Preparation for ransomware often calls to mind a rehearsal of sorts: Execs gathering in a room to deal with the theoretical scenario of an adversary encrypting all their data.

Ransomware prep, however, doesn’t always involve war games in the conference room. There are free tools that offer quick reality-checks on a company’s detection capabilities.

Between a rock and a ransom. In the lore of Star Trek, leaders must face a “Kobayashi Maru” test—a simulation that’s pretty much unbeatable. The no-win situation poses a tough call: rescue a starship under attack or abandon it.

The dilemma is meant to show how one acts in a crisis. That’s how Greg Kras, CPO and chief cloud officer at the security-awareness platform provider KnowBe4, sees the company’s free ransom simulator, known as RanSim. “You’re not going to get an A+,” he said.

Read more here.—BH

Do you work in IT or have information about your IT department you want to share? Email [email protected].

Tech leaders are feeling the pinch. They’re dealing with uncertainty around generative AI, cybersecurity threats, automation—the kind of challenges that weigh on ya.

That’s where Splunk can help. Their newsletter shares insights that keep you informed on how security, IT, and engineering decision-makers are thinking about the industry’s top topics.

Wondering how chief information security officers (CISOs) are (and aren’t) using generative AI? Or what lessons technical leaders can learn from Formula 1 pit crews? Splunk has you covered.

As the experts in unified security and observability, Splunk connects with tech leaders all the time, and their content is specifically curated for C-suite technical execs (think: CISOs, CTOs, and CIOs).

Stay informed with Splunk.

Nearly 180,000 SonicWall firewalls remain vulnerable to an exploit first discovered in April 2022, despite the availability of a patch to manage the issue.

Bishop Fox researchers wrote in a recent blog post that of over 234,000 SonicWall series 6 and 7 firewalls with management interfaces improperly exposed to the public internet, over 178,000 remained affected against two unauthenticated denial-of-service (DOS) vulnerabilities.

The two issues, CVE-2022-22274 and CVE-2023-0656, were discovered in March 2022 and April 2023 respectively. However, the security firm wrote that they are “fundamentally the same but exploitable at different HTTP URI paths” due to reuse of code, could potentially allow attackers to crash the devices or remotely execute code.

Bishop Fox Senior Security Engineer Jon Williams told IT Brew the devices in question are usually deployed to protect the perimeter of enterprises.

Read more here.—TM

Do you work in IT or have information about your IT department you want to share? Email [email protected]. Want to go encrypted? Ask Tom for his Signal.

It’s a bad day when anyone gets hacked. But it’s an even worse day when it’s a federal agency of the United States of America.

The Securities and Exchange Commission’s (SEC) account was compromised on X, formerly known as Twitter, on Jan. 9, with the hackers writing that exchange-traded funds had been approved. The SEC did announce the approval of 11 tradable spot bitcoin exchange-traded funds (ETFs) a day later, but the damage had already been done. As of Friday, Bitcoin had dropped around 6%, with trades at nearly $44,000.

“I would say I did see this coming,” Rachel Tobac, a self-identified “friendly hacker” said of the SEC hack. “Unfortunately, there’s a lot of reasons why these types of attacks happen…We see account takeovers happen all the time, especially in the crypto space on Twitter.”

IT Brew caught up with Tobac—the co-founder and CEO of SocialProof Security in San Francisco, California—to chat about the hack and to further dive into a few ways users can prevent account takeover on X.

Keep reading here.—AF

Do you work in IT or have information about your IT department you want to share? Email [email protected].

Today’s top IT reads.

Stat: 78%. That’s the rise over the previous year in reported US data compromises in 2023. (CIO Dive)

Quote: “OpenAI aligns our practices with industry standards, and since 2022 that includes not publicly distributing additional internal documents.”—OpenAI spokesperson Niko Felix on the company’s reversal on publicly releasing certain documents (ArsTechnica)

Read: The cyberwar between Israel and Iran is heating up, due in part to the efforts of an Israel-linked group, Predatory Sparrow. (WIRED)

Racing lessons: Would you tell your team to act more like a pit crew? You might after reading Splunk’s piece about what technical leaders can learn from these high-octane teams. Check it out.*

^{*A message from our sponsor.}