger in a blue t-shirt raises his fist as he passes the crowd. “Fuck yeah guys,” he says to cheers.By 10AM, the neighborhood event is coming to a close. Demonstrators start to trickle away, some fanning out to other rallies planned across LA today. Concordia is heading out too, microphone and speaker still in hand, “If you’re headed to downtown, watch out for suspicious crew cuts!” — Justine CalmaSan Francisco, California1/10Most of the crowd trickled out after 2pm, which was the scheduled end time of the protest, but hundreds stayed in the area. Image: Vjeran PavicLondon, UKLondon’s protest was a little different than most: it was almost entirely bereft of “No Kings” signs, thanks to the fact that about two miles away much larger crowds were gathered to celebrate the official birthday of one King Charles III. “We don’t have anything against King Charles,” Alyssa, a member of organizers Indivisible London, told me. And so, “out of respect for our host country as immigrants,” they instead set up shop in front of the US embassy with a tweaked message: “No kings, no crowns” became “no tyrants, no clowns.” London, UK. Image: Dominic PrestonOf the hundreds gathered, not everyone got the memo, with a few painted signs decrying kings and crowns regardless, and one brave Brit brandishing a bit of cardboard with a simple message: “Our king is better than yours!”London, UK. Image: Dominic PrestonStill, most of the crowd were on board, with red noses, clown suits, and Pennywise masks dotted throughout, plus costumes ranging from tacos to Roman emperors. “I think tyrants is the better word, and that’s why I dressed up as Caesar, because he was the original,” says Anna, a Long Island native who’s lived in London for three years. “Nobody likes a tyrant. Nobody. And they don’t do well, historically, but they destroy a lot.”For 90 minutes or so the crowd — predominantly American, judging by the accents around me — leaned into the circus theme. Speakers shared the stage with performers, from a comic singalong of anti-Trump protest songs to a protracted pantomime in which a woman in a banana costume exhorted the crowd to pelt a Donald Trump impersonator with fresh peels. London, UK. Image: Dominic PrestonDuring a break in festivities, Alyssa told the crowd, “The most threatening sound to an oligarch is laughter.”— Dominic PrestonProspect Park, Brooklyn, New YorkThe No Kings protest at Brooklyn’s Grand Army Plaza was a calmer affair. Instead of gathering under the picturesque memorial arch, protesters were largely sequestered to a corner right outside Prospect Park, with some streets blocked off by police. The weekly farmers market was in full swing, meaning people cradling bundles of rhubarb were swerving in and out of protest signs that read things like, “Hating Donald Trump is Brat” and “Is it time to get out the pitch forks?” Like during the Hands Off protest in April, New York got rain on Saturday.Prospect Park, Brooklyn. Image: Mia SatoThe area where protesters were gathered made it difficult to count the crowd, but there were hundreds — perhaps a few thousand — people that streamed in and out. At one point, some protesters began marching down the street alongside Prospect Park, while others stayed at Grand Army Plaza to chant, cheer, and hold signs up at oncoming vehicles. With its proximity to the public library, the park, and densely populated neighborhoods, the massive intersection is a high-foot traffic area. Cars blared their horns as they passed, American flags waving in the chilly afternoon breeze.Jane, a Brooklyn resident who stood on the curb opposite the protesters, said she isn’t typically someone who comes out to actions like this: before the No Kings event, she had only ever been to one protest, the Women’s March.Prospect Park, Brooklyn. Image: Mia Sato“I’m deeply concerned about our country,” Jane said, pausing as a long stream of trucks and cars honked continuously in support of the protesters in the background. “I think Trump is behaving as an authoritarian. We’ve seen in Russia, in Hungary, in Hong Kong, that the slide from freedom to not freedom is very fast and very quick if people do not make their voices heard,” Jane said. “I’m concerned that that’s what’s happening in the United States.” Jane also cited cuts to Medicaid and funding for academic research as well as tariffs as being “unacceptable.”Prospect Park, Brooklyn. Image: Mia SatoThe event was peaceful — there were lots of kids present — and people were in good spirits despite the rain. Protest signs ran the gamut from general anti-Trump slogansto New York City-specific causes like “Andrew Cuomo can’t read”. One sign read, “Fix your hearts or die,” an iconic line from the late director, David Lynch’s, Twin Peaks: The Return. And of course, amid nationwide immigration raids that have been escalated by the involvement of the federal government, ICE was top of mind: one sign simply read, “Melt ICE,” and another protester held a large “NO ICE IN NYC” sign. Though it was smaller and more contained than other events, the protest didn’t lack conviction: attendees of all ages stood in the cold rain, chanting and blowing into vuvuzela, banging the lids of pots and pans. At one point a man stood on the median on the street, leading the group in chants of “No justice, no peace.” Cars laid on the horn as they drove by.— Mia SatoAkron, OhioIt’s been raining pretty hard the last few days in Akron, OH, so much that I didn’t think there’d be a large turnout for our chapter of the No Kings protest. But I was emphatically proven wrong as the crowds I saw dwarfed the Tesla Takedown protests last month. Officially, the protest was to take place in front of the John F. Seiberling Federal Building on Main Street in Downtown Akron. But the concentration of people spilled over from that small space down Main Street and up Market Street. All told, though there were no official counts, I estimate somewhere between 500 to 900 people in this blue enclave in Northeast Ohio.The mood was exuberant, buoyed by supporters who honked their horns as they passed. The chorus of horns was nonstop, and when a sanitation truck honked as it went by, cheers got louder. The chants the crowds were singing took on a local flare. Ohio is the home of the Ohio State Buckeyes and anywhere you go, shout “O-H” and you’ll invariably get an “I-O” response. The crowds used that convention to make their own chant, “OH-IO, Donald Trump has got to go.”There was no police presence here and the crowd was very good at policing itself. Ostensibly out of concern for the incidents where people have rammed their cars into protestor crowds, the people here have taken up crossing guard duties, aiding folks who wish to cross Main or Market Streets. Toward the end of my time at the protest, I saw an older gentleman wearing Kent State gear and holding a sign that read, “Remember another time the National Guard was called in?” His sign featured a drawing of the famous photo from the event in which four Kent State students during a protest of the Vietnam War were killed by National Guard troops. I caught up with him to ask him some questions and he told me his name was Chuck Ayers, a professional cartoonist, and was present at the shooting. Akron, OH. Image: Ash Parrish“When I saw the National Guard in front of the federal building in LA,” he told me, “It was just another flashback.”He did not tell me this at the time, but Ayers is a nationally recognized cartoonist, noted for co-creating the comic strip Crankshaft. He’s lived in Ohio his entire life and of course, drew that sign himself. As he was telling me about how seeing news of the National Guard being deployed in LA, I could see him strain to hold back his emotions. He said it still hurts to see this 55 years later, but that he was heartened to see so many people standing here in community and solidarity. He also said that given his pain and trauma he almost didn’t come. When I asked why he showed up when it so obviously causes him pain he said simply, “Because I have to.”— Ash ParrishOneonta, New YorkOn a northward drive to Oneonta — population roughly 15,000, the largest city in New York’s mainly rural Otsego County — one of the most prominent landmarks is a sprawling barn splashed in huge, painted block letters with TRUMP 2024.It’s Trump country, but not uniformly Trumpy country, as evidenced by what I estimated as a hundreds-strong crowd gathered in a field just below Main Street that came together with a friendly county-fair atmosphere. Kids sat on their parents’ shoulders; American flags fluttered next to signs with slogans like SHADE NEVER MADE ANYONE LESS GAY, and attendees grumbled persistently about the event’s feeble sound system, set up on the bed of a pickup truck. It was the kind of conspicuously patriotic, far-from-urban protest that the Trump administration has all but insisted doesn’t exist.Image: Adi RobertsonBeyond a general condemnation of Trump, protest signs repped the same issues being denounced across the country. The wars in Gaza and Ukraine made an appearance, as did Elon Musk and Tesla. A couple of people called out funding cuts for organizations like NPR, one neatly lettered sign reminded us that WEATHER FORECASTING SAVES LIVES, another warned “Keep your nasty little hands off Social Security,” and a lot — unsurprisingly, given the past week’s events — attacked mass deportations and ICE. An attendee who identified himself as Bill, standing behind a placard that blocked most of him from sight, laid out his anger at the administration’s gutting of the Environmental Protection Agency. “I think if it was not for protests, there would be no change,” he told me.The event itself, supported by a coalition including the local chapter of Indivisible, highlighted topics like reproductive justice and LGBTQ rights alongside issues for groups often stereotyped as Republican blocs — there was a speech about Department of Veterans Affairs cuts and a representative from the local Office for the Aging. Rules for a march around the modest downtown were laid out: no blocking pedestrians or vehicles, and for the sake of families doing weekend shopping, watch the language. “Fuck!” one person yelled indistinctly from the audience. “No, no,” the event’s emcee chided gently. The philosophy, as she put it, was one of persuasion. “We want to build the resistance, not make people angry at us.”Image: Adi RobertsonBut even in a place that will almost certainly never see a National Guard deployment or the ire of a Truth Social post, the Trump administration’s brutal deportation program had just hit close to home. Only hours before the protest commenced, ICE agents were recorded handcuffing a man and removing him in an unmarked black car — detaining what was reportedly a legal resident seeking asylum from Venezuela. The mayor of Oneonta, Mark Drnek, relayed the news to the crowd. “ICE! We see you!” boomed Drnek from the truckbed. “We recognize you for what you are, and we understand, and we reject your vile purpose.”The crowd cheered furiously. The stars and stripes waved.- Adi RobertsonSee More: Policy
    #kings #protests #eye #storm
    No Kings: protests in the eye of the storm
