When you buy a company, you just convert your money, this week in cyber

I guess we could not escape the big news this week, Elon Musk purchased twitter just before me ! (ah ah :) )

Now, I did read a lot of comments stating "well when you have so much money it's ok to spend and buy whatever you want", but is this really spending ?

During the pandemic, governments did print a lot of money, to try to compensate the economy slow down, and doing so, they lowered the value of money. Because when you print money, the quantity of goods is not changing. Therefore, you create the so called inflation.

But what's the relation with Elon Musk buying Twitter ? Well, the more cash you have (hi Apple ;) ), the more you lose when money lose value. You have a couple of options to save the value of your capital, including, transferring into a currency of a country not printing as much money, but it's quite tricky as money has to go out of reach and exposed to foreign governments, sometimes taxed, or you can invest in goods. But what goods ?

You, me, we can buy a house, a car (quite poor investment unless it's collection), a luxury watch, some land, and that's it, we converted cash into something that hopefully won't lose value as much as money. The more money is printed, the more money our goods are worth.

But, when you are Elon Musk, you are losing millions by the minute, each time inflation get worse by not even a percent. So what do you do when the projections are not good and you need to protect your capital ? Well, you need to invest in something that has potential, that is not about to collapse, that is aligned with your values, and ideally, gives you power.

Elon Musk been leveraging Twitter quite a lot and generated some crazy market storms, out of which he made some money, and in some case, he got blamed and had to comply or pay fees. Yet, trust him, the balance is not negative in the end.

To me this is a smart move, this is not about free speech, this is not about any low level crap (although he'll be able to share as many daddy jokes as he likes without any risk of being kicked out, and I'm good with that, amusing stuff), and because of its notoriety, there are big chances that Twitter will get a burst of users and power (therefore value...), you know, this is Elon, people follow him.

On my end, not sure if he's nice, or evil. But sure thing, the guy seems smart (I'm no one to judge, that's just my own take, .... yeah I know, I state the obvious).

So you got it, Elon didn't spend billions, he actually moved that money in another type of bank account, in a way.

The other big news of the week for me was the letter confirming my trademark registration of "connected=hacked" got accepted and registered :D

Ok, let's get back to cyber, sorry for the ones who weren't expecting this, I'm a thinker, and this case was quite fun to think about. This week key cyber events :

1 - New attributes are added to the security attributes of users - How Behavioral Biometrics can help you fight online banking fraud

2 - Connected cars are a big threat - Hacked vehicles are totaled vehicles. Would you drive a compromised vehicle?

3 - Let's not worry and continue to act with stupidity and connect EVERYTHING - It's Pretty Easy to Hack the Program That Runs Our Power Grids, It Turns Out

4 - So the power grid is vulnerable?- Why don't they take OT Digital and Cyber Security Posture Assessment to the Next Level - Vulnerabilities Management and Scoring

5 - Proper architecture, proper controls with the right implementation..... oh, but that means we need people who know what they do right ? 93% of Security Professionals Say Their Identity Breaches Could Have Been Prevented

6 - it's in the cloud, so it leaks - Critical Bug in Everscale Wallet Could've Let Attackers Steal Cryptocurrencies

7 - There is a great growing trend, aiming at restoring responsibility and accountability - New regulation from the SEC to require companies to report how cyber risk could affect them financially

8 - Do you have the proper managed extended detection and response where the SOC is backing you up ? North Korean State Actors Deploying Novel Malware to Spy on Journalists

9 - connected=hacked, also works in the cloud ! Researchers Report Critical RCE Vulnerability in Google's VirusTotal Platform

10 - I see a strong privacy issue here - The guys who hold all your work data and spy on your work performance, allies with the ones who watch all your expenses.....And together they want to decide who you are and if you are ! Mastercard Launches Next-Generation Identity Technology with Microsoft

11 - Time is critical and you need automated detection and response to react quick enough when payload detonates - Quantum ransomware seen deployed in rapid network attacks

12 - Remaining conscious of these top 10 risks and encouraging employees to take preventative measures is best practice for any organization - The Top 10 SaaS Data Access Risks

