Things move fast in cybersecurity, and it’s always worth investing time to stay up-to-date on the state of the field. Once again, I’ve gathered 13 articles all about cybersecurity news and insights to provide some food for thought.
1. Daniel Miessler—Thinking of Deepfakes as Malicious Advertising
Is anyone else terrified by the possibilities that deepfakes create? In this article, Daniel Miessler discusses two ways that deepfakes can be used. Particularly interesting is how effective they can be even when a viewer later realizes the were fake.
2. Cliff Saran—Why IT departments miss basic IT security hygiene
In this article, Cliff Saran discussed the gap between the role of IT operations and the role of IT security. This causes conflicts, poor communications, and a lack of integration, resulting in poor security hygiene within the department that should understand it best.
3. Ionut Ilascu—Hundreds of GoDaddy Accounts Used for “Miracle” Product Scams
This is an interesting piece by Ionut Ilascu that explains how compromised GoDaddy accounts were used in a large phishing scam. Victims were tricked into buying a subscription that renewed automatically, then went unnoticed.
4. Troy Hunt—How to Track Your Kids (and Other People’s Kids) With the TicTocTrack Watch
Are you ready to delve into a pit of insanity? In this article, Troy Hunt discusses the problems with tech that tracks kids, then investigates one of these products for himself. The security oversights involved with the TicTocTrack watch are something else.
5. Chris Hook—How your home’s smart devices could be selling your family out to hackers
If only real-life pieces of furniture were as caring as those we see in Beauty and the Beast. Chris Hook discusses the widespread use of IoT technology and how easy it is to hack, leading to some terrifying situations.
6. Geoffrey A. Fowler—It’s the middle of the night. Do you know who your iPhone is talking to?
This chilling passage from explains it all: “On a recent Monday night, a dozen marketing companies, research firms and other personal data guzzlers got reports from my iPhone. At 11:43 p.m., a company called Amplitude learned my phone number, email and exact location. At 3:58 a.m., another called Appboy got a digital fingerprint of my phone. At 6:25 a.m., a tracker called Demdex received a way to identify my phone and sent back a list of other trackers to pair up with.”
7. RJ Sangosti—Election Security is Still Hurting at Every Level
As RJ Sangosti points out in this article, weak voting systems in the US have already caused massive problems. Although there’s been progress on improving them, we’re approaching a new presidential election with some risks remaining.
8. Maciej Ceglowski—The New Wilderness
An illuminating piece by Maciej Ceglowski that discusses the current state of privacy and some absurdities that go along with it. He talks about the loss of what he calls “ambient privacy,” and hits upon what we need to do—as well as who we need to stop listening to—to change the world back.
9. Dallas Hammer and Jason Zuckerman—Effective Cybersecurity and Data Protection Legislation Should Protect Whistleblowers
In this article, Dallas Hammer and Jason Zuckerman warn that silencing cybersecurity whistleblowers has serious consequences, yet the existing protections have gaps that whistleblowers often fall through. They go on to suggest improvements to infosec legislation that would solve this problem.
10. Brian Krebs—Should Failing Phish Tests Be a Fireable Offense?
After meeting someone whose employer fired employees for repeatedly falling for phishing emails, Brian Krebs spoke with some phishing experts to get their thoughts on this approach.
11. Robert Heaton—I was 7 words away from being spear-phished
Robert Heaton offers an interesting account of a recent phishing email that he fell for, though thankfully avoided the consequences. He also argues that security has to be balanced with pragmatism, which I believe is a good mindset for all of us to have.
12. Eric Niiler—5G networks could throw weather forecasting into chaos
“On Capitol Hill Thursday, NOAA’s acting chief, Neil Jacobs, said that interference from 5G wireless phones could reduce the accuracy of forecasts by 30 percent. That’s equivalent, he said, to the quality of weather predictions four decades ago.” In this article, Eric Niiler discusses this alarming situation, and how NOAA and the FCC are trying to reach a compromise.
13. Geoffrey Starks—Why It’s So Easy for a Bounty Hunter to Find You
In case it wasn’t obvious yet, wireless companies sell your location data and this is bad. Geoffrey Starks calls for federal action after a year of inaction.