Small Bytes: World Record Edition
Another Monday, another week of cybersecurity news. Welcome back to Small Bytes, where we’re rounding up all the news that’s fit to share on the internet. Here’s some breaking news: if you haven’t subscribed to the Data Connectors blog, you’re missing out.
Leading the Week: Acer in the hole. Here’s a world record no one was competing for: Acer was hit with the largest ransom in history, with a giant price tag of $50 million dollars. And if you read that with the “Dr. Evil” voice, you’re not too far from the perp; hacking group REvil dropped data on financial information, banking communications and customer info. The standing theory is that REvil got in using those MSFT Exchange vulnerabilities, proving again that these problems don’t just disappear. Bleeping Computer broke the story.
Small-Talk Salvation, Starting Now:
Remember the ladies. Our team might be biased on this one (we’re proudly female-founded AND female-run!), but anyone who seeks to support women in cybersecurity is one we can get behind. Mentorship is the name of the game for Lift, a program focusing on growing women’s careers in cyber. As featured in CSO Online.
Now for the Big Yikes… a Mighigan-based bank had to notify its customers that their Social Security Numbers were compromised in a ransomware attack. It also had to notify its non-customers whose personal info was included in the breach. This is, unfortunately, after they’d realized they lost their employees SSNs as well. So, that’s rough. Here’s Vice’s article
Here’s one, for the kids. Turns out, TikTok is not a national security threat. At least, according to some university-level experts based out of Toronto’s Citizen Lab. Keep reading, though — seems like they buried the lede, because the article later alleges that China can grab data from TikTok owner ByteDance in.. “unconventional ways.” Not exactly soothing reporting from the WSJ.
Similarly, here’s one for your CFO. Companies who don’t invest in cyber are pretty much doomed. That is, according to a Canadian research firm. Hopefully it’s not too late for that FY2021 budget.
Bookmark this page. CISA’s weekly rundown of vulnerabilities for the week of March 29th. Kinda hard to make a joke here, because this is actually pretty helpful. Save this one.
Let’s Talk About Us
On the Calendar… The Seattle and Portland Virtual Cybersecurity Summit. Set your Outlook to “Out of Office,” pour yourself a big cup of coffee, and join us for two days of cybersecurity education and updates, this Wednesday and Thursday and kicking off at 9 a.m. PT on both days. We’ve got keynotes from the U.S. Secret Service and DHS-CISA, and a chat on pentesting from Jonathan Helmus. Other important topics to be covered: Seattle’s Best vs. Starbucks? Your vote only counts if you attend.
Coming up this week on the blog… We chatted with Hadas Cassorla (of Sea-Port CISO panel fame, among others), so check that out. Plus, Blackberry Research Intelligence will help us get a better grip on recovering from ransomware.
Got any news tips? Send them my way.
Recent news posts
Holiday Weekend Leaves Many Vulnerable to Cyber Attacks
Costa Rica Ransomware Attack Continues to Plague Citizens
What the Crypto Crash Means for Cyber Crime
Scaling, Improving and Automating Your GRC Strategy
CISA Issues Emergency Directive 22-03, Encourages VMware Updates
Attend an Event!
Connect and collaborate with fellow security innovators at our Virtual Cybersecurity Summits.