RECOMMENDED: HACKING / CYBERSECURITY ARTICLES
- August 13, 2018
Welcome. This is a resource page with all recommended hacking articles/cybersecurity those in business nowadays should read. Every link shared here was personally read by PETERSON TEIXEIRA, hence the commentaries, the highlights and screenshots so you can know beforehand what you’re spending your time on before you click and read. Naturally, this resource page will be constantly updated and/or corrected to prevent any misleading information and to maintain a good, reliable list of top hacking/cybersecurity articles.
TARGET AUDIENCE: CEOs, Entrepreneurs
IMPORTANT: The majority of the articles here are recent, but you may find resources that date from 2013. Nonetheless, everything is extremely valuable if you intend to master the market. The goal is to provide all the greatest insights and information published online in these last years, “cybersecurity milestones” so to speak, so that you know everything there is to know from the Internet on Hacking and Cybersecurity in order to learn to identify threats, and also to protect your Business in our crazy online world.
Read all the other recommended sections:
- Recommended: Marketing Articles
- Recommended: Business Articles
- Recommended: Artificial Intelligence Articles
- Recommended: Secrets of The Market Articles
- Recommended: Market Facts
- Recommended: Market News
LAST UPDATE: This page was last updated in February 13, 2019
THE HACKING/CYBERSECURITY ARTICLES LIST
The list is decrescent, which means that the latest added article by PETERSON TEIXEIRA is the one on the top of the list. This doesn’t necessarily mean that the article’s publishing date is also recent because as said before, the objective is to collect all cybersecurity-related masterpieces from the whole Internet. Finding the needles in the haystack is the goal, not be the news.
The Links below are just so you can jump straight to the article, its highlights and comments.
- Read #46: Email Provider VFEmail suffers ‘Catastrophic’ Hack
- Read #45: Search Engine Land was mistankely removed from the Google Index
- Read #44: Defending Hospitals Against Life-Threatening Cyber Attacks
- Read #43: Hackers Are Holding The City of Atlanta Hostage
- Read #42: Stealthy, Destructive Malware Infects Half A Million Routers
- Read #41: Hacked Retail Robots Can Assault Customers With Porn And Demand Bitcoin
- Read #40: This Researcher Steals Data With Noise, Light, And Magnets
- Read #39: The Global Financial System Depends on GPS, And It’s Vulnerable to Attack
- Read #38: Dark Web: Where Your Entire Identity is For Sale
- Read #37: Cybercriminals Are Selling Victim’s Selfies on The Dark Web
- Read #36: Scientists Took Over A Computer by Encoding Malware in DNA
- Read #35: Trojan: Jack of All Trades
- Read #34: Browser-based Crypto Mining Makes Unexpected Return from The Dead
- Read #33: The 6 Ways Hackers Will Use Machine Learning to Launch Attacks
- Read #32: A New Wave of Bad Ads is Hijacking even Top-Tier Websites
- Read #31: If Browsers Are The New OS, Why Don’t They Have Security to Match?
- Read #30: Researchers Discover TWO Major Flaws in The World’s Computers
- Read #29: Hackers Ran Ad On Twitter That Pretended To Come From Twitter Itself
- Read #28: The Latest Hacking Tools
- Read #27: Snowden’s New App Turns Your Phone into a Home Security System
- Read #26: Secrets, Lies and Snowden’s Email: Why I Was Forced to Shut Down Lavabit
- Read #25: Privacy: Extracting Location Data from Digital Images
- Read #24: Hacker Can Steal Data from Air-Gapped Computers Using IR CCTV Cameras
- Read #23: ISPs May Be Helping Hackers to Infect you with FinFisher Spyware
- Read #22: Cybercriminal Investigations Report
- Read #21: Data Breach and Cyberattacks Report To C-levels and The Media
- Read #20: Dark Web Global Criminal Activity
- Read #19: Over 100 Snooping Tor Nodes Have Been Spying on Dark Web Sites
- Read #18: Equifax Breach, Affecting 45% of US Population, Raises Big Questions
- Read #17: The Great Big List of Cybersecurity Resources
- Read #16: Dragonfly: Western Energy Sector Targeted by Sophisticated Attack Group
- Read #15: Hackers Can Use Ultrasounds to Take Control of Alexa, Siri, Cortana, Others
- Read #14: Malvertising is Threatening You More Than You Think
- Read #13: New Facebook, Instagram Bugs Demonstrate Social Media Risk
- Read #12: Why You Need to Study Nation-State Attacks
- Read #11: Photographer Proves End of Privacy Is Here Through Random Photos
- Read #10: HackerApocalypse: Cybercrime Report
- Read #9: Anatomy of a Privacy Fail: When “Dark Data” Gives Away your Identity
- Read #8: The Big Data Picture: Just How Anonymous Are “Anonymous” Records?
