Newsletter

07.14.2021 | 5'' read

Cybersecurity can sometimes feel hopeless

by Ryan Naraine


This newsletter is sponsored by SecurityWeek, covering the intersection of business, technology and cybersecurity.


Personal notes.

  • The Black Hat book-signing event with Crossbeam CISO Chris Castaldo is sold out. If you’re in Vegas and still want to grab breakfast near Cosmo, ping me, Twitter DMs are open.
  • I’ll be hosting a fireside chat and panel discussion on the cloud and expanding attack surfaces at the SecurityWeek Cloud Security Summit.  Remember to register, these are always fun!
  • I’m currently editing a few great podcast episodes — Jack Cable, researcher at the Krebs Stamos Group; and Vicente Diaz from Google/VirusTotal. Don’t miss the latest show with JupiterOne CISO Sounil Yu on SBOMs.
  • I’m scheduled to appear as a guest on the Recorded Future’s CyberWire Daily podcast. I’ll share the link when the recording goes live.
  • The most clicked link from last week’s issue was the official Kesaya web page documenting its response to the big ransomware hack.

Monday blues.

Today is the Patch Tuesday before the Black Hat/Defcon conferences and it’s causing quite a stir on the zero-day trackers. Microsoft’s mega-bundle (117 documented security defects) includes three new zero-days where the vendor learned of the problem via live in-the-wild attacks.

So far this year, there have been 54 documented zero-day attacks, with code from Microsoft (33 percent) and Apple (20 percent) at the center of malware attacks that’s near impossible to defend.  By comparison, there were a total of 38 zero-days documented in all of 2020.

In my notes last week, I grumbled about Microsoft’s stumbling and bumbling around the ‘PrintNightmare’ patch, only to later discover more problems with the newest emergency patch. The same week, we learned of a new SolarWinds zero-day being exploited (a Microsoft discovery) and newer waves of Windows ransomware infections that makes everything feel rather hopeless.

After years and years of spending billions of dollars on cybersecurity, here we are, on a zero-day patching treadmill while ransomware infections soar and vendors boast of successful IPOs and expanding revenue streams.

So much is wrong.

Remember to patch your machines, use a password manager, and multi-factor all the things.  It’s really all we can realistically do.

_ryan


Sponsor message: SecurityWeek Cloud Security Summit

As enterprises adopt cloud-based services to leverage benefits such as scalability, increased efficiency, and as cost savings, security has remained a top concern. SecurityWeek’s Cloud Security Summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Attendees, will be able to interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments. Date/Time July 21, 2021 from 11AM – 4PM Eastern.


SBOM and supply chain things

Readables.

Watchables.

Tangentially.

  • Ransomwh.ere is an impressive attempt by hacker Jack Cable to track global ransomware payments.

* My thanks to all the sponsors: MongoDBUptycsEclypsium and SecurityWeek.  Our partnership with these companies help to keep our reporting independent and vendor-agnostic.

* Full podcast episodes are available on the SecurityConversations.com home page, and on all major platforms.  Directly subscribe from these links: Apple/iPhoneGoogle/AndroidSpotify and Amazon/Audible.

|

This site uses cookies and may process personal data based on our Privacy Policy