Small Bytes: The China Threat Edition

Good Monday morning, and welcome to the inaugural edition of “Small Bytes” featuring bite-sized portions of cybersecurity news that’s driving the week. Tune in each Monday for a rundown of what’s coming up in our community, plus some quick headlines and links on the latest news in the industry. We’ll try to keep the snark at a minimum, but no promises.

Leading the week… Those pesky vulnerabilities persist on Microsoft Exchange. The smart folks at MSFT patched it immediately, but as of last week, RiskIQ identified nearly 83,000 vulnerable instances of on-prem Exchange servers. This is a vast improvement from the 400,000 or so who were initially left vulnerable, but it’s still too far from zero to be comfortable. This hack was perpetrated by Chinese state-sponsored group Hafnium, which serves as a friendly reminder that we should pay attention to a growing threat. (Shameless plug, we’ll be discussing that in great depth at the NYC Summit on Wednesday).

ICYMI: The DC community got the whole run-down from CISA’s Klint Walker at the Southern California Virtual Cybersecurity Summit. Don’t worry, our own Michael Hiskey shared a quick run-down, plus full access to Walker’s talk in this post.

Fodder For the First Five Minutes of Your Next Zoom:

The $30 million ransom — Companies are paying out more and more ransom cash than ever before. Which makes you wonder if anyone listens to all that “Don’t Pay the Ransom!” advice. Story from ZDnet.

File under “Terrible People Being Terrible”  — Hackers capitalizing on the American Recovery Plan by sending out emails offering government cash to people who really need it. Spoiler alert: There’s no cash. Just malware. From Threat Post.

Walking it back. — GitHub is getting heat after a researcher published a proof-of-concept on one of the four zero-day Microsoft Exchange vulnerabilities uncovered in early March. The site, which is owned by none-other-than Microsoft itself, removed the code. The uproar stems from the wealth of proof-of-concept exploits for a variety of non-Microsoft vulnerabilities. Well, shucks. The Register reporting.

From the government, will help. — When it comes to threat detection, the federal government didn’t win any awards for its performance in 2020. The White House is now trying to play the White Hat. From the New York Times.

The first award for “Say Whaaat?” Headline of the week goes to Business Insider. “Bitcoin uses more energy than American Airlines and each $1 billion in inflows is equal to owning 1.2 million cars, Bank of America says.” Um, yikes. Also in Bitcoin: Currently struggling to get back up to $60k… help us, Elon, you’re our only hope! Feeling extra sorry for the guy that cashed in his 15 Bitcoins for a pizza back in 2011.

Insta-groan. If you can’t help but post those cute dog pics with those sweet filters, you should know that Instagram thinks it’s okay to share 79% of your personal data with third parties. This includes your search history, location, contacts, and financial information. Because nothing is sacred. Metro UK’s coverage.

Who got pwned last week? Hyundai Motor Group (disclosures, this reporter is a proud owner of a Sonata).

Zoom fatigue? Not if you’re a chimp. Some enterprising zookeepers set up a Zoom (…Zoo-m??) call between chimps at two Czech zoos. It went about as well as most meetings.

Let’s Talk About Us.

On the calendar: The New York City Virtual Cybersecurity Summit on Wednesday, 3/24. That’s right, we’re traveling (virtually) to the center of the universe, and if you’re not registered, you’re really, really missing out. We’re welcoming Dr. Jonathan Ward for a Fireside Chat on China’s rise to power and what that means for the cybersecurity industry (and unlike the CCP, Dr. Ward is looking forward to your questions and input, so come ready with your inquiries and enjoy the lively discussion). PLUS, Fmr. FBI Michael F.D. Anaya will be guest moderating a panel on ransomware recovery… definitely topical considering the news that we’re paying more than ever. Our CISO panel features top security chiefs from cool companies like jetBlue, NOKIA, and more. They’ll be dishing all the best tips from their many collective years of experience.

On the blog: On The Connection blog this week, your access to the “State of the Phish” 2020 report from DC partner Proofpoint. Plus, catch a book preview from Dr. Jonathan Ward, this week’s summit keynote. Hop on Friday for a look at what our vendor partners have been up to.

Got cybersecurity news tips? Let me know. Do you dig this? Let my boss know.