- Read #7: Cisco Report Predicts NEW “Destruction of Service” Attacks Threats
- Read #6: Marine Cyber Warrior: Hackers are Transforming Modern Combat
- Read #5: The Ad-Tech Industry Must Finally Admit That Their Product (Ads) is Dangerous
- Read #4: FBI Highlights BEC, Tech Support Scams, Ransomware
- Read #3: How Business Is Fighting Back Against the Explosion in Cybercrime
- Read #2: Estonia’s Digital Policies are Ahead of Much of The Western World’s
- Read #1: Famed Hacker Kevin Mitnick Shows You How to Go Invisible Online
HEADLINE: Email Provider VFEmail suffers ‘Catastrophic’ Hack
PUBLISHER: Krebs on Security
COMMENT: This is the reality for online businesses today. Any business. If even email providers are getting hit by “search and destroy” type of attacks, then expect war. This news came to my attention thanks to Dark Reading and Ars Technica, but since Krebs on Security was the 1st source to report it, and because the content is very good, I’m recommending it. Nonetheless, there are 4 sources that covered this breaking news very well: ZDNET, Ars Technica, Dark Reading and Krebs himself. All versions are worth a read. For some perspective, here are some snippets: “Several security experts are viewing the attack as an example of the devastating consequences of not having a well thought-out strategy for secure data backup and recovery. ‘This raises questions of what disaster recovery strategy was in place and why data wasn’t backed up into cold storage, thus making it unavailable to attackers’… ‘Offline backups might not give a full restore to the exact date data was lost, but it would prevent the complete loss of all historical user data’. Many organizations have begun using offline backups to counter potential loss from ransomware, he noted.” — SOURCE: Dark Reading. Another interesting part by ZDNET: “It is rare that hackers take steps to wipe out an entire company’s data. Most attacks usually end up with hackers using compromised servers for other attacks (like running botnets or hosting malware), or with hackers asking for a ransom payment from hacked victims. The largest ransom demand ever paid known to date is by Nayana, a South Korean web hosting company which dished out $1 million in Bitcoin after hackers breached its network and ran the Linux-based Erebus ransomware that encrypted data on thousands of customer’ servers” — SOURCE: ZDNET. Finally, a good quote by the CEO himself that is worth your attention, thanks to Ars Technica: “The damage, Romero reported, extended to VFEmail’s ‘entire infrastructure’ including mail hosts, virtual machine hosts, and a SQL server cluster. The extent of the damage, he suggested, required the hacker to have multiple passwords. That’s the scary part.” — SOURCE: ARS TECHNICA – “Catastrophic” hack on email provider destroys almost two decades of data. There are many possible reasons for this hack, but I’ll list just 3 main ones that I believe are more likely to happen in today’s market reality: 1) Some email user had some nasty secrets about a company or government organization or individual and the hacker-for-hire deleted everything in order to prevent forensic people from easily finding out the real reason behind the hack; 2) Revenge from hackers because the CEO did not pay a ransomware in the past (as reported by Krebs); 3) Business competitors who decided to hire crackers to crush VFEmail’s infrastructure/data completely, thus preventing it from continuing to do business on the market as before. Conclusion: If you are an online business today, expect cyber attacks heading your way sooner or later. Because as soon as you start getting attention on the market, cyber attacks will also follow. Read all these sources. Everything is a must-read. Enjoy.
HEADLINE: Search Engine Land was mistankely removed from the Google Index
PUBLISHER: Search Engine Land
COMMENT: This seems like nothing much to talk about right? Wrong. This is actually a BIG WARNING to businesses — especially small ones — that have no cybersecurity defenses in place. If Google, who now owns over 90% of the Search Engine Market (Globally), decides to remove your company website from Search results just because you got hacked/defaced/whatever to protect Google users, then you got yourself a huge problem. Why? Because overnight, a good amount of your marketing efforts and your marketing budget can be completely crushed by a simple hack. If you put tons of money and time into marketing (which is very necessary nowadays!) and forget about your cyberdefenses, all this can be for nothing. Customers may end up searching your brand on Google only to get zero results. But not because you lack digital marketing strategy, or because you’re a sloppy company who forgot about SEO, but actually because you lack proper cybersecurity. Get it? Remember: everything is interconnected now. And don’t you go think this is just a small issue because companies are actually “hiring” A.I. software because there’s a worrying shortage of cybersecurity talent. Make sure to read this.
HEADLINE: Defending Hospitals Against Life-Threatening Cyber Attacks
PUBLISHER: The Conversation
COMMENT: A quick article and a must-read to understand how defenseless most hospitals are when it comes to protecting themselves against professional cyber attacks. Read this.
HEADLINE: Hackers Are Holding The City of Atlanta Hostage
COMMENT: When you start to have cities being made hostage of cyber attacks, it’s time to worry. What if instead of Atlanta it was the city of New York? Because take a look at how critical to the global economy that would be: “Most of the world’s financial transactions, for instance, transit five big cities; fully half flow through New York. Imagine the economic impact and unleashed global fears if hackers took down just part of Gotham’s financial or market operations for a few hours, perhaps even absconding with a few hundred million. Not long ago, suspected Iranian hackers entered Saudi Arabia’s national oil company and erased virtually all its electronic records. In 2016, North Korea electronically lifted $81 million from Bangladesh’s Central Bank account in New York.” – SOURCE: Miami Herald – Forget sanctions and red lines. Fight cyber attacks with cyber retaliation. Half of the world’s financial transactions go through New York. Half! If the target was New York the story would be very different for sure. And by the way, did you notice the headline of what I just linked? Look at what the journalist says near the end: “What if one wintry day the Kremlin’s power grid suddenly blew out? Or if Moscow’s air traffic control system failed as Putin prepared to travel?”. You see? That’s the “vibe” people and governments are beginning to show to the world, because everyone is tired of having to deal with stuff like this without shutting down for good the agents behind those evil deeds. And surely individual actors are “adding fuel to the fire” and nations ultimately are getting the blame. Hence why a war is the next scenario among today’s top nations. The warning signs are here already. The Energy Industry for instance, is totally worried about serious cyber attacks coming their way, but have no idea on how to respond: “more than one in four respondents were aware that their company had been hit by a damaging cyber attack in the last year, while more than three quarters of respondents (76%) were worried about cyber attacks interrupting their business operations, with a similar proportion (77%) preparing to increase the amount they invest in managing cyber risks. ‘While it is encouraging that three-quarters of respondents plan more investment in cyber risk management, it is worrying that over half questioned have yet to quantify their exposures’.” – SOURCE: Energy Firms Are Worried About Cyber Attacks, But Don’t Really Know What To Do. All these links are a good read if you want to understand how our society’s infrastructure is widely open to professional cyber attacks. More than you know.