    As President Donald Trump kicked off a birthday military parade on the streets of Washington, DC, what’s estimated as roughly 2,000 events were held across the US and beyond — protesting Trump and Elon Musk’s evisceration of government services, an unprecedented crackdown by Immigration and Customs Enforcement, and countless other actions from the administration in its first five months. Held under the title “No Kings”, they’re the latest in several mass protests, following April’s Hands Off events and a wave of Tesla Takedown demonstrations in March.As The Verge’s Tina Nguyen went to downtown DC, we also sent reporters to No Kings demonstrations spanning the country, plus a “No Tyrants” event in the UK. How would they unfold after promises of “very heavy force” against protesters in the capital, after the deployment of thousands of military troops in a move a judge has bluntly called illegal, and after promises to “liberate” the city of Los Angeles from its “burdensome leadership” by local elected officials? What about the overnight killing of a Minnesota Democratic state representative and her husband, and the shooting of a Democratic state senator and his wife?The answer, at the events we attended, was fairly calmly — even against a backdrop of chaos.Downtown Los Angeles, CaliforniaAn inflatable baby Donald Trump, dressed in a diaper, hovered over throngs of people rallying outside of Los Angeles City Hall. Demonstrators outnumbered clumps of California National Guard members in fatigues posted up along sidewalks. “Go home to your families, we don’t need you in our streets,” one young person wearing a long braid down her back tells them while marching past. “Trump come catch these hands foo!” the back of her sign reads. I can’t see what the front says, but I can tell there’s an empty bag of Cheetos pasted to it.The big baby joins the march, floating through the streets of Downtown LA over demonstrators. A flatbed truck rolls ahead of it, the band — maybe LA’s own Ozomatli? — singing “We don’t like Trump” to the tune of “We Want The Funk.” Ducking inside Grand Central Market from the march, I talk to Puck and Twinkle Toes — two demonstrators in line for the public restrooms. Twinkle Toes tells me she’s part of an activist clown collective called Imp and Circumstance, wearing pink and white clown makeup and a striped pink and white bow wrapped around a loose hair bun atop her head. She’s here exercising her right to free speech, she says. Demonstrators in Los Angeles marched alongside an inflatable Donald Trump baby dressed in a diaper.“The more people that are out here, the more we know that this is not okay. That we don’t want an autocrat. We want democracy,” Puck tells me, adding that the Pride March in Hollywood last weekend was “nothing but love and sunshine” despite protests and burning driverless cars making headlines in downtown. “The news tries to make you think all of LA is rioting. It’s not.” Puck says.Back out on the streets, a young man quickly writes “Fuck ICE” on a black wall with white spray paint before a group of older demonstrators wearing floppy hats shushes him away — warning him that tagging will only attract more law enforcement.Further along, another older man with tufts of white hair sticking out under his Lakers cap walks stiffly and slowly along under the summer sun. A Mexican flag draped across his shoulders, he crosses Hope Street. A young man wearing a Nike cap makes his way over to ask if he wants water; the old man accepts a bottle and keeps walking without stopping. The march has looped around downtown, and is coming to an end back at City Hall. As I make my way to my bus stop, a line of police vehicles — sirens blasting — whizzes past me, back toward the crowd still gathering around City Hall.The Los Angeles Police Department issued a dispersal order for parts of downtown Los Angeles later in the afternoon, citing people “throwing rocks, bricks, bottles and other objects.” Law enforcement reportedly cleared crowds using gas, and the LAPD authorized the use of “less lethal” force.— Justine CalmaPortland, OregonFour different “No Kings” protests in the greater Portland area on Saturday drew massive crowds of tens of thousands across the city. Various activists, government officials, and representatives for politicians spoke at the rallies, which also featured music and live performances.Protesters of all ages came with dogs, strollers, flags, banners, and hand-made signs. At the downtown waterfront, some tourist boats appeared to still be departing, but the bike rental standwas closed for the day with a hand-lettered explanation reading “No crowns, no thrones, no kings” and “Americans against oligarchy.” Women appearing to be organizers passed out free American flags; many attendees came with their own American flags modified to fly upside down. Most protesters brought signs expressing a wide range of sentiments on the theme of “No Kings.” Some signs were surprisingly verbosewe’d all still be British”) while others were more succinct. Others opted for simple images, such as a picture of a crown crossed out, or — less frequently — a guillotine. Image: Sarah JeongThe waterfront park area was filled with people from the shoreline to the curb of the nearest street, where protesters held up signs to passing cars that honked in approval. The honking of a passing fire truck sent the crowd into an uproarious cheer. Portland is about a thousand miles from the border with Mexico, but the flag of its distant neighbor nation has emerged as protest iconography in solidarity with Los Angeles. The rainbow pride flag was flown as often as the Mexican flag. Military veterans were scattered throughout the crowd, some identifying themselves as having seen action in conflicts spanning from Vietnam to Afghanistan. Emanuel, an Air Force veteran, told me that he had turned out in defense of the constitution and due process, saying, “Nobody has any rights if one person doesn’t have any rights.” Image: Sarah JeongAnger was directed at ICE and the mass deportations all throughout the day, in signage, in chants, and in rally speeches. The previous night, about 150 people protested at a local ICE facility — coincidentally located by the Tesla dealership — a mile south of downtown, near a highway exit. The ICE facility protests, which have been continuous for some days, have been steadily building up. A couple of “No Kings” signs were present on Friday.. Demonstrators stood on the curb urging passing cars to “Honk if you hate fascists,” successfully eliciting car horns every few seconds, including some from a pristine white Tesla. Federal law enforcement in camo and helmets, their faces obscured, maced and shot at protesters with pepper balls, targeting them through the gates and sniping at them from the rooftop of the building. A handful of protesters — many wearing gas masks and respirators — formed phalanx formations in the driveway, wielding umbrellas and handmade shields. On Saturday, a speaker at one of the “No Kings” rallies advertised the occupation of the ICE facility, saying, “We’re a sanctuary city.” The crowd — replete with American flags both upside down and right side up — cheered. — Sarah JeongNew Port Richey, FloridaNearly every intersection on Pasco County’s State Road 54 looks the same: a cross-section of strip malls, each anchored by a Walmart or Target or Publix, surrounded by a mix of restaurants, nail salons, and gas stations. It’s not an environment that is particularly conducive to protests, but hundreds of people turned out in humid, 90-plus degree weather anyway. The overall size of the crowd is hard to determine, but it’s larger than I — and other attendees — anticipated, given the local demographics.New Port Richey, FL. Image: Gaby Del ValleEveryone is on the sidewalk; an organizer with a megaphone tells people to use crosswalks if they’re going to attempt to brave the six-lane highway. Two days earlier, Governor Ron DeSantis said Floridians could legally run over protesters on the street if they feel “threatened.” New Port Richey, FL. Image: Gaby Del ValleSo far, most drivers seem friendly. There are lots of supportive honks. One woman rolls down her window and thanks the protesters. “I love you! I wish I could be with you, but I have to work today!” she yells as she drives away. Not everyone is amenable. A man in a MAGA hat marches through the crowd waving a “thin green line” flag and yelling “long live the king!” as people in the crowd call him a traitor. A pickup truck drives by blasting “Ice Ice Baby,” waving another pro-law enforcement flag. The protesters have flags, too: American flags large and small, some upside down; Mexican; Ukrainian; Palestinian; Canadian; different configurations of pride and trans flags. Their signs, like their flags, illustrate their diverse reasons for attending: opposition to Trump’s “big beautiful” funding bill, DOGE’s budget cuts, and ICE arrests; support for immigrants, government workers, and Palestinians. One woman wears an inflatable chicken suit. Her friend pulls an effigy of Trump — dressed to look both like an eighteenth-century monarch, a taco, and a chicken — alongside her.New Port Richey, FL. Image: Gaby Del ValleMost of the demonstrators are on the older side, but there are people of all ages in attendance. “I thought it was going to be maybe 20 people with a couple of signs,” Abby, 24, says, adding that she’s pleasantly surprised at both the turnout and the fact that most of the protesters are of retirement age. Abe, 20, tells me this is his first protest. Holding a sign that says “ICE = GESTAPO,” he tells me he came out to support a friend who is Mexican. Three teenagers walk by with signs expressing support for immigrants: “While Trump destroys America, we built it.” “Trump: 3 felonies. My parents: 0.” As I drive away, I notice nine counter-protesters off to the side, around the corner from the main event. They wave their own flags, but the demonstrators seemingly pay them no mind.— Gaby Del ValleHistoric Filipinotown, Los AngelesWearing a camo baseball cap — “Desert Storm Veteran” emblazoned on the front — Joe Arciaga greets a crowd of about 100 people in Los Angeles’ Historic Filipinotown around 9:00AM.“Good morning everyone, are you ready for some beautiful trouble?” Arciaga says into the megaphone, an American flag bandana wrapped around his wrist. The faces of Filipino labor leaders Philip Vera Cruz and Larry Itliong, who organized farm workers alongside Cesar Chavez, peer over his shoulders from a mural that lines the length of Unidad Park where Arciaga and a group called Lakas Collective helped organize this neighborhood No Kings rally. “I’m a Desert Storm veteran, and I’m a father of three and a grandfather of three, and I want to work for a future where democracy is upheld, due process, civil rights, the preservation of the rule of law — That’s all I want. I’m not a billionaire, I’m just a regular Joe, right?”, he tells The Verge.Joe Arciaga speaks to people at a rally in Historic Filipinotown, Los Angeles. Image: Justine Calma“I am mad as hell,” he says, when I ask him about the Army 250th anniversary parade Donald Trump has organized in Washington, DC coinciding with the president’s birthday. “The guy does not deserve to be honored, he’s a draft dodger, right?” Arciaga says. He’s “livid” that the President and DOGE have fired veterans working for federal agencies and slashed VA staff.Arciaga organizes the crowd into two lines that file out of the park to stand along Beverly Blvd., one of the main drags through LA. Arciaga has deputized a handful of attendees with security or medical experience with whistles to serve as “marshals” tasked with flagging and de-escalating any potentially risky situation that might arise. Johneric Concordia, one of the co-founders of the popular The Park’s Finest barbecue joint in the neighborhood, is MCing out on Beverly Blvd. He and Arciaga direct people onto the sidewalks and off the asphalt as honking cars zip by. In between chants of “No hate! No fear! Immigrants are welcome here!” and rap songs from LA artist Bambu that Concordia plays from a speaker, Concordia hypes up the organizers. “Who’s cool? Joe’s cool?” He spits into the microphone connected to his speaker. “Who’s streets? Our streets!” the crowd cheers. An hour later, a man sitting at a red light in a black Prius rolls down his window. “Go home!” he yells from the intersection. “Take your Mexican flag and go home!”The crowd mostly ignores him. One attendee on the corner holds up his “No Kings” sign to the Prius without turning his head to look at him. A few minutes