The Cyber Why: What We Read This Week...
... and why you should too! (2/10/2023)
This was a very interesting week. A ton of noise about ransomware, a debate that devolved into flame war about cyber security Lamborghinis, a couple of hacks (including Reddit), and a failed launch of a competitor to ChatGPT by Google are all on the docket this week. There was also some positive content with a great post about how to use P&L to position your next fundraising round, a killer cybersecurity market map by Pitchbook, and a cool chess.com hack! Again, I want to thank Rick Holland for helping pull together this week’s Cyber Why content. We both hope that you enjoy your weekend reading! Go check it out….
If you want to have a 0% chance of winning a #cyberlambo please subscribe here. I will THINK about selecting one winner in 2027!
US and South Korea accuse North Korea of using hospital ransoms to fund more hacking (The Record)
This just in from the land of “Well DUH!”. If you spend any amount of time around cybersecurity people, the topic of nation-state-sponsored attacks will be brought up. What I found interesting in this story is the fact that they are targeting healthcare organizations to extract revenue via ransomware to fund other attacks against higher-profile targets. That’s just downright despicable!
Reddit Confirms It Was Hacked — Recommends Users Set Up 2FA (Forbes)
While the story insists that nothing customer related was compromised, Reddit suggests that all users turn on two-factor authentication just in case. This is a great recommendation regardless of the risk of this particular breach. This post on Reddit describes the incident as a “sophisticated phishing campaign that targeted Reddit employees”. The words “sophisticated” and “phishing” should very rarely be used in the same sentence as it’s generally an oxymoronic statement. Read on for details!
Market Map: Information security guards against economic threats (Pitchbook)
I’m a sucker for market maps. As a former Forrester analyst, I can’t resist putting companies into buckets. I know, I know… people hate analysts for doing this, but I think grouping companies provides many benefits when trying to understand competitive offerings with similar value propositions. Check out the cyber security deal data for Q4 2022 along with information on emerging opportunities such as machine learning for security and postquantum cryptography (YUM!).
Cybersecurity Drama of the Week - #cyberlambos (The Cyber Why)
This week in cybersecurity drama, a shitstorm of useless debate occurred when Naomi Buckwalter posted a “seemingly innocent” poll on LinkedIn. Specifically, she asked about the nature of people showing off their high-end sports cars on LinkedIn. The firestorm ensued and at the time of writing this article over 168 people had chimed in with their thoughts in the comments section. If you are bored over the weekend and want a great laugh take a look through the threads… it’s worth your time!
CVE-2018-90017117: Oldie but a goodie (The Grugq)
The Grugq featured this on his substack this week and I freaking love it! I’m a chess player at Chess.com. I’m not all that good, but I do enjoy the game, so come at me with a challenge request. If you start to get ahead of me, I’ll just hack the game and find another way to win! The CVE dates back to 2018 so yes it’s old… but it’s still cool as hell!
Massive ransomware attack targets VMware ESXi servers worldwide (CSO Online - Rick Pick)
This week has been a particularly challenging one from a ransomware perspective. ION is restoring services after being targeted by Lockbit last week, and a two-year-old VMware ESXI vulnerability has resulted in a global ransomware campaign. On a positive note, CISA and the FBI released a recovery script that victims can use to attempt to restore their files. On a negative note, threat actors adapted. It wasn't that long ago we were celebrating the disruption of the Hive ransomware group, but as always, “cybercrime uh, finds a way”. There will always be other criminals waiting in the wings. If Jurassic Park analogies aren't your thing, what about the Marvel Cinematic Universe? "Cut off one head; two more shall take its place. Hail Hydra."
Exploit Vector Analysis of Emerging “ESXiArgs” Ransomware (Greynoise)
Here’s some additional color on the above article! Another day, another new approach to ransomware. This time, active exploitation of VMWare’s ESXi OpenSLP service appears to be the culprit. I hate the term ransomware. As this piece shows, ransomware is the OUTPUT of an active attack and isn’t something you stop directly without stopping the vulnerabilities and issues that are being exploited. That all being said this piece is an exemplary piece of content from some really smart (and cool) people on the right way to research an issue. Thank you for the write-up, Greynoise!