HEADLINE: Stealthy, Destructive Malware Infects Half A Million Routers
COMMENT: Are you noticing how basically every piece of society’s infrastructure is easily attackable? As if the Global Positioning System (GPS) lack of security wasn’t enough, now we have routers all over the world getting compromised. Great way to start a war and gain a huge advantage over an enemy country before it even begins. Just read what the original article from Talos Intelligence (the security team) says about this malware: “Both the scale and the capability of this operation are concerning. Working with our partners, we estimate the number of infected devices to be at least 500,000 in at least 54 countries….the malware has a destructive capability that can render an infected device unusable, which can be triggered on individual victim machines or en masse, and has the potential of cutting off internet access for hundreds of thousands of victims worldwide. We assess with high confidence that this malware is used to create an expansive, hard-to-attribute infrastructure that can be used to serve multiple operational needs of the threat actor. Since the affected devices are legitimately owned by businesses or individuals, malicious activity conducted from infected devices could be mistakenly attributed to those who were actually victims of the actor. Finally, this malware could be used to conduct a large-scale destructive attack by using the “kill” command, which would render some or all of the physical devices unusable. Defending against this threat is extremely difficult due to the nature of the affected devices. The majority of them are connected directly to the internet, with no security devices or services between them and the potential attackers.” – SOURCE: Talos Intelligence – New VPNFilter malware targets at least 500K networking devices worldwide. This is a professional malware, maybe with war-like intentions behind it. Although the security team aren’t saying that these hackers are the same russians that attacked Ukraine’s power grids (read the article), there’s the possibility of it being a state-sponsored attack. Again, a possibility. Bloomberg reports this as well, but includes Putin’s words at the end: “‘Russian state-sponsored actors are using compromised routers to conduct spoofing ‘man-in-the-middle’ attacks to support espionage, extract intellectual property, maintain persistent access to victim networks and potentially lay a foundation for future offensive operations,’ according to a joint statement. ‘Multiple sources including private and public-sector cybersecurity research organizations and allies have reported this activity to the U.S. and U.K. governments’. The Kremlin has repeatedly denied using cyber weapons, but Putin last year did suggest that “patriotically minded hackers” could have been behind attacks against Russia’s rivals. The Pentagon has said Russian “trolling” activity increased 2,000 percent after the Syria strike.” – SOURCE: Bloomberg. The Feds are also blaming Russia as a nation for similar attacks, this time on Power grids: “Officials in Washington say that Russian hackers are in the midst of a widespread attack on crucial components of U.S. infrastructure, according to a Department of Homeland Security (DHS) report released Thursday. The targets of these attacks include the country’s electric grid, including its nuclear power system, as well as ‘commercial facilities, water, aviation, and critical manufacturing sectors’ the statement said. ‘In some cases, information posted to company websites, especially information that may appear to be innocuous, may contain operationally sensitive information’ the report reads. ‘As an example, the threat actors downloaded a small photo from a publicly accessible human resources page. The image, when expanded, was a high-resolution photo that displayed control systems equipment models and status information in the background.'” – SOURCE: Time. And even the United Kingdom is making joint statements with the United States and blaming Russia for this latest attack on routers. So what can you conclude? Simple: We’re entering in a war-like scenario and pieces are being moved on the board. That’s pretty obvious. Because such level of reinforcement by different governments that a nation is to blame, is a warning sign that retaliation is coming, and therefore that a war may be coming as a consequence. And you — the entrepreneur/businessman/civilian — better get ready for all this.
HEADLINE: Hacked Retail Robots Can Assault Customers With Porn, Demand Bitcoin
PUBLISHER: Motherboard (VICE)
COMMENT: As we dive into a more robot-centric society, businesses obviously rely on robots with their daily operations. If robots are down, the business simply stops and the economic damage begins to pile up pretty quickly. This is a serious issue because many companies are now betting on robots to guarantee a spot as real players in this new robot-driven economy. Some companies in european countries are using robots because they don’t have enough workers to hire. In China, they literally have a Robot workforce working around the clock in factories. They’re even serving food in restaurants now and checking what’s in/out of stock on Walmart’s shelves. Robots are everywhere. Therefore, if you have a workforce made by robots, you better prepare for this or you and your customers will be hostages to hackers.