later, a jogger in a blue t-shirt raises his fist as he passes the crowd. “Fuck yeah guys,” he says to cheers.By 10AM, the neighborhood event is coming to a close. Demonstrators start to trickle away, some fanning out to other rallies planned across LA today. Concordia is heading out too, microphone and speaker still in hand, “If you’re headed to downtown, watch out for suspicious crew cuts!” — Justine CalmaSan Francisco, California1/10Most of the crowd trickled out after 2pm, which was the scheduled end time of the protest, but hundreds stayed in the area. Image: Vjeran PavicLondon, UKLondon’s protest was a little different than most: it was almost entirely bereft of “No Kings” signs, thanks to the fact that about two miles away much larger crowds were gathered to celebrate the official birthday of one King Charles III. “We don’t have anything against King Charles,” Alyssa, a member of organizers Indivisible London, told me. And so, “out of respect for our host country as immigrants,” they instead set up shop in front of the US embassy with a tweaked message: “No kings, no crowns” became “no tyrants, no clowns.” London, UK. Image: Dominic PrestonOf the hundreds gathered, not everyone got the memo, with a few painted signs decrying kings and crowns regardless, and one brave Brit brandishing a bit of cardboard with a simple message: “Our king is better than yours!”London, UK. Image: Dominic PrestonStill, most of the crowd were on board, with red noses, clown suits, and Pennywise masks dotted throughout, plus costumes ranging from tacos to Roman emperors. “I think tyrants is the better word, and that’s why I dressed up as Caesar, because he was the original,” says Anna, a Long Island native who’s lived in London for three years. “Nobody likes a tyrant. Nobody. And they don’t do well, historically, but they destroy a lot.”For 90 minutes or so the crowd — predominantly American, judging by the accents around me — leaned into the circus theme. Speakers shared the stage with performers, from a comic singalong of anti-Trump protest songs to a protracted pantomime in which a woman in a banana costume exhorted the crowd to pelt a Donald Trump impersonator with fresh peels. London, UK. Image: Dominic PrestonDuring a break in festivities, Alyssa told the crowd, “The most threatening sound to an oligarch is laughter.”— Dominic PrestonProspect Park, Brooklyn, New YorkThe No Kings protest at Brooklyn’s Grand Army Plaza was a calmer affair. Instead of gathering under the picturesque memorial arch, protesters were largely sequestered to a corner right outside Prospect Park, with some streets blocked off by police. The weekly farmers market was in full swing, meaning people cradling bundles of rhubarb were swerving in and out of protest signs that read things like, “Hating Donald Trump is Brat” and “Is it time to get out the pitch forks?” Like during the Hands Off protest in April, New York got rain on Saturday.Prospect Park, Brooklyn. Image: Mia SatoThe area where protesters were gathered made it difficult to count the crowd, but there were hundreds — perhaps a few thousand — people that streamed in and out. At one point, some protesters began marching down the street alongside Prospect Park, while others stayed at Grand Army Plaza to chant, cheer, and hold signs up at oncoming vehicles. With its proximity to the public library, the park, and densely populated neighborhoods, the massive intersection is a high-foot traffic area. Cars blared their horns as they passed, American flags waving in the chilly afternoon breeze.Jane, a Brooklyn resident who stood on the curb opposite the protesters, said she isn’t typically someone who comes out to actions like this: before the No Kings event, she had only ever been to one protest, the Women’s March.Prospect Park, Brooklyn. Image: Mia Sato“I’m deeply concerned about our country,” Jane said, pausing as a long stream of trucks and cars honked continuously in support of the protesters in the background. “I think Trump is behaving as an authoritarian. We’ve seen in Russia, in Hungary, in Hong Kong, that the slide from freedom to not freedom is very fast and very quick if people do not make their voices heard,” Jane said. “I’m concerned that that’s what’s happening in the United States.” Jane also cited cuts to Medicaid and funding for academic research as well as tariffs as being “unacceptable.”Prospect Park, Brooklyn. Image: Mia SatoThe event was peaceful — there were lots of kids present — and people were in good spirits despite the rain. Protest signs ran the gamut from general anti-Trump slogansto New York City-specific causes like “Andrew Cuomo can’t read”. One sign read, “Fix your hearts or die,” an iconic line from the late director, David Lynch’s, Twin Peaks: The Return. And of course, amid nationwide immigration raids that have been escalated by the involvement of the federal government, ICE was top of mind: one sign simply read, “Melt ICE,” and another protester held a large “NO ICE IN NYC” sign. Though it was smaller and more contained than other events, the protest didn’t lack conviction: attendees of all ages stood in the cold rain, chanting and blowing into vuvuzela, banging the lids of pots and pans. At one point a man stood on the median on the street, leading the group in chants of “No justice, no peace.” Cars laid on the horn as they drove by.— Mia SatoAkron, OhioIt’s been raining pretty hard the last few days in Akron, OH, so much that I didn’t think there’d be a large turnout for our chapter of the No Kings protest. But I was emphatically proven wrong as the crowds I saw dwarfed the Tesla Takedown protests last month. Officially, the protest was to take place in front of the John F. Seiberling Federal Building on Main Street in Downtown Akron. But the concentration of people spilled over from that small space down Main Street and up Market Street. All told, though there were no official counts, I estimate somewhere between 500 to 900 people in this blue enclave in Northeast Ohio.The mood was exuberant, buoyed by supporters who honked their horns as they passed. The chorus of horns was nonstop, and when a sanitation truck honked as it went by, cheers got louder. The chants the crowds were singing took on a local flare. Ohio is the home of the Ohio State Buckeyes and anywhere you go, shout “O-H” and you’ll invariably get an “I-O” response. The crowds used that convention to make their own chant, “OH-IO, Donald Trump has got to go.”There was no police presence here and the crowd was very good at policing itself. Ostensibly out of concern for the incidents where people have rammed their cars into protestor crowds, the people here have taken up crossing guard duties, aiding folks who wish to cross Main or Market Streets. Toward the end of my time at the protest, I saw an older gentleman wearing Kent State gear and holding a sign that read, “Remember another time the National Guard was called in?” His sign featured a drawing of the famous photo from the event in which four Kent State students during a protest of the Vietnam War were killed by National Guard troops. I caught up with him to ask him some questions and he told me his name was Chuck Ayers, a professional cartoonist, and was present at the shooting. Akron, OH. Image: Ash Parrish“When I saw the National Guard in front of the federal building in LA,” he told me, “It was just another flashback.”He did not tell me this at the time, but Ayers is a nationally recognized cartoonist, noted for co-creating the comic strip Crankshaft. He’s lived in Ohio his entire life and of course, drew that sign himself. As he was telling me about how seeing news of the National Guard being deployed in LA, I could see him strain to hold back his emotions. He said it still hurts to see this 55 years later, but that he was heartened to see so many people standing here in community and solidarity. He also said that given his pain and trauma he almost didn’t come. When I asked why he showed up when it so obviously causes him pain he said simply, “Because I have to.”— Ash ParrishOneonta, New YorkOn a northward drive to Oneonta — population roughly 15,000, the largest city in New York’s mainly rural Otsego County — one of the most prominent landmarks is a sprawling barn splashed in huge, painted block letters with TRUMP 2024.It’s Trump country, but not uniformly Trumpy country, as evidenced by what I estimated as a hundreds-strong crowd gathered in a field just below Main Street that came together with a friendly county-fair atmosphere. Kids sat on their parents’ shoulders; American flags fluttered next to signs with slogans like SHADE NEVER MADE ANYONE LESS GAY, and attendees grumbled persistently about the event’s feeble sound system, set up on the bed of a pickup truck. It was the kind of conspicuously patriotic, far-from-urban protest that the Trump administration has all but insisted doesn’t exist.Image: Adi RobertsonBeyond a general condemnation of Trump, protest signs repped the same issues being denounced across the country. The wars in Gaza and Ukraine made an appearance, as did Elon Musk and Tesla. A couple of people called out funding cuts for organizations like NPR, one neatly lettered sign reminded us that WEATHER FORECASTING SAVES LIVES, another warned “Keep your nasty little hands off Social Security,” and a lot — unsurprisingly, given the past week’s events — attacked mass deportations and ICE. An attendee who identified himself as Bill, standing behind a placard that blocked most of him from sight, laid out his anger at the administration’s gutting of the Environmental Protection Agency. “I think if it was not for protests, there would be no change,” he told me.The event itself, supported by a coalition including the local chapter of Indivisible, highlighted topics like reproductive justice and LGBTQ rights alongside issues for groups often stereotyped as Republican blocs — there was a speech about Department of Veterans Affairs cuts and a representative from the local Office for the Aging. Rules for a march around the modest downtown were laid out: no blocking pedestrians or vehicles, and for the sake of families doing weekend shopping, watch the language. “Fuck!” one person yelled indistinctly from the audience. “No, no,” the event’s emcee chided gently. The philosophy, as she put it, was one of persuasion. “We want to build the resistance, not make people angry at us.”Image: Adi RobertsonBut even in a place that will almost certainly never see a National Guard deployment or the ire of a Truth Social post, the Trump administration’s brutal deportation program had just hit close to home. Only hours before the protest commenced, ICE agents were recorded handcuffing a man and removing him in an unmarked black car — detaining what was reportedly a legal resident seeking asylum from Venezuela. The mayor of Oneonta, Mark Drnek, relayed the news to the crowd. “ICE! We see you!” boomed Drnek from the truckbed. “We recognize you for what you are, and we understand, and we reject your vile purpose.”The crowd cheered furiously. The stars and stripes waved.- Adi RobertsonSee More: Policy #kings #protests #eye #storm
    WWW.THEVERGE.COM
    No Kings: protests in the eye of the storm
