2022 recap, and 400 million twitter users' information for grabs.

Hi and welcome to another Security weekly. Where we laugh, we cry and share the latest and greatest in security and tech news.

Did you know? Grapes light on fire in the microwave? So instead of saying "that's fire", say "that's grapes in a microwave".

Don't try this at home, children.

In this week's edition:

🎇 2022 is almost over, did we learn anything?💤 400m twitter account up for grabs🔥 the quick and dirty

Reading time: 03:18

2022 is almost over, did we learn anything?

2022 was a very tumultuous year. Lot of enterprise companies being hacked. We saw a general increase in attacks;

Source

And sadly Education remains the number one most targeted sector

For me, personally, I lost faith in some companies which I really had my hopes on at the start of the year.I saw a trend in how poorly enterprises are in handling breaches, more so giving out details about what happened and what people could do to safeguard their data : Twitter, LastPass, Microsoft, Uber, ... But as my mum used to tell me: "Don't idolize any company, for they will abandon you one day".

Yes, I had a really dark childhood.

Either way, the point she was making is that you shouldn't idolize a company because they're not people. And it's not because they make one error, you should give up on their entire set of tools and software.Of course, morals and values are important here. That's what make the difference between good guys and bad guys, but you can't treat them like people.

Take the Microsoft Bluebleed case for example. I was so bummed out about how they handled that one. It even made me questions their security products.But it shouldn't have. Microsoft really invests a lot in their security suite, and it's still a very good product. It's just their PR that's terrible.

Another thing I noticed is that small and medium sized businesses really did get the message. Everybody knows about security, and most of them are willing to invest.

Patch and update management still is a weak spot for a lot of companies though. If you see how many Citrix environments are still vulnerable to exploits which are already patched. Or how many Exchange servers remain untreated for the ProxyNotShell from last year.Alarming numbers.

But I get it.. things take time and cost a lot of money. Security isn't something most business see a direct return for, until it's too late.Every cent spent in (the right) security measures, is a cent you can recover when you do eventually get hacked.And never think "if" you get hacked, but rather "when" and what the consequences might be.

 All in all, there's still a long way to go but..

Get it? Baby steps? Hehe.

400m Twitter accounts up for grabs

I'm getting tired on writing about Twitter. I could really make this a daily newsletter if I wanted to and just write about Twitter all.. day.. long..But as I said last time, I won't. And Twitter isn't that big in Europe anyhow.

Alas, this news I could not ignore.On December 23rd, a hacker who goes by the name of Ryushi, claimed to have access to the PII (Personal Identifiable Information) of 400m+ Twitter users.

That's a lot..Earlier this year Twitter had the same kind of story, but then with 5,3m users.To give you an example of how big that difference is:

5 million seconds is around 57 days.400 million seconds is around 12 years.

The hacker also knows how big that difference is, given the threat he made to persuade the Twitter top-dog, Elon Musk, to pay him for exclusive data rights."Your best option to avoid paying $276 million USD in GDPR breach fines like facebook did (due to 533m users being scraped) is to buy this data exclusively."Facebook had a similar-size leak and had to pay €276 million to the EU. An amount that would hurt Twitter a-lot.Certainly given the uproar Twitter has been in for the last couple of weeks, this is something that will have a major impact on the company.

The quick and dirty

• Albanian IT staff charged with negligence over cyberattack - That's one way to make sure nobody will want to work for you

• CVE-2022-27510, CVE-2022-27518 – Measuring Citrix ADC & Gateway version adoption on the Internet - Fox-IT with a very good technical explanation about how they find vulnerabilities 'in the wild'. The Citrix exploit being the use case this time.

• What’s in a PR statement: LastPass breach explained - everything that's wrong with LastPass' PR statement following the breach. Great article.

• Meme of the week

Security like I'm five

Don't have time for hours of research? Don't have 20 years of experience in security? Me neither, but I gotchu fam.In Security like I'm five I cover a range of security topics. I do all the hard work, and explain it to you in a practical matter. Lot's of meme's too. Good stuff, good stuff.This and Security weekly conveniently delivered to your mailbox a couple of times a week, for free.Pretty sweet deal if you ask me.

So sign up for the newsletter and be enlightened! (don't set the bar too high tho)