HEADLINE: This Researcher Steals Data With Noise, Light, And Magnets
COMMENT: This is a must-read article, especially because of its videos. The 2nd and the 5th videos are unbelievable, to say the least. You’ll see the researcher using the LED light from the hard drive as a morse code communicator system, enabling him to extract important data while bypassing all software security measures. You’ll also see a magnetic keylogger capturing a user’s password perfectly. There are 5 videos showing 5 different hacks. Very impressive stuff. Make sure to read this.
HEADLINE: The Financial System Depends on GPS, And It’s Vulnerable to Attack
COMMENT: This is a very serious issue. A cyber attack on the Global Positioning System (GPS) can disrupt modern society and burn it to the ground within hours, and opposing governments like Russia, China and North Korea know that. Banks, ATMs, electrical grids…all is interconnected with GPS, although people have no idea. The whole BREXIT drama is also about that: “For civilians, the satellites will offer improved service. But for European governments, the satellites represent space power independent of the US, with the ability to provide situational awareness to their militaries themselves and deter jamming and other attempts to disrupt the signals from space. British officials say the idea threatens future security cooperation between the UK and the EU, and are now floating the idea of launching their own constellation, which would compete with GPS and Galileo, as well as Glonass, the Russian GPS system, and BeiDou, China’s navigation and timing satellite constellation.” – SOURCE: Quartz – Brexit is breaking up Europe’s €10 billion plan to launch a new constellation of satellites. Europe knows the major national security risks. So does enemies of democratic countries. Recently, China has been secretly testing anti-satellite weaponry without much alarm: “China launched a rocket into space, supposedly to release a ‘cloud of barium’ 10,000 km (6,213 miles) in the air to research the magnetosphere. But Brian Weeden, a space analyst at the Secure World Foundation, has rounded up a growing body of evidence to suggest the launch was in fact the test of rocket designed to launch a ‘kinetic kill vehicle’ to destroy enemy satellites.” – SOURCE: Quartz – China’s secret anti-satellite weapons should be on everyone’s radar. This is no joke, folks. There’s a lot at stake here. Make sure to read this to understand how modern society depends on GPS.
HEADLINE: Dark Web: Where Your Entire Identity is For Sale
PUBLISHER: Hack Read
COMMENT: Since today’s online systems and most websites are very weak when it comes to cybersecurity, stealing people’s personal data like address, zip codes, logins, passports, credit card information and more is not that much of a big deal anymore. The proof is in the article below: For just £820 you can buy an entire legitimate identity on the Dark Web. Easy peasy. Cheap, right? Well, supply and demand, my friend. Personal data is not that hard to get anymore. Hence why it’s cheap. So let me ask you something: What would it take for a hacker to impersonate you online? And which online accounts would he have to steal in order to take over your digital life? What if he already has your accounts? Remember: there’s a lot that can be done with someone’s identity online, financially, professionally and personally. What if a hacker buys several identities of employees of a company in order to target the executives of that company with a BEC attack? Endless possibilities. You can see how hackers work and think by watching this short video from Cisco: Ransomware – Anatomy of an Attack. No wonder hackers are after personal data nowadays.
HEADLINE: Cybercriminals Are Selling Victim’s Selfies on The Dark Web
PUBLISHER: The Next Web
COMMENT: I have a small piece of black duct tape blocking my notebook’s webcam and my iPhone’s front cam ever since I saw The Official Snowden movie. This was far more than enough for me to cover my cameras at the time, because no government should keep us under such invasive surveillance or have the opportunity to do so without a court order, regardless of the reasons. Currently, a lot of tech savvy professionals do it because the risks are 10x bigger nowadays. Even my mother followed suit after watching the movie and decided to block her cameras as well. The only downside is listening to dumb people mocking you. For example, there was one day my mother went to the mall to fix something on her smartphone and the employee at the store laughed at my mom because she had a duct tape on her phone. He said that having that glued on your phone was a bit of paranoia. Well, what that stupid employee didn’t know is that the NSA exploits were leaked on the web, and now hackers have access to the very same piece of code the NSA used to hack people’s phones. Therefore, professional, military-grade exploits capable of hacking what we all use are being used by ordinary hackers now. Huge problem. Tech Insider even made a quick video to talk about it. So if hackers can take pictures of your face to open bank accounts, it obviously becomes a bigger problem since they may also be using your identity to commit fraud (read the article). It’s not just about surveillance anymore, identity thefts are much easier now. So use a nice and pretty duct tape, ok? That’s an order.
HEADLINE: Scientists Took Over A Computer by Encoding Malware in DNA
PUBLISHER: The Atlantic
COMMENT: I was relaxing at the weekend and watching one of my favorite TV series — The Blacklist — and suddenly, in Season 5, Episode 15 at the 14:35 min – 15:26 mark I hear this: “Director of The FBI: ‘You’re telling me a human virus infected a computer network. How is that possible?!’. Aram (Technician): ‘Alright. Code is code. Ones and zeroes. What’s changed is that we can now manipulate the Human Genome to implant malicious code into it. When the infected DNA from the victims was analyzed and uploaded to the CDC’s network, the computer virus was uploaded with it’. Elizabeth: ‘So the purpose of the outbreak was to hijack the CDC’s server'”. I was like: “WAIT! WHAT?!”. Then after some digging around, I found plenty of evidence supporting this kind of hack. Human DNA being used as carriers for computer viruses in order to attack a computer system. Very impressive creativity, I must say. Genetic Programming is becoming something serious. No doubt about it. There’s already people reprogramming T human cells to seek and destroy cancer cells, in case you don’t know. Read The Atlantic’s article to see what can currently be done using malware in DNA. And remember: it’s just a matter of time before this escalates to a whole another level.
