Things move fast in cybersecurity, and it’s always worth investing time to stay up-to-date on the state of the field. Once again, I’ve gathered 13 articles all about cybersecurity news and insights to provide some food for thought.
Is anyone else terrified by the possibilities that deepfakes create? In this article, Daniel Miessler discusses two ways that deepfakes can be used. Particularly interesting is how effective they can be even when a viewer later realizes the were fake.
In this article, Cliff Saran discussed the gap between the role of IT operations and the role of IT security. This causes conflicts, poor communications, and a lack of integration, resulting in poor security hygiene within the department that should understand it best.
This is an interesting piece by Ionut Ilascu that explains how compromised GoDaddy accounts were used in a large phishing scam. Victims were tricked into buying a subscription that renewed automatically, then went unnoticed.
Are you ready to delve into a pit of insanity? In this article, Troy Hunt discusses the problems with tech that tracks kids, then investigates one of these products for himself. The security oversights involved with the TicTocTrack watch are something else.
If only real-life pieces of furniture were as caring as those we see in Beauty and the Beast. Chris Hook discusses the widespread use of IoT technology and how easy it is to hack, leading to some terrifying situations.
This chilling passage from explains it all: “On a recent Monday night, a dozen marketing companies, research firms and other personal data guzzlers got reports from my iPhone. At 11:43 p.m., a company called Amplitude learned my phone number, email and exact location. At 3:58 a.m., another called Appboy got a digital fingerprint of my phone. At 6:25 a.m., a tracker called Demdex received a way to identify my phone and sent back a list of other trackers to pair up with.”
As RJ Sangosti points out in this article, weak voting systems in the US have already caused massive problems. Although there’s been progress on improving them, we’re approaching a new presidential election with some risks remaining.
An illuminating piece by Maciej Ceglowski that discusses the current state of privacy and some absurdities that go along with it. He talks about the loss of what he calls “ambient privacy,” and hits upon what we need to do—as well as who we need to stop listening to—to change the world back.
9. Dallas Hammer and Jason Zuckerman—Effective Cybersecurity and Data Protection Legislation Should Protect Whistleblowers
In this article, Dallas Hammer and Jason Zuckerman warn that silencing cybersecurity whistleblowers has serious consequences, yet the existing protections have gaps that whistleblowers often fall through. They go on to suggest improvements to infosec legislation that would solve this problem.
After meeting someone whose employer fired employees for repeatedly falling for phishing emails, Brian Krebs spoke with some phishing experts to get their thoughts on this approach.
Robert Heaton offers an interesting account of a recent phishing email that he fell for, though thankfully avoided the consequences. He also argues that security has to be balanced with pragmatism, which I believe is a good mindset for all of us to have.
“On Capitol Hill Thursday, NOAA’s acting chief, Neil Jacobs, said that interference from 5G wireless phones could reduce the accuracy of forecasts by 30 percent. That’s equivalent, he said, to the quality of weather predictions four decades ago.” In this article, Eric Niiler discusses this alarming situation, and how NOAA and the FCC are trying to reach a compromise.
In case it wasn’t obvious yet, wireless companies sell your location data and this is bad. Geoffrey Starks calls for federal action after a year of inaction.