    As President Donald Trump kicked off a birthday military parade on the streets of Washington, DC, what’s estimated as roughly 2,000 events were held across the US and beyond — protesting Trump and Elon Musk’s evisceration of government services, an unprecedented crackdown by Immigration and Customs Enforcement (ICE), and countless other actions from the administration in its first five months. Held under the title “No Kings” (with, as you’ll see, one conspicuous exception), they’re the latest in several mass protests, following April’s Hands Off events and a wave of Tesla Takedown demonstrations in March.As The Verge’s Tina Nguyen went to downtown DC, we also sent reporters to No Kings demonstrations spanning the country, plus a “No Tyrants” event in the UK. How would they unfold after promises of “very heavy force” against protesters in the capital, after the deployment of thousands of military troops in a move a judge has bluntly called illegal, and after promises to “liberate” the city of Los Angeles from its “burdensome leadership” by local elected officials? What about the overnight killing of a Minnesota Democratic state representative and her husband, and the shooting of a Democratic state senator and his wife?The answer, at the events we attended, was fairly calmly — even against a backdrop of chaos.Downtown Los Angeles, CaliforniaAn inflatable baby Donald Trump, dressed in a diaper, hovered over throngs of people rallying outside of Los Angeles City Hall. Demonstrators outnumbered clumps of California National Guard members in fatigues posted up along sidewalks. “Go home to your families, we don’t need you in our streets,” one young person wearing a long braid down her back tells them while marching past. “Trump come catch these hands foo!” the back of her sign reads. I can’t see what the front says, but I can tell there’s an empty bag of Cheetos pasted to it.The big baby joins the march, floating through the streets of Downtown LA over demonstrators. A flatbed truck rolls ahead of it, the band — maybe LA’s own Ozomatli? — singing “We don’t like Trump” to the tune of “We Want The Funk.” Ducking inside Grand Central Market from the march, I talk to Puck and Twinkle Toes — two demonstrators in line for the public restrooms. Twinkle Toes tells me she’s part of an activist clown collective called Imp and Circumstance, wearing pink and white clown makeup and a striped pink and white bow wrapped around a loose hair bun atop her head. She’s here exercising her right to free speech, she says. Demonstrators in Los Angeles marched alongside an inflatable Donald Trump baby dressed in a diaper.“The more people that are out here, the more we know that this is not okay. That we don’t want an autocrat. We want democracy,” Puck tells me, adding that the Pride March in Hollywood last weekend was “nothing but love and sunshine” despite protests and burning driverless cars making headlines in downtown. “The news tries to make you think all of LA is rioting. It’s not.” Puck says.Back out on the streets, a young man quickly writes “Fuck ICE” on a black wall with white spray paint before a group of older demonstrators wearing floppy hats shushes him away — warning him that tagging will only attract more law enforcement.Further along, another older man with tufts of white hair sticking out under his Lakers cap walks stiffly and slowly along under the summer sun. A Mexican flag draped across his shoulders, he crosses Hope Street. A young man wearing a Nike cap makes his way over to ask if he wants water; the old man accepts a bottle and keeps walking without stopping. The march has looped around downtown, and is coming to an end back at City Hall. As I make my way to my bus stop, a line of police vehicles — sirens blasting — whizzes past me, back toward the crowd still gathering around City Hall.The Los Angeles Police Department issued a dispersal order for parts of downtown Los Angeles later in the afternoon, citing people “throwing rocks, bricks, bottles and other objects.” Law enforcement reportedly cleared crowds using gas, and the LAPD authorized the use of “less lethal” force.— Justine CalmaPortland, OregonFour different “No Kings” protests in the greater Portland area on Saturday drew massive crowds of tens of thousands across the city. Various activists, government officials, and representatives for politicians spoke at the rallies, which also featured music and live performances. (One advertised free drag shows.) Protesters of all ages came with dogs, strollers, flags, banners, and hand-made signs. At the downtown waterfront, some tourist boats appeared to still be departing, but the bike rental stand (which also sells ice cream) was closed for the day with a hand-lettered explanation reading “No crowns, no thrones, no kings” and “Americans against oligarchy.” Women appearing to be organizers passed out free American flags; many attendees came with their own American flags modified to fly upside down. Most protesters brought signs expressing a wide range of sentiments on the theme of “No Kings.” Some signs were surprisingly verbose (“If the founders wanted a unitary executive (a king) we’d all still be British”) while others were more succinct (“Sic semper tyrannis”). Others opted for simple images, such as a picture of a crown crossed out, or — less frequently — a guillotine. Image: Sarah JeongThe waterfront park area was filled with people from the shoreline to the curb of the nearest street, where protesters held up signs to passing cars that honked in approval. The honking of a passing fire truck sent the crowd into an uproarious cheer. Portland is about a thousand miles from the border with Mexico, but the flag of its distant neighbor nation has emerged as protest iconography in solidarity with Los Angeles. The rainbow pride flag was flown as often as the Mexican flag. Military veterans were scattered throughout the crowd, some identifying themselves as having seen action in conflicts spanning from Vietnam to Afghanistan. Emanuel, an Air Force veteran, told me that he had turned out in defense of the constitution and due process, saying, “Nobody has any rights if one person doesn’t have any rights.” Image: Sarah JeongAnger was directed at ICE and the mass deportations all throughout the day, in signage, in chants, and in rally speeches. The previous night, about 150 people protested at a local ICE facility — coincidentally located by the Tesla dealership — a mile south of downtown, near a highway exit. The ICE facility protests, which have been continuous for some days, have been steadily building up. A couple of “No Kings” signs were present on Friday. (The following day, a handful of “Chinga la migra” signs would show up at the “No Kings” protests). Demonstrators stood on the curb urging passing cars to “Honk if you hate fascists,” successfully eliciting car horns every few seconds, including some from a pristine white Tesla. Federal law enforcement in camo and helmets, their faces obscured, maced and shot at protesters with pepper balls, targeting them through the gates and sniping at them from the rooftop of the building. A handful of protesters — many wearing gas masks and respirators — formed phalanx formations in the driveway, wielding umbrellas and handmade shields. On Saturday, a speaker at one of the “No Kings” rallies advertised the occupation of the ICE facility, saying, “We’re a sanctuary city.” The crowd — replete with American flags both upside down and right side up — cheered. — Sarah JeongNew Port Richey, FloridaNearly every intersection on Pasco County’s State Road 54 looks the same: a cross-section of strip malls, each anchored by a Walmart or Target or Publix, surrounded by a mix of restaurants, nail salons, and gas stations. It’s not an environment that is particularly conducive to protests, but hundreds of people turned out in humid, 90-plus degree weather anyway. The overall size of the crowd is hard to determine, but it’s larger than I — and other attendees — anticipated, given the local demographics. (Trump won 61 percent of the vote in Pasco County in 2024.) New Port Richey, FL. Image: Gaby Del ValleEveryone is on the sidewalk; an organizer with a megaphone tells people to use crosswalks if they’re going to attempt to brave the six-lane highway. Two days earlier, Governor Ron DeSantis said Floridians could legally run over protesters on the street if they feel “threatened.” New Port Richey, FL. Image: Gaby Del ValleSo far, most drivers seem friendly. There are lots of supportive honks. One woman rolls down her window and thanks the protesters. “I love you! I wish I could be with you, but I have to work today!” she yells as she drives away. Not everyone is amenable. A man in a MAGA hat marches through the crowd waving a “thin green line” flag and yelling “long live the king!” as people in the crowd call him a traitor. A pickup truck drives by blasting “Ice Ice Baby,” waving another pro-law enforcement flag. The protesters have flags, too: American flags large and small, some upside down; Mexican; Ukrainian; Palestinian; Canadian; different configurations of pride and trans flags. Their signs, like their flags, illustrate their diverse reasons for attending: opposition to Trump’s “big beautiful” funding bill, DOGE’s budget cuts, and ICE arrests; support for immigrants, government workers, and Palestinians. One woman wears an inflatable chicken suit. Her friend pulls an effigy of Trump — dressed to look both like an eighteenth-century monarch, a taco, and a chicken — alongside her.New Port Richey, FL. Image: Gaby Del ValleMost of the demonstrators are on the older side, but there are people of all ages in attendance. “I thought it was going to be maybe 20 people with a couple of signs,” Abby, 24, says, adding that she’s pleasantly surprised at both the turnout and the fact that most of the protesters are of retirement age. Abe, 20, tells me this is his first protest. Holding a sign that says “ICE = GESTAPO,” he tells me he came out to support a friend who is Mexican. Three teenagers walk by with signs expressing support for immigrants: “While Trump destroys America, we built it.” “Trump: 3 felonies. My parents: 0.” As I drive away, I notice nine counter-protesters off to the side, around the corner from the main event. They wave their own flags, but the demonstrators seemingly pay them no mind.— Gaby Del ValleHistoric Filipinotown, Los AngelesWearing a camo baseball cap — “Desert Storm Veteran” emblazoned on the front — Joe Arciaga greets a crowd of about 100 people in Los Angeles’ Historic Filipinotown around 9:00AM.“Good morning everyone, are you ready for some beautiful trouble?” Arciaga says into the megaphone, an American flag bandana wrapped around his wrist. The faces of Filipino labor leaders Philip Vera Cruz and Larry Itliong, who organized farm workers alongside Cesar Chavez, peer over his shoulders from a mural that lines the length of Unidad Park where Arciaga and a group called Lakas Collective helped organize this neighborhood No Kings rally. “I’m a Desert Storm veteran, and I’m a father of three and a grandfather of three, and I want to work for a future where democracy is upheld, due process, civil rights, the preservation of the rule of law — That’s all I want. I’m not a billionaire, I’m just a regular Joe, right?”, he tells The Verge.Joe Arciaga speaks to people at a rally in Historic Filipinotown, Los Angeles. Image: Justine Calma“I am mad as hell,” he says, when I ask him about the Army 250th anniversary parade Donald Trump has organized in Washington, DC coinciding with the president’s birthday. “The guy does not deserve to be honored, he’s a draft dodger, right?” Arciaga says. He’s “livid” that the President and DOGE have fired veterans working for federal agencies and slashed VA staff.Arciaga organizes the crowd into two lines that file out of the park to stand along Beverly Blvd., one of the main drags through LA. Arciaga has deputized a handful of attendees with security or medical experience with whistles to serve as “marshals” tasked with flagging and de-escalating any potentially risky situation that might arise. Johneric Concordia, one of the co-founders of the popular The Park’s Finest barbecue joint in the neighborhood, is MCing out on Beverly Blvd. He and Arciaga direct people onto the sidewalks and off the asphalt as honking cars zip by. In between chants of “No hate! No fear! Immigrants are welcome here!” and rap songs from LA artist Bambu that Concordia plays from a speaker, Concordia hypes up the organizers. “Who’s cool? Joe’s cool?” He spits into the microphone connected