HEADLINE: Trojan: Jack of All Trades
PUBLISHER: Secure List
COMMENT: This is another must-read because it shows how ordinary people are now being targeted with very UNIQUE trojan by hackers. The multiple “features” this Android trojan has is quite impressive, especially its self-protection measures. Kaspersky did a very good job breaking it down piece by piece, module by module, so you can see the power behind this. From the article: “The only thing missing is user espionage, but the modular architecture of this Trojan means it’s possible to add this sort of functionality at any time”. There’s no doubt anymore that criminals are actually putting serious work into professionalizing all their ways to make money now. Businesses are about to bleed big money for neglecting security issues. We’re seeing professional-grade trojans (as APPs) which we have never seen before, new waves of bad ads targeting INDIVIDUAL devices, unprecedented security holes in top microprocessors, and a lack of similar OS security infrastructure in browsers lately. Maybe this whole scenario put together, will wake people up. Read this.
HEADLINE: Browser-based Crypto Mining Makes Unexpected Return from The Dead
COMMENT: A must-read if you want to be more aware of how this browser-based crypto mining trend actually started, and the solutions available (the links in the end) to protect yourself from malicious crypto mining activities.
HEADLINE: The 6 Ways Hackers Will Use Machine Learning to Launch Attacks
PUBLISHER: CSO Online
COMMENT: Expect a very unbalanced game in the cybersecurity space, where there are many more “mouses” far more prepared than cats. They have bigger rewards in sight (strong motivation) and the same professional-grade tools than the good guys. Sometimes better. But their goal is to attack businesses. The market has serious issues with lack of cybersecurity education and lack of cybersecurity talent. There aren’t much people available (and competent) to protect your house. If before was hard to keep your business secure, now with weaponized AI, it will be harder. We’re relying on entrepreneurs now to bring “balance to the force” and save the day.
HEADLINE: A New Wave of Bad Ads is Hijacking even Top-Tier Websites
PUBLISHER: Fast Company
COMMENT: Pay close attention to the last highlight. And read the article. You’ll see why this is not going away anytime soon.
HEADLINE: If Browsers Are The New OS, Why Don’t They Have Security to Match?
COMMENT: Thanks to highly respected hacking contests like Pwn2Own, browser security is improving but not even close if we’re to compare OS security with it. And since browsers are something we use all the time and which have now full access to OS-controlled devices like microphones or webcams, major security breaches can come from your favorite browser. Companies may have great security protection in place regarding all other systems, but if your employees’ browsers are a possible backdoor then there’s something to worry about. Not too long ago, a Korean researcher named Jung Hoon Lee earned $110,000 in just two minutes by using nearly 2000 lines of code to take down both stable and beta versions of Google Chrome. And while you can say that in the latest edition of the Pwn2Own contest Chrome was only “partially hacked”, remember that hackers in the contest always tend to put attention into bigger point-making opportunities. Humans make effort based on rewards. So before assuming your company is completely secure, remember that you have a browser partially behaving like an OS without the same security structure. Also, never forget the truth about the Tech Industry.
HEADLINE: Researchers Discover TWO Major Flaws in The World’s Computers
PUBLISHER: The New York Times
COMMENT: Well, funny how things start to get repetitive after a while. Did you read the comment I wrote on Cybersecurity Article #29? Read it. It will save you time understanding my core argument about why huge security holes like these will always persist. But make sure to check out in the article below the marvelous atomic bomb these two flaws are to EVERYBODY who owns a computer. And the beautiful hacking experiences we’re all about to live, now that this was revealed to the whole market. Are you doubting the seriousness of this issue? These two vulnerabilities (Spectre and Meltdown) are so huge that they already got their own website and a nice Wikipedia entry: Spectre (security_vulnerability) / Meltdown (security_vulnerability). Very very impressive. Bravo.
HEADLINE: Hackers Ran Ad On Twitter That Pretended To Come From Twitter Itself
COMMENT: This is a good example of how even “mature” social networks are vulnerable to hacking activity, and why they don’t care much (see the 3rd highlight). Part of the reason why this happens is because MANY startups choose to develop a product and launch it to the market to make money as fast as possible. Investors happy and fast growth is all most entrepreneurs care about. Security? Not so much. That’s how almost all tech startups work. Actually, that’s how the Tech Industry works. People don’t remember this, but Hackers WARNED the government that the whole Internet, was insecure (back in 1998): “Your computers, they told the panel of senators in May 1998, are not safe — not the software, not the hardware, not the networks that link them together. The companies that build these things don’t care, the hackers continued, and they have no reason to care because failure costs them nothing. And the federal government has neither the skill nor the will to do anything about it.”. The other point is the lack of cybersecurity talent in the market. The skill set required to protect a serious online business today is no joke. Plus, good hackers (white hats) are not even close to being well-compensated financially in comparison to their criminal rivals (black hats). Cybersecurity folks need to protect and maintain ALL fronts (a lot more work) while black hats just need one single exploitable flaw to get in, do some damage, make some serious money and get out. That’s why you’ll always see many articles like this one below if you monitor cybersecurity news.
