Cyber Fail: When Ransomware Gangs Get CarelessAlso: Rampant App Vulnerabilities, Cloud Misconfiguration and Why CISOs Matter
Welcome to "Cyber Fail," where our experts uncover fails so we can all strengthen our defenses. Today, we examine what happens when ransomware groups get careless, application developers' laissez-faire attitude toward vulnerabilities, and the security woes of a beleaguered crypto exchange.
In this episode:
- When Ransomware Gangs Get Careless. Security researcher Brian Krebs recently poked around the 8Base ransomware group's data leak site and found an error page that yielded a wealth of information about the developer who built it. Here's what happens when cybercriminals are negligent.
- Hacking the Human Brain. News that the U.S. Food and Drug Administration approved a request from Elon Musk startup Neuralink for human testing of a neural link to the brain deserves a moment of introspection.
- Passwords? Who Needs Passwords? Investigators finally got to the bottom of how bad actors hacked into the DC Health Link insurance system and compromised the personal information of 56,000 Washington, D.C., residents - including members of Congress. Was it a convincing phishing email? Highly sophisticated malware? Of course not!
- App Security: What, Me Worry? Application testing and surveys show that developers routinely churn out applications that contain vulnerabilities, and more than half of developers give low priority to fixing security bugs. Is there any hope for the field of application development?
- CISO No-Show. Buried amid the scandal of FTX founder Sam Bankman Fried's ouster and subsequent conviction for fraud is a telling fact about the bankrupt crypto exchange: The company never got around to hiring a CISO to lead security. Big mistake, according to our experts.
- Cyber Fix. Hats off to the bug bashers at French company Synacktiv, which won an ethical hacking competition and managed to compromise a Tesla Model 3 in less than two minutes. The team literally drove away with the top prize.
Be sure to catch Anna Delaney, director of productions, ISMG, and our special guests for the next episode of "Cyber Fail."
- Chase Cunningham, Dr. Zero Trust, podcaster, security adviser
- Richard Bird, CSO, Traceable
- Quentyn Taylor, senior director, information security, EMEA, Canon
- Marcin Szczepanik, CISO, Essar Oil
- Joe Sullivan, CEO, Ukraine Friends, and former CISO
- Michelle Dennedy, co-founder and CEO, PrivacyCode.ai
- Thom Langford, director, (TL)2 Security