to his speaker. “Who’s streets? Our streets!” the crowd cheers. An hour later, a man sitting at a red light in a black Prius rolls down his window. “Go home!” he yells from the intersection. “Take your Mexican flag and go home!”The crowd mostly ignores him. One attendee on the corner holds up his “No Kings” sign to the Prius without turning his head to look at him. A few minutes later, a jogger in a blue t-shirt raises his fist as he passes the crowd. “Fuck yeah guys,” he says to cheers.By 10AM, the neighborhood event is coming to a close. Demonstrators start to trickle away, some fanning out to other rallies planned across LA today. Concordia is heading out too, microphone and speaker still in hand, “If you’re headed to downtown, watch out for suspicious crew cuts!” — Justine CalmaSan Francisco, California1/10Most of the crowd trickled out after 2pm, which was the scheduled end time of the protest, but hundreds stayed in the area. Image: Vjeran PavicLondon, UKLondon’s protest was a little different than most: it was almost entirely bereft of “No Kings” signs, thanks to the fact that about two miles away much larger crowds were gathered to celebrate the official birthday of one King Charles III. “We don’t have anything against King Charles,” Alyssa, a member of organizers Indivisible London, told me. And so, “out of respect for our host country as immigrants,” they instead set up shop in front of the US embassy with a tweaked message: “No kings, no crowns” became “no tyrants, no clowns.” London, UK. Image: Dominic PrestonOf the hundreds gathered, not everyone got the memo, with a few painted signs decrying kings and crowns regardless, and one brave Brit brandishing a bit of cardboard with a simple message: “Our king is better than yours!”London, UK. Image: Dominic PrestonStill, most of the crowd were on board, with red noses, clown suits, and Pennywise masks dotted throughout, plus costumes ranging from tacos to Roman emperors. “I think tyrants is the better word, and that’s why I dressed up as Caesar, because he was the original,” says Anna, a Long Island native who’s lived in London for three years. “Nobody likes a tyrant. Nobody. And they don’t do well, historically, but they destroy a lot.”For 90 minutes or so the crowd — predominantly American, judging by the accents around me — leaned into the circus theme. Speakers shared the stage with performers, from a comic singalong of anti-Trump protest songs to a protracted pantomime in which a woman in a banana costume exhorted the crowd to pelt a Donald Trump impersonator with fresh peels. London, UK. Image: Dominic PrestonDuring a break in festivities, Alyssa told the crowd, “The most threatening sound to an oligarch is laughter.”— Dominic PrestonProspect Park, Brooklyn, New YorkThe No Kings protest at Brooklyn’s Grand Army Plaza was a calmer affair. Instead of gathering under the picturesque memorial arch, protesters were largely sequestered to a corner right outside Prospect Park, with some streets blocked off by police. The weekly farmers market was in full swing, meaning people cradling bundles of rhubarb were swerving in and out of protest signs that read things like, “Hating Donald Trump is Brat” and “Is it time to get out the pitch forks?” Like during the Hands Off protest in April, New York got rain on Saturday.Prospect Park, Brooklyn. Image: Mia SatoThe area where protesters were gathered made it difficult to count the crowd, but there were hundreds — perhaps a few thousand — people that streamed in and out. At one point, some protesters began marching down the street alongside Prospect Park, while others stayed at Grand Army Plaza to chant, cheer, and hold signs up at oncoming vehicles. With its proximity to the public library, the park, and densely populated neighborhoods, the massive intersection is a high-foot traffic area. Cars blared their horns as they passed, American flags waving in the chilly afternoon breeze.Jane, a Brooklyn resident who stood on the curb opposite the protesters, said she isn’t typically someone who comes out to actions like this: before the No Kings event, she had only ever been to one protest, the Women’s March. (Jane asked that The Verge use her first name only.) Prospect Park, Brooklyn. Image: Mia Sato“I’m deeply concerned about our country,” Jane said, pausing as a long stream of trucks and cars honked continuously in support of the protesters in the background. “I think Trump is behaving as an authoritarian. We’ve seen in Russia, in Hungary, in Hong Kong, that the slide from freedom to not freedom is very fast and very quick if people do not make their voices heard,” Jane said. “I’m concerned that that’s what’s happening in the United States.” Jane also cited cuts to Medicaid and funding for academic research as well as tariffs as being “unacceptable.”Prospect Park, Brooklyn. Image: Mia SatoThe event was peaceful — there were lots of kids present — and people were in good spirits despite the rain. Protest signs ran the gamut from general anti-Trump slogans (“I trust light tampons more than this administration”) to New York City-specific causes like “Andrew Cuomo can’t read” (there is a contenious mayoral election this month). One sign read, “Fix your hearts or die,” an iconic line from the late director, David Lynch’s, Twin Peaks: The Return. And of course, amid nationwide immigration raids that have been escalated by the involvement of the federal government, ICE was top of mind: one sign simply read, “Melt ICE,” and another protester held a large “NO ICE IN NYC” sign. Though it was smaller and more contained than other events, the protest didn’t lack conviction: attendees of all ages stood in the cold rain, chanting and blowing into vuvuzela, banging the lids of pots and pans. At one point a man stood on the median on the street, leading the group in chants of “No justice, no peace.” Cars laid on the horn as they drove by.— Mia SatoAkron, OhioIt’s been raining pretty hard the last few days in Akron, OH, so much that I didn’t think there’d be a large turnout for our chapter of the No Kings protest. But I was emphatically proven wrong as the crowds I saw dwarfed the Tesla Takedown protests last month. Officially, the protest was to take place in front of the John F. Seiberling Federal Building on Main Street in Downtown Akron. But the concentration of people spilled over from that small space down Main Street and up Market Street. All told, though there were no official counts, I estimate somewhere between 500 to 900 people in this blue enclave in Northeast Ohio.The mood was exuberant, buoyed by supporters who honked their horns as they passed. The chorus of horns was nonstop, and when a sanitation truck honked as it went by, cheers got louder. The chants the crowds were singing took on a local flare. Ohio is the home of the Ohio State Buckeyes and anywhere you go, shout “O-H” and you’ll invariably get an “I-O” response. The crowds used that convention to make their own chant, “OH-IO, Donald Trump has got to go.”There was no police presence here and the crowd was very good at policing itself. Ostensibly out of concern for the incidents where people have rammed their cars into protestor crowds, the people here have taken up crossing guard duties, aiding folks who wish to cross Main or Market Streets. Toward the end of my time at the protest, I saw an older gentleman wearing Kent State gear and holding a sign that read, “Remember another time the National Guard was called in?” His sign featured a drawing of the famous photo from the event in which four Kent State students during a protest of the Vietnam War were killed by National Guard troops. I caught up with him to ask him some questions and he told me his name was Chuck Ayers, a professional cartoonist, and was present at the shooting. Akron, OH. Image: Ash Parrish“When I saw the National Guard in front of the federal building in LA,” he told me, “It was just another flashback.”He did not tell me this at the time, but Ayers is a nationally recognized cartoonist, noted for co-creating the comic strip Crankshaft. He’s lived in Ohio his entire life and of course, drew that sign himself. As he was telling me about how seeing news of the National Guard being deployed in LA, I could see him strain to hold back his emotions. He said it still hurts to see this 55 years later, but that he was heartened to see so many people standing here in community and solidarity. He also said that given his pain and trauma he almost didn’t come. When I asked why he showed up when it so obviously causes him pain he said simply, “Because I have to.”— Ash ParrishOneonta, New YorkOn a northward drive to Oneonta — population roughly 15,000, the largest city in New York’s mainly rural Otsego County — one of the most prominent landmarks is a sprawling barn splashed in huge, painted block letters with TRUMP 2024. (The final digits have been faithfully updated every election since 2016.) It’s Trump country, but not uniformly Trumpy country, as evidenced by what I estimated as a hundreds-strong crowd gathered in a field just below Main Street that came together with a friendly county-fair atmosphere. Kids sat on their parents’ shoulders; American flags fluttered next to signs with slogans like SHADE NEVER MADE ANYONE LESS GAY, and attendees grumbled persistently about the event’s feeble sound system, set up on the bed of a pickup truck. It was the kind of conspicuously patriotic, far-from-urban protest that the Trump administration has all but insisted doesn’t exist.Image: Adi RobertsonBeyond a general condemnation of Trump, protest signs repped the same issues being denounced across the country. The wars in Gaza and Ukraine made an appearance, as did Elon Musk and Tesla. A couple of people called out funding cuts for organizations like NPR, one neatly lettered sign reminded us that WEATHER FORECASTING SAVES LIVES, another warned “Keep your nasty little hands off Social Security,” and a lot — unsurprisingly, given the past week’s events — attacked mass deportations and ICE. An attendee who identified himself as Bill, standing behind a placard that blocked most of him from sight, laid out his anger at the administration’s gutting of the Environmental Protection Agency. “I think if it was not for protests, there would be no change,” he told me.The event itself, supported by a coalition including the local chapter of Indivisible, highlighted topics like reproductive justice and LGBTQ rights alongside issues for groups often stereotyped as Republican blocs — there was a speech about Department of Veterans Affairs cuts and a representative from the local Office for the Aging (whose words were mostly lost to the sound system’s whims). Rules for a march around the modest downtown were laid out: no blocking pedestrians or vehicles, and for the sake of families doing weekend shopping, watch the language. “Fuck!” one person yelled indistinctly from the audience. “No, no,” the event’s emcee chided gently. The philosophy, as she put it, was one of persuasion. “We want to build the resistance, not make people angry at us.”Image: Adi RobertsonBut even in a place that will almost certainly never see a National Guard deployment or the ire of a Truth Social post, the Trump administration’s brutal deportation program had just hit close to home. Only hours before the protest commenced, ICE agents were recorded handcuffing a man and removing him in an unmarked black car — detaining what was reportedly a legal resident seeking asylum from Venezuela. The mayor of Oneonta, Mark Drnek, relayed the news to the crowd. “ICE! We see you!” boomed Drnek from the truckbed. “We recognize you for what you are, and we understand, and we reject your vile purpose.”The crowd cheered furiously. The stars and stripes waved.- Adi RobertsonSee More: Policy
    0 Commentarii 0 Distribuiri 0 previzualizare
  • For June’s Patch Tuesday, 68 fixes — and two zero-day flaws