HEADLINE: The Latest Hacking Tools
COMMENT: This is something that is worth knowing if you want to see what some hackers may be using to penetrate and bypass security systems. Check out this hacking arsenal and see what you’re up against when protecting your business. It’s very rare to find good technical resources on this matter on the web, so enjoy. You’re welcome.
HEADLINE: Snowden’s New App Turns Your Phone into A Home Security System
COMMENT: Read this to see how Snowden is once again helping society with his skills and expertise. GENIUS App indeed. Check out the article and the Android app yourself, with all its advanced functionalities made to physically protect you from hackers and criminals. Nice move, Snowden.
HEADLINE: Privacy: Extracting Location Data from Digital Images
PUBLISHER: The Guardian
COMMENT: Read this absurd. Read this. If you don’t yet know the whole story about Lavabit, the encrypted email provider that Snowden himself used to use and recommend, then you must check this out. This is cold hard proof of how governments are actively spying on citizens, making alliances with big businesses in order to violate people’s privacy with the “a matter of national security” excuse. Check all videos in the Lavabit Media mentions section and see what the founder went through in real life because of the FBI. Forbes used the right headline: ‘If You Knew What I Know About Email, You Might Not Use It’. Exactly. You wouldn’t.
HEADLINE: Privacy: Extracting Location Data from Digital Images
PUBLISHER: Exposing The Invisible
COMMENT: Whenever you’re about to post some image online that was taken with your personal camera or smartphone, remember how hackers can explore your image’s metadata to discover private information about you. If you didn’t know about this, then read it. It’s a must. Then, test your personal images like the ones you took with your smartphone on tools like ReadExifData and ImageForensic. You’ll think twice before posting a picture online. And if you still need more motivation, here: What it looks like when the NSA Hacks into your Gmail and Facebook.
HEADLINE: Hackers Can Steal Data from Air-Gapped Computers Using IR CCTV Cams
PUBLISHER: The Hacker News
COMMENT: When you think you saw everything there is to see in hacking, once again you find yourself extremely surprised. This is something I would only expect to see in the Scorpion Series, which makes this even more impressive. Make sure to check both videos in this article.
HEADLINE: ISPs May Be Helping Hackers to Infect you with FinFisher Spyware
PUBLISHER: The Hacker News
COMMENT: You need to read this. This is why I constantly say there’s nothing 100% secure and that you cannot trust 3rd parties. There’s always something out of your control, whether you like it or not.
HEADLINE: Cybercriminal Investigations Report
PUBLISHER: Cybersecurity Ventures
COMMENT: One more time: Just like Cybersecurity Article #10 and Cybersecurity Article #20 and Cybersecurity Article #21 this joins the must-read collection. A horde of precious links so you can know what’s really happening to businesses, people and hackers all over the world when the subject is cybersecurity. See who is getting arrested, and how companies are getting punched in the face. Fun stuff. Enjoy your links my friend.
HEADLINE: Data Breach and Cyberattacks Report To C-levels and The Media
PUBLISHER: Cybersecurity Ventures
COMMENT: I know, repetitive right? But there’s no other way to say this. Just like Cybersecurity Article #10 and Cybersecurity Article #20, this is another must-read. This article also goes back up until January 3rd. Enjoy all the links.
HEADLINE: Dark Web Global Criminal Activity
PUBLISHER: Cybersecurity Ventures
COMMENT: Just like Cybersecurity Article #10, this is ANOTHER must-read and unique resource because of the vast number of high-quality links. This article proves that cybercrime is a present reality in our society, with many criminals moving under our noses through the Dark Web on a daily basis. Here you’ll see a lot of the dirt happening behind the scenes in the online space that mainstream media doesn’t talk about much. Very rare resource (it goes up until January 3rd). Enjoy.
HEADLINE: Over 100 Snooping Tor Nodes Have Been Spying on Dark Web Sites
PUBLISHER: Motherboard (VICE)
COMMENT: If you think you’re secure just because you are browsing the Dark Web using Tor, then think again. Law enforcement and hackers are setting up onion honeyspots to investigate and uncover what Dark Web URLs people are visiting. Be careful. Karlstad University in Sweden partnered with SBA Research in Austria to publish a paper explaining the secrets discovered on this. Read it.
HEADLINE: Equifax Breach, Affecting 45% of US Population, Raises Big Questions
PUBLISHER: Infosecurity Magazine
COMMENT: I’m just going to quote one powerful paragraph in this article: “The size of the breach, quality and quantity of personal information, and far-reaching impact make it unprecedented,” she told Infosecurity. “Imagine if one out of every two people walking down the street dropped their credit card, along with a sticky note on the back with all their personal information needed to access that card. Now imagine that happening in every city across the county.”. This proves the dangers of having your own personal data in the hands of third-parties. The U.S. took a huge hit with this, because there are only 125 million households in the U.S. and the financial data of 143 million consumers was leaked. The irony about all this? It was The New York Times who made a very good job answering people in a massive article about how to protect yourself after the breach, not Equifax.