Tallahassee hospital diverting patients, canceling non-emergency surgeries after cyberattack (The Record)
It was a really bad week for ransomware. I mean bad. There is no evidence linking this hack to the previous articles about nation-state-sponsored health care targeted hacks, but it sure seems to follow that same overall modus operandi! So sad.
The P&L Tells The Story (next big thing)
As raising funding gets more difficult, the requirements for success continue to climb. You used to be able to get millions of dollars on a “team and a dream”, but in 2023 those fountains have dried up. To get funding today you have to have a trailing 12-month P&L that properly tells your story. From margin to unit economics, and growth over time, smart investors today are no longer making investments in the “potential” of the business. Vision alone is not going to be enough. You better have some traction and the metrics to prove it!
How To Sell Your Stock Options On A Secondary Market (Crunchbase)
Only for the biggest of the big, secondary markets provide liquidity in that “just before IPO” stage that many startups seem to be sitting in for close to a decade. The biggest issue with these secondary markets is the limited liquidity, low level of supply and demand, and a general inability to accurately price the shares that you may be looking to sell. At the end of the day unless you are holding one of the biggest unicorns of our era, selling your shares on sites like these is a difficult task.
“Hierarchy of information contained in company decks” (Twitter - Rick pick)
If you pitch to investors, consider this hierarchy of information and how you talk about your company’s progress. Thanks to OpenDNS founder and Andreessen Horowitz GP David Ulevitch for sharing. “Best place to work in XYZ city.” Haha.
SoftBank Posts $5.6B Loss Thanks To Vision Fund Segment (Crunchbase News)
Now that’s a lot of bread! Over 5B$ lost in ONE QUARTER! Holy smokes. This doesn’t include the direct personal net-worth losses suffered by SoftBank CEO Masayoshi Son. Rumor has it that he may have lost 5+ billion of his own capital via ride-along investments into many of these companies.
The Creator of ChatGPT Thinks AI Should Be Regulated (Time - Rick pick)
Time conducted an interesting interview with the CTO of OpenAI, Mira Murati. ”Murati spoke to TIME about ChatGPT’s biggest weakness, the software’s untapped potential, and why it’s time to move toward regulating AI.” Murati discusses the challenge of how ChatGPT will confidently “make up facts” and how regulators and governments should also have input. When it comes to regulation, it’s very reassuring that the U.S. has a proven track record of effectively regulating and enabling emerging technologies like cryptocurrency that we can leverage for AI regulation. Wait, never mind.
Meet Bard, Google’s Answer to ChatGPT (WIRED - Rick pick)
Speaking of AI, Google CEO Sundar Pichai officially launched Bard, Google’s experimental conversational AI service, earlier this week. “Bard seeks to combine the breadth of the world’s knowledge with the power, intelligence, and creativity of our large language models. It draws on information from the web to provide fresh, high-quality responses.” Much commentary has been said about ChatGPT’s implications for Google’s search (and ad) business, so launching Bard is an essential step for Google. As far as the name goes, I support Bard, it reminds me of my favorite troubadour, Dandelion/Jaskier. Toss a coin for your favorite AI!
Alphabet shares dive after Google AI chatbot Bard flubs answer in ad (Reuters - Rick pick)
Ok, now that the pleasantries are over and you have met Bard read this: "Alphabet Inc lost $100 billion in market value on Wednesday after its new chatbot shared inaccurate information in a promotional video and a company event failed to dazzle, feeding worries that the Google parent is losing ground to rival Microsoft Corp." It seems that Bard is off to a rough start. Now, who's ready to integrate AI and search?
If you’ve made it this far you either found my musings at least semi-entertaining OR you enjoy pain and kept going regardless. No matter how you made it to this point, you should know that I appreciate you. Please do me a solid and share The Cyber Why with your friends. I would love to reach a bigger audience and referrals are how I’ll do it. Help me out and I’ll see you next week!