    Microsoft offered up a fairly light Patch Tuesday release this month, with 68 patches to Microsoft Windows and Microsoft Office. There were no updates for Exchange or SQL server and just two minor patches for Microsoft Edge. That said, two zero-day vulnerabilitieshave led to a “Patch Now” recommendation for both Windows and Office.To help navigate these changes, the team from Readiness has provided auseful  infographic detailing the risks involved when deploying the latest updates.Known issues

    Microsoft released a limited number of known issues for June, with a product-focused issue and a very minor display concern:

    Microsoft Excel: This a rare product level entry in the “known issues” category — an advisory that “square brackets” orare not supported in Excel filenames. An error is generated, advising the user to remove the offending characters.

    Windows 10: There are reports of blurry or unclear CJKtext when displayed at 96 DPIin Chromium-based browsers such as Microsoft Edge and Google Chrome. This is a limited resource issue, as the font resolution in Windows 10 does not fully match the high-level resolution of the Noto font. Microsoft recommends changing the display scaling to 125% or 150% to improve clarity.

    Major revisions and mitigations

    Microsoft might have won an award for the shortest time between releasing an update and a revision with:

    CVE-2025-33073: Windows SMB Client Elevation of Privilege. Microsoft worked to address a vulnerability where improper access control in Windows SMB allows an attacker to elevate privileges over a network. This patch was revised on the same day as its initial release.