HEADLINE: The Great Big List of Cybersecurity Resources
PUBLISHER: CSO Online
COMMENT: A very I.M.P.R.E.S.S.I.V.E Cybersecurity Resource list. Seriously. Just check these links in this article and you’ll see what I’m talking about. And check PETERSON TEIXEIRA’s resource page too if links that allow you to master business and marketing on an international scale is what you want. Remember: If you know all the best business-related links on the Internet, you have a huge advantage over your competition. There’s precious information in the haystack, you just have to find them. You’re welcome.
HEADLINE: Western Energy Sector Targeted by Sophisticated Attack Group
COMMENT: This subject is no joke. Since we entered the Era of connectivity and information, almost everything in society relies on power grids and internet to function. Almost everything. This is why in the genius Live Free or Die Hard (Die Hard 4) movie with Bruce Willis, hackers do a “Fire Sale”, where they attack all USA’s infrastructure using just cyber attacks in 3 stages: 1) Shut down all transportation systems, such as traffic lights, railroad lines, subway system and airport systems; 2)Disable the financial systems; including Wall Street, banks and financial records; 3) Turn off public utility systems, such as electricity, gas lines, telecommunications and satellite systems. If the whole infrastructure is down, businesses, stores and banks are useless. This is a possible real-life scenario, hence the warning by Symantec. Bad, skilled hackers are aiming exactly at what we all need the most: our infrastructure. Conclusion: even if everything is going good, like stocks, the market and your revenue streams, it just takes a few cyber attacks to impact your country’s cybernetic defenses and ultimately, your business. So although you may be effective in protecting your business from hackers, if the whole infrastructure of your country falls, you’re done. Sadly, your business depends on 3rd parties. Just keep that in mind.
HEADLINE: Hackers Can Use Ultrasounds to Take Control of Alexa, Siri, Cortana
PUBLISHER: Bleeping Computer
COMMENT: Nothing is 100% secure. Nothing. Check it out what these chinese security experts did with Alexa, Siri, Google now and other famous voice assistants using just ultrasound waves to hack the systems. Just watch the 42-second video. This was published in a paper by the Zhejiang University security experts.
HEADLINE: Malvertising is Threatening You More Than You Think
COMMENT: A quick must-read. Read this. Especially because of the infographic with malvertising data at the end of this article. A few important warnings that many in the ad industry are ignoring. Enjoy.
HEADLINE: New Facebook, Instagram Bugs Demonstrate Social Media Risk
PUBLISHER: Dark Reading
COMMENT: An article like this one involving temporary states isn’t what usually gets in this list, but this is just to prove that attackers are exploiting social media websites and apps to hack into business accounts, to do more damage later. People rely too much on social and forget the costly risks. The Dow Jones industrial average dropped almost 1% just because of fake tweets posted by hackers to the Twitter account of The Associated Press. Just like lack of proper security, bugs in social platforms can also give opportunities to hackers to do massive damage to a business. I think is time to ask yourself: How often Are Social Media Accounts Hacked?. Because depending on the brand’s size and reputation, consequences are huge and may involve lawsuits, brand reputation management etc. Evaluate all risks. Because third-party companies like Facebook and Instagram can suffer a hack and you also get hit in the face. Don’t forget that hackers can impersonate you on the phone once in possession of your personal data which usually gives them access (or semi-access) to additional accounts. Therefore, always consider all scenarios in business. Always. For every platform that has your data, there’s a business risk involved.
HEADLINE: Why You Need to Study Nation-State Attacks
PUBLISHER: Dark Reading
COMMENT: All top hackers are usually pioneers or very creative when attacking their targets, which is what allows them to make all big accomplishments that you see in the news. Therefore, nation-wide attacks reveal to the hacking community all moves made by true experts, where unique techniques are used to bypass cyber defenses and invade highly protected systems. So what’s the problem for companies? The problem is that when an attack gets the news, it validates some new hacking techniques for the less skilled hackers and to script kiddies as well, giving them the “How-Tos” and Guidelines to breach businesses and organizations of smaller size. Obviously. Hence the reason for businessmen, entrepreneurs, and cybersecurity experts to study nation-wide cyber attacks. Because many of the attacks coming for your business, are nation-wide attacks replicated on a smaller scale.
HEADLINE: Photographer Proves End of Privacy Is Here Through Random Photos
PUBLISHER: Anonymous News
COMMENT: GENIUS experiment. Just read this!
HEADLINE: HackerApocalypse: Cybercrime Report
PUBLISHER: Cybersecurity Ventures
COMMENT: This is a very UNIQUE resource if you want to know more about cybercrime and cybersecurity data. Not because the article itself is extremely smart, but instead because of the HUGE number of precious links to many other expert and news resources. A feast for consulting companies and those who want to understand cybersecurity from a global perspective, backed by data. Another must-read. Enjoy.
HEADLINE: Anatomy of a Privacy Fail: When “Dark Data” Gives Away your Identity
PUBLISHER: Naked Security
COMMENT: Another must-read. Naked Security demonstrated some very powerful ways to deconstruct anonymized data to turn it into personal data, with some techniques being quite simple that almost anyone with basic internet knowledge can replicate. There are some great revelations in here. And if you read Cybersecurity Article #8 and its comment, you’ll enjoy reading this for sure. This article is probably even better than Article #8 because of the technical demonstrations.
HEADLINE: The Big Data Picture: Just How Anonymous Are “Anonymous” Records?
