The Cyber Why: What We Read This Week...
... and why you should too! (6/24/24)
If you haven’t checked out The Cyber Why Podcast CLICK HERE! The monthly(ish) podcast covers the latest cyber news, commentary, debate, and discussion with a bit of fun and flare. You can find TCW Pod on thecyberwhy.com and all of your favorite podcast streaming systems.
This week in The Cyber Why Newsletter we cover a great article from
on hiring for a startup vs an established org, more details emerge on Shinyhunters and Snowflake, Kaspersky banned from US operations (and photos of Tyler at a Kaspersky boondoggle), more pork on Pig Butchering style attacks, and an EPIC RANT on AI. All this and more is in this week’s TCW newsletter.The Cyber Why POD - Now in 4k! (To be fair, it always has been in 4k and high-quality audio. We’re tech nerds like that.)
TCW Newsletter and the TCW Podcast both have a few 2024 sponsorship slots remaining! If you are interested in reaching nearly 5k security-minded people a week via direct mail plus nearly 30K views per month, sponsor The Cyber Why. It’s inexpensive - I SWEAR! Email tyler.shields@gmail.com for more information.
Startup Vs. High Growth - Same Thing, Right?
Hiring top performers from large cybersecurity vendors won't help early-stage startups grow, but it can ruin them (Venture In Security)
I want to open this week’s TCW newsletter with a top-tier piece by
from . The differences between building a startup and scaling a high-growth yet larger company are massive. Forget about the learnings you get going from $50M in ARR to $200M+, the run from $0 to $10 is so different, I would argue that the knowledge you gain from one will not only slow down your efficacy in the other, but there is a very real chance that it will cause you to FAIL when making the switch. Ross does an excellent job detailing exactly why this phenomenon exists and why hiring people from your network who have experience in your growth phase is the best way to build your business. If you are a founder or entrepreneur who has hiring responsibility, this article is an absolute must-read.Shinyhunters Reveals How They Compromised Snowflake Customers
Hackers Detail How They Allegedly Stole Ticketmaster Data From Snowflake (WIRED)
(Rick pick) Earlier this week, the great Kim Zetter scored a text chat interview with Shinyhunters, the threat actor that purportedly compromised Snowflake customers Ticketmaster and Santander. Shinyhunters has been on the cybercriminal scene since May of 2020 (full disclosure, link to Rick's day job), where they started selling and giving away data breaches for free. The group transitioned into extortion and continues to make headlines. The big news from the WIRED article is that there is a 4th party risk angle to these incidents. Shinyhunters claimed to have compromised EPAM Systems, a Snowflake partner. EPAM discounted Shinyhunter's allegations, saying, "It does not believe that it played a role in the breaches and suggested the hacker had fabricated the tale." Infostealers aren't new, but they are trending, and defenders need a strategy to defend against them. Start with MFA, use passkeys, don't allow syncing personal browsers with work browsers, and set shorter session cookie timeouts. Keep threat actors from using your credentials to gain initial access.
Kaspersky Banned From US Operations
Exclusive-Biden to ban US sales of Kaspersky software over Russia ties, source says (Update)
New Government Ban on Kaspersky Would Prevent Company from Updating Malware Signatures in U.S. (Kim Zetter)
Eugene Kaspersky (Wikipedia Entry)
Russian antivirus firm Kaspersky has been banned from selling its software in the United States. In addition, they are no longer allowed to provide updates to customers that reside within the US borders. Kaspersky has skirted along the edges of the United States political system for as long as I can remember (see controversies section on Eugene Kaspersky’s Wikipedia entry here). The Department of Homeland Security even banned Kaspersky from all federal US government systems in 2017, citing multiple transgressions.
When I was a cyber researcher (long ago), Kaspersky held an annual boondoggle where they flew every big-name researcher, market analyst, influencer, and more to a remote location and held a killer cyber conference. After several years off, the event recently resurfaced and will be hosted in Bali, Indonesia, in 2024. The event has never been held in the United States - the rumor and prevailing opinion was that over half of the company couldn’t get into the country to host it here. Somehow, I managed to get invited for my mobile security research during my days as a market analyst. I had so much hair back then!
Pig Butchers Are The Worst Type Of Criminal
Killed by a scam: A father took his life after losing his savings to international criminal gangs (CNN)
(Rick pick) We have covered "pig butchers" in the past; it is a heartbreaking scheme where criminals run a long con on their victims to get them to invest in fraudulent crypto. Often, these romance scams target lonely retired folks and wipe out their life savings and dignity. A country prosecutor quoted in this CNN story said:
"I've been a prosecutor for over 25 years. I've done all kinds of different types of crime. I spent nine years in sexual assault. And I've never seen the absolute decimation of people that I've seen as a result of pig butchering."
Sadly, many of those who conduct these scams are trafficked to places in Southeast Asia against their will and forced to fleece their victims. I have some personal experience with these types of scams. Although no money was lost, a close family member of mine was actively groomed over months in an attempt to cash out. Some scams focus on crypto investment, while others seek to have money wired overseas. In 2023, the FBI Internet Crimes Complaint Center "received reports from 6,740 individuals over the age of 60 who experienced almost $357 million in losses to Confidence/Romance scams." We must educate our parents and grandparents on the predators that conduct these scams and how to protect themselves. Jason Statham’s latest film, “The Beekeeper,” has him get payback on these types of scammers. Go get ‘em JASON!
Rant On My Friend! Epic Rant on AI Hype!
I Will Fucking Piledrive You If You Mention AI Again (Update)
Holy shit, what an amazing piece of literature! OK, maybe it’s not quite “literature” in the traditional sense. Still, this article had me rolling on the floor laughing at the outlandish and violently funny visualizations embedded alongside actually interesting commentary on the realities of the AI everything craze. Very rarely do I get all the way through something this long and think I didn’t waste my time. If you are interested in AI from a data scientist's view and still have a sense of humor, I highly recommend you check out this read. Here’s an amazing quote to whet your appetite:
With God as my witness, you grotesque simpleton, if you don't personally write machine learning systems and you open your mouth about AI one more time, I am going to mail you a brick and a piece of paper with a prompt injection telling you to bludgeon yourself in the face with it, then just sit back and wait for you to load it into ChatGPT because you probably can't read unassisted anymore.
Quick Hits and Hidden Gems
Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested (Krebs on Security) - (Rick pick) Good news, a 22-year-old Scotsman has been arrested. Bad news cut off one head, two more will take its place. Hail Hydra!
Biden to ban US sales of Kaspersky software over Russia ties (Reuters)
(Rick pick) Biden says “нет” to Kaspersky, customers have until September 29th, to move off.CDK Global hacked again while recovering from first cyberattack (Bleeping Computer) - Directly affected me. I was turned away from a dealership last week!
WTF is Cloud Detection and Response (CDR)? (Latio Tech) - James is brilliant. Check out this great work on CDR
ADR - The Future of Runtime (Latio Tech) - ADR is different yet the same. James hits it again... PS: I’ve seen what’s coming next, and it’s AMAZING!
What’s Changed in 50 Years of Computing: Part 3 (The Pragmatic Engineer) - If we don’t learn from our past, we are doomed to repeat it. Great read.
If you’ve made it this far, you either found our musings at least semi-entertaining, OR you enjoyed the pain and kept going regardless. No matter how you made it to this point, you should know that we appreciate you. Please do us a solid and share The Cyber Why with your friends. We would love to reach a bigger audience, and referrals are how we do it. Help us out, and we’ll see you next week!
Very cool to see your shout-out to Kim Zetter. She is great, and has been for years