    Windows lifecycle and enforcement updates

    Microsoft did not release any enforcement updates for June.

    Each month, the Readiness team analyzes Microsoft’s latest updates and provides technically sound, actionable testing plans. While June’s release includes no stated functional changes, many foundational components across authentication, storage, networking, and user experience have been updated.

    For this testing guide, we grouped Microsoft’s updates by Windows feature and then accompanied the section with prescriptive test actions and rationale to help prioritize enterprise efforts.

    Core OS and UI compatibility

    Microsoft updated several core kernel drivers affecting Windows as a whole. This is a low-level system change and carries a high risk of compatibility and system issues. In addition, core Microsoft print libraries have been included in the update, requiring additional print testing in addition to the following recommendations:

    Run print operations from 32-bit applications on 64-bit Windows environments.

    Use different print drivers and configurations.

    Observe printing from older productivity apps and virtual environments.

    Remote desktop and network connectivity

    This update could impact the reliability of remote access while broken DHCP-to-DNS integration can block device onboarding, and NAT misbehavior disrupts VPNs or site-to-site routing configurations. We recommend the following tests be performed:

    Create and reconnect Remote Desktopsessions under varying network conditions.

    Confirm that DHCP-assigned IP addresses are correctly registered with DNS in AD-integrated environments.

    Test modifying NAT and routing settings in RRAS configurations and ensure that changes persist across reboots.

    Filesystem, SMB and storage

    Updates to the core Windows storage libraries affect nearly every command related to Microsoft Storage Spaces. A minor misalignment here can result in degraded clusters, orphaned volumes, or data loss in a failover scenario. These are high-priority components in modern data center and hybrid cloud infrastructure, with the following storage-related testing recommendations:

    Access file shares using server names, FQDNs, and IP addresses.

    Enable and validate encrypted and compressed file-share operations between clients and servers.

    Run tests that create, open, and read from system log files using various file and storage configurations.

    Validate core cluster storage management tasks, including creating and managing storage pools, tiers, and volumes.

    Test disk addition/removal, failover behaviors, and resiliency settings.

    Run system-level storage diagnostics across active and passive nodes in the cluster.

    Windows installer and recovery

    Microsoft delivered another update to the Windows Installerapplication infrastructure. Broken or regressed Installer package MSI handling disrupts app deployment pipelines while putting core business applications at risk. We suggest the following tests for the latest changes to MSI Installer, Windows Recovery and Microsoft’s Virtualization Based Security:

    Perform installation, repair, and uninstallation of MSI Installer packages using standard enterprise deployment tools.

    Validate restore point behavior for points older than 60 days under varying virtualization-based securitysettings.

    Check both client and server behaviors for allowed or blocked restores.

    We highly recommend prioritizing printer testing this month, then remote desktop deployment testing to ensure your core business applications install and uninstall as expected.

    Each month, we break down the update cycle into product familieswith the following basic groupings: 

    Browsers;

    Microsoft Windows;

    Microsoft Office;

    Microsoft Exchange and SQL Server; 

    Microsoft Developer Tools;

    And Adobe.

    Browsers

    Microsoft delivered a very minor series of updates to Microsoft Edge. The  browser receives two Chrome patcheswhere both updates are rated important. These low-profile changes can be added to your standard release calendar.

    Microsoft Windows

    Microsoft released five critical patches and40 patches rated important. This month the five critical Windows patches cover the following desktop and server vulnerabilities:

    Missing release of memory after effective lifetime in Windows Cryptographic Servicesallows an unauthorized attacker to execute code over a network.

    Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

    Use after free in Windows KDC Proxy Serviceallows an unauthorized attacker to execute code over a network.

    Use of uninitialized resources in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network.

    Unfortunately, CVE-2025-33073 has been reported as publicly disclosed while CVE-2025-33053 has been reported as exploited. Given these two zero-days, the Readiness recommends a “Patch Now” release schedule for your Windows updates.

    Microsoft Office

    Microsoft released five critical updates and a further 13 rated important for Office. The critical patches deal with memory related and “use after free” memory allocation issues affecting the entire platform. Due to the number and severity of these issues, we recommend a “Patch Now” schedule for Office for this Patch Tuesday release.

    Microsoft Exchange and SQL Server

    There are no updates for either Microsoft Exchange or SQL Server this month. 

    Developer tools

    There were only three low-level updatesreleased, affecting .NET and Visual Studio. Add these updates to your standard developer release schedule.