PUBLISHER: Naked Security
COMMENT: READ THIS! This is a must-read for anyone who trusts in third-party entities keeping their “anonymous data” because it shows how anonymous data is not actually anonymous at all, once you know how to deconstruct what you have at hand. What the researchers did with credit card metadata is impressive, to say the least. You’ll see how they uncover a person’s buying activity by cross-referencing different data sources. Another practical example is Bitcoin usage for shopping. Cybersecurity researchers proved that web merchants routinely leak data when Bitcoin purchases are made (like name and email), allowing bitcoin holders to be identified through these leaks. These two points are just a few facts that prove that data deanonymization is more real and doable than people think. Remember that every time you provide “anonymous data” to “secure” parties.
HEADLINE: Cisco Report Predicts NEW “Destruction of Service” Attacks Threats
PUBLISHER: Market Wired
COMMENT: Security experts are almost sure that the Petya attack was made with a cyber-espionage purpose targeting Ukraine. The argument to support that conclusion is that Petya doesn’t allow you to retrieve your data even if you choose to pay the hackers. The emails of the criminals responsible went offline, making any payments impossible. Therefore, makes sense that the goal of this “ransomware” was only one: To destroy. Because of this argument, that does qualify as a “destruction of service” attack. The Guardian also published an article talking about how Petya was NOT designed to make money. So what can we all conclude from this? Probably this: A) Script kiddies bought malicious code on the Dark Web and were testing its destructive power to have some fun; B) This was professional hackers testing the efficiency of the code for further use in cyber wars, or to use against businesses, organizations, power grids etc. The latter is more likely to be the truth, so you better get your cyber defenses ready because businesses may see the 1st War that also targets companies, to deteriorate a nation’s economy from within.
HEADLINE: Marine Cyber Warrior: Hackers are Transforming Modern Combat
PUBLISHER: Business Insider
COMMENT: Interesting read about how hackers and cyber attacks are disrupting even modern warfare. Check out all 5 areas.
HEADLINE: The Ad-Tech Industry Must Finally Admit That Ads is Dangerous
PUBLISHER: Jeremiah Grossman
COMMENT: Jeremiah Grossman is a well-known security expert, founder of one of America’s most promising white-hat security companies (Forbes) and a speaker at BlackHat USA events. As you’re about to see, he revealed some interesting facts about the ad-tech industry. It seems that those in cybersecurity, will opt for Adblocker software over anti-malware in order to protect their computers from threats. That’s rather worrisome. Marketing folks now have additional pressure against their work because users will have another reason to block ads other than blocking retargeting. Make sure to check his short article. And if you’re also into fighting, you can check his jiu-jitsu fight against UFC fighter Nate Diaz as well.
HEADLINE: FBI Highlights BEC, Tech Support Scams, Ransomware
PUBLISHER: Dark Reading
COMMENT: By reading this resource you’ll see how attackers are getting creative, especially through BEC attacks. As always, the weakest link in the security chain is the human. Therefore, if business people fail to notice what the “dark side” has been doing to steal some chips from the good side, then they deserve what’s coming their way.
HEADLINE: How Business Is Fighting Back Against the Explosion in Cybercrime
COMMENT: Hacking and Cyberwarfare are two problems coming to haunt the business world where most victims are completely clueless and unprotected from cyber criminals. That’s the ideal scenario for those who want an easy criminal life. If you check the absurd numbers below, they’re in the house of BILLIONS. Just to give you an idea of the proportions of cybercrime profitability, Elon Musk’s SpaceX company is currently valued at a little more than 20 billion dollars. A few Russian Hackers made 5 million a day by simply faking 300M video views. Do that for a few months in a row and you got a “revenue” close to a real, top of the world company. Hackers know that. Also, things are getting a lot easier for those who want to hack. Hackers recreated NSA snooping Kit using off-the-shelf parts. You see that Rogue governments are also using off-the-shelf hardware/software, hackers-for-hire, and attacks against major enterprises and governments are just tens of thousands of dollars. Seems a lot to pay for a hack? Not if the prize is a billion dollar company. I see may entrepreneurs and businessmen ignoring this today, but the fact is that there’s real danger to businesses right now. Real danger. You can lose a whole company in a hack. Almost anyone with bad intent today can simply buy things like ransomware-as-a-service on the Dark Web and unleash mayhem upon companies, and that’s just one attack type you can buy. You can hire DDoS-as-a-service too if you want. Pick your hack and enjoy yourself. Therefore, you better be prepared for what’s coming because with a huge financial crisis coming our way, everybody will start looking for “easy money”. And with the right, professional-grade hacking tools, cybercrime is just that. Easy money.
HEADLINE: Estonia’s Digital Policies are Ahead of Much of The Western World’s
COMMENT: Impressive. Estonia evolved really fast in cybersecurity, data policies and government transparency. All this progress was forced upon them as a direct consequence of communism and a cyber warfare. The end result: Citizens aren’t afraid of new cyberwars happening in their country anymore, because they’re prepared. A lesson to countries that ignore the true dangers of online attacks.
HEADLINE: Famed Hacker Kevin Mitnick Shows You How to Go Invisible Online
COMMENT: A MUST-READ. Kevin Mitnick explains step-by-step how to actually go invisible online, linking some points of the process to the Snowden saga to make you understand things better. It reveals what pieces of information some websites and the government are extracting from a normal internet user to then show you what actual technical actions need to be taken in order to become truly invisible online. Read this. Great article.