13 - Time for change, the cloud can no longer be excluded from CVE and vulnerability systems ! Firms Push for CVE-Like Cloud Bug System

14 - When was your latest vulnerability assessment ? Hackers exploit critical VMware RCE flaw to install backdoors

15 - This is a massive money machine, even if you catch some individuals, others will replace them - Gold Ulrick Hackers Still in Action Despite Massive Conti Ransomware Leak

16 - Buildtime security, and runtime security are 2 critical aspect if your K8 (kubernetes) container orchestration security - Principles for Kubernetes security and good hygiene

17 - You should know that if you want distributed cloud, it's up to you to make it ! Distributed Cloud: A Guide To Getting Started

18 - A nice coming event, the Austin Cyber show is bringing some great content and conference topics - Building a Security Team that Never Says No

19 - How about just no ?! The article raise excellent points, about the mess this is bringing, these invasive apps, having access to all our data, all our services, a huge single point of failure, like the cloud, once corrupted, will guarantee your identity is stolen so as all your assets - Rise of the “Super App”

20 - Under Active Exploitation?- Millions of Java Apps Remain Vulnerable to Log4Shell

21 - That's a very good move, although it doesn't tell you what Google itself collects - Google's New Safety Section Shows What Data Android Apps Collect About Users

22 - Linux patch time. Are you patching on a regular basis ? Nimbuspwn bugs allow attackers to gain root privileges on some Linux machines (CVE-2022-29799, CVE-2022-29800)

23 - It grows as fast as the cloud, on the cloud, hence the leaks too - Number of publicly exposed database instances hits new record

24 - it's like a broken record. No wonder why the cloud is poisoned ! NPM Bug Allowed Attackers to Distribute Malware as Legitimate Packages

25 - You own nothing, you control nothing in technology, unless you make the proper effort, such as learning to use GNU linux OS - Is your windows machine really yours ?

26 - Because criminals knows the cloud supports them well, especially through default settings allowing them to take over any tenant and use it for proxied attacks - How Cybercriminals Abuse Cloud Tunneling Services

27 - An interesting take is that the word "storage" has not yet been trashed by the clowd ! 4 Predictions for storage and backup security in 2022

28 - So you love the cloud right ! Here it is, some calling it a terrorist attacks, multiple fibers cut at different places in France simultaneously - Multiple fibers cut across France, impacting several cities - Cables connecting Paris to the cities of Lyon, Strasbourg, and Lille cut in several places

29 - Select highlights from Verizon’s recent Data Breach Investigations Report (DBIR) that may interest cloud security professionals – and suggested actions - Verizon’s Data Breach Report – Insights for Cloud Security Professionals

30 - A new variant of the chaos ransomware - Beware: Onyx ransomware destroys files instead of encrypting them

31 - Fully devops, CONTI group (Russian state department of cyber offensive in a way), is extremely active and innovative group - New Bumblebee malware takes over BazarLoader's ransomware delivery

32 - This tool will look for IoCs (indicator of compromise) and tell you if you are infected - EmoCheck now detects new 64-bit versions of Emotet malware

33 - Clowd strikes again ! Microsoft fixes ExtraReplica Azure bugs that exposed user databases

34 - As you just bought a company, and while the infrastructures are not yet connected, you want the whole new group of employees to be able to access to critical resources, such as time management, intranet, and other internal systems - Zero Trust for Mergers & Acquisition Scenarios

35 - Lockbit ransomware is extremely active lately - Online library app Onleihe faces issues after cyberattack on provider

36 - More regulations kick in as organizations yet don't take data protection and overall?#cybersecurity?seriously - India to require cybersecurity incident reporting within six hours

37 - This week was NAS (network attached storage) patch time - Critical vulnerabilities open Synology, QNAP NAS devices to attack

38 - There is an interesting take here, basically, how to compare apples with apples in organizations, especially in the context of merge and aquisition - How Important Is Objective Data In Compliance? Oh, It's Only THE Foundation.

And that's a wrap for this week ! Wishing you a great weekend ! I hope you enjoyed my take on this week, both on Titter/Elon and the 38 pick of the cyber field !

As usual, comments, shares and likes are welcome ! :D