    AdobeAdobe has releaseda single update to Adobe Acrobat. There were two other non-Microsoft updated releases affecting the Chromium platform, which were covered in the Browser section above.
    #junes #patch #tuesday #fixes #two
    For June’s Patch Tuesday, 68 fixes — and two zero-day flaws
    Microsoft offered up a fairly light Patch Tuesday release this month, with 68 patches to Microsoft Windows and Microsoft Office. There were no updates for Exchange or SQL server and just two minor patches for Microsoft Edge. That said, two zero-day vulnerabilitieshave led to a “Patch Now” recommendation for both Windows and Office.To help navigate these changes, the team from Readiness has provided auseful  infographic detailing the risks involved when deploying the latest updates.Known issues Microsoft released a limited number of known issues for June, with a product-focused issue and a very minor display concern: Microsoft Excel: This a rare product level entry in the “known issues” category — an advisory that “square brackets” orare not supported in Excel filenames. An error is generated, advising the user to remove the offending characters. Windows 10: There are reports of blurry or unclear CJKtext when displayed at 96 DPIin Chromium-based browsers such as Microsoft Edge and Google Chrome. This is a limited resource issue, as the font resolution in Windows 10 does not fully match the high-level resolution of the Noto font. Microsoft recommends changing the display scaling to 125% or 150% to improve clarity. Major revisions and mitigations Microsoft might have won an award for the shortest time between releasing an update and a revision with: CVE-2025-33073: Windows SMB Client Elevation of Privilege. Microsoft worked to address a vulnerability where improper access control in Windows SMB allows an attacker to elevate privileges over a network. This patch was revised on the same day as its initial release. Windows lifecycle and enforcement updates Microsoft did not release any enforcement updates for June. Each month, the Readiness team analyzes Microsoft’s latest updates and provides technically sound, actionable testing plans. While June’s release includes no stated functional changes, many foundational components across authentication, storage, networking, and user experience have been updated. For this testing guide, we grouped Microsoft’s updates by Windows feature and then accompanied the section with prescriptive test actions and rationale to help prioritize enterprise efforts. Core OS and UI compatibility Microsoft updated several core kernel drivers affecting Windows as a whole. This is a low-level system change and carries a high risk of compatibility and system issues. In addition, core Microsoft print libraries have been included in the update, requiring additional print testing in addition to the following recommendations: Run print operations from 32-bit applications on 64-bit Windows environments. Use different print drivers and configurations. Observe printing from older productivity apps and virtual environments. Remote desktop and network connectivity This update could impact the reliability of remote access while broken DHCP-to-DNS integration can block device onboarding, and NAT misbehavior disrupts VPNs or site-to-site routing configurations. We recommend the following tests be performed: Create and reconnect Remote Desktopsessions under varying network conditions. Confirm that DHCP-assigned IP addresses are correctly registered with DNS in AD-integrated environments. Test modifying NAT and routing settings in RRAS configurations and ensure that changes persist across reboots. Filesystem, SMB and storage Updates to the core Windows storage libraries affect nearly every command related to Microsoft Storage Spaces. A minor misalignment here can result in degraded clusters, orphaned volumes, or data loss in a failover scenario. These are high-priority components in modern data center and hybrid cloud infrastructure, with the following storage-related testing recommendations: Access file shares using server names, FQDNs, and IP addresses. Enable and validate encrypted and compressed file-share operations between clients and servers. Run tests that create, open, and read from system log files using various file and storage configurations. Validate core cluster storage management tasks, including creating and managing storage pools, tiers, and volumes. Test disk addition/removal, failover behaviors, and resiliency settings. Run system-level storage diagnostics across active and passive nodes in the cluster. Windows installer and recovery Microsoft delivered another update to the Windows Installerapplication infrastructure. Broken or regressed Installer package MSI handling disrupts app deployment pipelines while putting core business applications at risk. We suggest the following tests for the latest changes to MSI Installer, Windows Recovery and Microsoft’s Virtualization Based Security: Perform installation, repair, and uninstallation of MSI Installer packages using standard enterprise deployment tools. Validate restore point behavior for points older than 60 days under varying virtualization-based securitysettings. Check both client and server behaviors for allowed or blocked restores. We highly recommend prioritizing printer testing this month, then remote desktop deployment testing to ensure your core business applications install and uninstall as expected. Each month, we break down the update cycle into product familieswith the following basic groupings:  Browsers; Microsoft Windows; Microsoft Office; Microsoft Exchange and SQL Server;  Microsoft Developer Tools; And Adobe. Browsers Microsoft delivered a very minor series of updates to Microsoft Edge. The  browser receives two Chrome patcheswhere both updates are rated important. These low-profile changes can be added to your standard release calendar. Microsoft Windows Microsoft released five critical patches and40 patches rated important. This month the five critical Windows patches cover the following desktop and server vulnerabilities: Missing release of memory after effective lifetime in Windows Cryptographic Servicesallows an unauthorized attacker to execute code over a network. Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network. Use after free in Windows KDC Proxy Serviceallows an unauthorized attacker to execute code over a network. Use of uninitialized resources in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network. Unfortunately, CVE-2025-33073 has been reported as publicly disclosed while CVE-2025-33053 has been reported as exploited. Given these two zero-days, the Readiness recommends a “Patch Now” release schedule for your Windows updates. Microsoft Office Microsoft released five critical updates and a further 13 rated important for Office. The critical patches deal with memory related and “use after free” memory allocation issues affecting the entire platform. Due to the number and severity of these issues, we recommend a “Patch Now” schedule for Office for this Patch Tuesday release. Microsoft Exchange and SQL Server There are no updates for either Microsoft Exchange or SQL Server this month.  Developer tools There were only three low-level updatesreleased, affecting .NET and Visual Studio. Add these updates to your standard developer release schedule. AdobeAdobe has releaseda single update to Adobe Acrobat. There were two other non-Microsoft updated releases affecting the Chromium platform, which were covered in the Browser section above. #junes #patch #tuesday #fixes #two
    WWW.COMPUTERWORLD.COM
    For June’s Patch Tuesday, 68 fixes — and two zero-day flaws
    Microsoft offered up a fairly light Patch Tuesday release this month, with 68 patches to Microsoft Windows and Microsoft Office. There were no updates for Exchange or SQL server and just two minor patches for Microsoft Edge. That said, two zero-day vulnerabilities (CVE-2025-33073 and CVE-2025-33053) have led to a “Patch Now” recommendation for both Windows and Office. (Developers can follow their usual release cadence with updates to Microsoft .NET and Visual Studio.) To help navigate these changes, the team from Readiness has provided auseful  infographic detailing the risks involved when deploying the latest updates. (More information about recent Patch Tuesday releases is available here.) Known issues Microsoft released a limited number of known issues for June, with a product-focused issue and a very minor display concern: Microsoft Excel: This a rare product level entry in the “known issues” category — an advisory that “square brackets” or [] are not supported in Excel filenames. An error is generated, advising the user to remove the offending characters. Windows 10: There are reports of blurry or unclear CJK (Chinese, Japanese, Korean) text when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. This is a limited resource issue, as the font resolution in Windows 10 does not fully match the high-level resolution of the Noto font. Microsoft recommends changing the display scaling to 125% or 150% to improve clarity. Major revisions and mitigations Microsoft might have won an award for the shortest time between releasing an update and a revision with: CVE-2025-33073: Windows SMB Client Elevation of Privilege. Microsoft worked to address a vulnerability where improper access control in Windows SMB allows an attacker to elevate privileges over a network. This patch was revised on the same day as its initial release (and has been revised again for documentation purposes). Windows lifecycle and enforcement updates Microsoft did not release any enforcement updates for June. Each month, the Readiness team analyzes Microsoft’s latest updates and provides technically sound, actionable testing plans. While June’s release includes no stated functional changes, many foundational components across authentication, storage, networking, and user experience have been updated. For this testing guide, we grouped Microsoft’s updates by Windows feature and then accompanied the section with prescriptive test actions and rationale to help prioritize enterprise efforts. Core OS and UI compatibility Microsoft updated several core kernel drivers affecting Windows as a whole. This is a low-level system change and carries a high risk of compatibility and system issues. In addition, core Microsoft print libraries have been included in the update, requiring additional print testing in addition to the following recommendations: Run print operations from 32-bit applications on 64-bit Windows environments. Use different print drivers and configurations (e.g., local, networked). Observe printing from older productivity apps and virtual environments. Remote desktop and network connectivity This update could impact the reliability of remote access while broken DHCP-to-DNS integration can block device onboarding, and NAT misbehavior disrupts VPNs or site-to-site routing configurations. We recommend the following tests be performed: Create and reconnect Remote Desktop (RDP) sessions under varying network conditions. Confirm that DHCP-assigned IP addresses are correctly registered with DNS in AD-integrated environments. Test modifying NAT and routing settings in RRAS configurations and ensure that changes persist across reboots. Filesystem, SMB and storage Updates to the core Windows storage libraries affect nearly every command related to Microsoft Storage Spaces. A minor misalignment here can result in degraded clusters, orphaned volumes, or data loss in a failover scenario. These are high-priority components in modern data center and hybrid cloud infrastructure, with the following storage-related testing recommendations: Access file shares using server names, FQDNs, and IP addresses. Enable and validate encrypted and compressed file-share operations between clients and servers. Run tests that create, open, and read from system log files using various file and storage configurations. Validate core cluster storage management tasks, including creating and managing storage pools, tiers, and volumes. Test disk addition/removal, failover behaviors, and resiliency settings. Run system-level storage diagnostics across active and passive nodes in the cluster. Windows installer and recovery Microsoft delivered another update to the Windows Installer (MSI) application infrastructure. Broken or regressed Installer package MSI handling disrupts app deployment pipelines while putting core business applications at risk. We suggest the following tests for the latest changes to MSI Installer, Windows Recovery and Microsoft’s Virtualization Based Security (VBS): Perform installation, repair, and uninstallation of MSI Installer packages using standard enterprise deployment tools (e.g. Intune). Validate restore point behavior for points older than 60 days under varying virtualization-based security (VBS) settings. Check both client and server behaviors for allowed or blocked restores. We highly recommend prioritizing printer testing this month, then remote desktop deployment testing to ensure your core business applications install and uninstall as expected. Each month, we break down the update cycle into product families (as defined by Microsoft) with the following basic groupings:  Browsers (Microsoft IE and Edge); Microsoft Windows (both desktop and server); Microsoft Office; Microsoft Exchange and SQL Server;  Microsoft Developer Tools (Visual Studio and .NET); And Adobe (if you get this far). Browsers Microsoft delivered a very minor series of updates to Microsoft Edge. The  browser receives two Chrome patches (CVE-2025-5068 and CVE-2025-5419) where both updates are rated important. These low-profile changes can be added to your standard release calendar. Microsoft Windows Microsoft released five critical patches and (a smaller than usual) 40 patches rated important. This month the five critical Windows patches cover the following desktop and server vulnerabilities: Missing release of memory after effective lifetime in Windows Cryptographic Services (WCS) allows an unauthorized attacker to execute code over a network. Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network. Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network. Use of uninitialized resources in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network. Unfortunately, CVE-2025-33073 has been reported as publicly disclosed while CVE-2025-33053 has been reported as exploited. Given these two zero-days, the Readiness recommends a “Patch Now” release schedule for your Windows updates. Microsoft Office Microsoft released five critical updates and a further 13 rated important for Office. The critical patches deal with memory related and “use after free” memory allocation issues affecting the entire platform. Due to the number and severity of these issues, we recommend a “Patch Now” schedule for Office for this Patch Tuesday release. Microsoft Exchange and SQL Server There are no updates for either Microsoft Exchange or SQL Server this month.  Developer tools There were only three low-level updates (product focused and rated important) released, affecting .NET and Visual Studio. Add these updates to your standard developer release schedule. Adobe (and 3rd party updates) Adobe has released (but Microsoft has not co-published) a single update to Adobe Acrobat (APSB25-57). There were two other non-Microsoft updated releases affecting the Chromium platform, which were covered in the Browser section above.
    0 Commentarii 0 Distribuiri 0 previzualizare
CGShares https://cgshares.com