One of my least favorite things in cybersecurity is this almost obsessive need from marketing people to develop and push more and more terms and acronyms. It seems that every day we have a new one dropping, many of these are simply a rehash or an additive to an existing term. A good example of this is social engineering. This is typically defined as “The manipulation of people to share information or access systems that they shouldn't.” Yet we now have multiple terms which describe subsets of this larger item, like Phishing, Smishing, Vishing and even the terrible Quishing. Oddly enough, most of these new terms revolve around a protective product and/or service. As they say, therein lies the rub.

Although the news of the infamous ConnectWise flaw which allowed for the creation of admin accounts is a bit cold, it still is one that bears discussion and plays heavily into a broader conversation around proper security controls at the edge of the network. For those that might have been living under a rock for the last few months, let’s recap what the ConnectWise ScreenConnect flaw was.

There is (and always has been) a debate about the ethics and impact of the release of Proof-of-Concept Exploit for an identified vulnerability and Open-Source Tools related to red-teaming. The debate, well really it has devolved into an argument, is very complex, nuanced, and (in full honesty) has multiple contexts that can be applied to it. However, it has become exceptionally binary. We now have the “Pro” side and the “Anti” side… The fact that this is where the line in the sand is being drawn is, well it is almost ignorant.

In what could be called a fantastic move, global law enforcement agencies attacked and took down LockBit’s infrastructure. The day of the event was filled with much celebration on X (Twitter) LinkedIn, Facebook and elsewhere. The memes flowed freely and even the usual naysayers could not dampen the enthusiasm over this significant event. Especially since it all appears to have been due to an unpatched vulnerability in PHP 8.x.