Robin’s Newsletter #275

24 September 2023. Volume 6, Issue 39
International Criminal Court breached by attackers. Cisco set to acquire Splunk in largest-ever acquisition. Agreement on UK-US data flows.
Join hundreds of subscribers who get this first, every Sunday. Subscribe

This week

International Criminal Court says attackers gained access to internal systems

Cisco is acquiring Splunk for $28 billion

Interesting stats

Cyber insurance claims data from Coalition (PDF): 12% increase in ransomware claims frequency,  36% of claimants paid ransoms “when reasonable and necessary”, with negotiations reducing the payment to, on average, 44% of the ransom demand. 2.33x likelihood of funds transfer fraud (FTF) or business email compromise (BEC) when using Microsoft 365 or on-premise Exchange, compared with Google Workspace.

Not security-related, but interesting… Telling AI tools to “take a deep breath and work on this problem step by step” improves their accuracy: 34% accuracy against GSM8K, a set of grade-school math problems, increasing to  80% accuracy when the same problems were prefixed with the phrase above, using Google’s PaLM2 model.

Other newsy bits

And finally

  • Donald Trump Jr.’s X (Twitter) account was compromised, according to a Trump spokesperson, having posted a series of tweets (X’s?) announcing the death of his father, that Trump Jr would be running for president, and that “North Korea is about to get smoked”. Hopefully, Trump Jr’s password is now something more secure than “maga2020!” (vol. 3, iss. 43).

  Robin's Newsletter - Volume 6

  “International Criminal Court (ICC)” “Cisco” “Splunk” “Cyber insurance” “Ransomware” “Funds Transfer Fraud (FTF)” “Business Email Compromise (BEC)” “UK-US Data Framework” “Data Transfer” “Data Protection” “Australia” “California Age-Appropriate Design Code Act (CAADCA)”