In 2018, my former VICE Motherboard colleague Joseph Cox and I began publishing a list of the best cybersecurity articles published elsewhere, with HTML tags for our readers. It wasn’t just to honor a friendly competitor, by adding articles from other publications, we were providing readers with a complete picture of what happened in the world of cybersecurity, privacy, and surveillance in the year that was just coming to an end. Our original inspiration was Bloomberg Businessweek’s Jealous List, which is an Overview of current progress A selection of the best stories published elsewhere, chosen by Bloomberg reporters and editors. Now that both Cox and I have left Motherboard, TechCrunch is taking a look at the Cyber Jealousy List, relisting the year’s best cybersecurity stories and the ones we were most jealous of. — Lorenzo Franceschi-Bicchierai.
If you were using the internet in October 2016 and lived on the East Coast of the United States, you may have heard of the day Twitter, Spotify, Netflix, PayPal, Slack, and hundreds of other major websites stopped working for several hours. You will remember that. As it turns out, this is the work of his three enterprising young hackers, who have built one of the most effective distributed denial-of-service tools ever created. In this long work, andy greenberg profiles three young hackers and tells the untold stories of their lives, from teenage computer geeks to seasoned cybercriminals and ultimately reformed cybersecurity experts. . Sit back in your comfortable chair and immerse yourself in this must-read. In September, an unholy alliance of Russian cybercriminals and Western teenagers with exceptional social engineering skills allegedly hacked and destroyed the MGM casino in Las Vegas, causing widespread chaos. . This was one of the most talked about cyberattacks of the year, and several publications were written about this story. jason kabler former editor-in-chief of VICE Motherboard and currently one of the co-founders of the worker-owned outlet. 404 Media He had the smart idea to fly to Las Vegas and see the mess for himself. The result of his trip was a work that showed just how badly MGM was hurting, creating, as Kebler puts it, a “nightmare” for casino employees. NPR cybersecurity correspondent Jenna McLaughlin reported from Kiev that she had recorded a series of excellent news and audio stories about life in wartime Ukraine. People defending the country after the Russian invasion. Cyber warfare has played an important role in warfare. Cyber attack hits Ukraine’s energy sector and the military operation.Mr. McLaughlin’s dispatch period varied widely. In reporting on Ukraine’s defensive (and offensive) operations against the Russian invaders, Highlights of ordinary daily life in Ukraine Of course, it’s a special feature on soccer. In a surprising change of attitude, electronics manufacturer Anker admitted that its cameras were not always encrypted. In short, security researchers discovered a bug that shows: Access unencrypted streams of customer videos, even though Anker’s Eufy cameras claim to be end-to-end encrypted. The Verge verified and reproduced the security researcher’s findings and his Anker The company eventually admitted that its cameras were not end-to-end encrypted. and was actually producing an unencrypted stream. Hats off to The Verge for their impressive and tenacious reporting that gets to the bottom of the issue. Anker’s misrepresentation and failure to cover it up. In 2020, Russian government hackers slipped malicious code into the software supply chain of SolarWinds, a tech company whose customers range from giant corporations to federal agencies. The hack was stealthy and incredibly effective, giving the Russians an opportunity to steal secrets from a rival country.Veteran cyber security reporter Kim Zetter They spoke with those who helped investigate the incident and reconstructed the stealth hack almost shot by shot in an incredibly detailed and deep investigation.Zetter also published Convenient and detailed timeline of events On her substack, worth subscribing If you haven’t done so yet. The SolarWinds hack two years ago went down in history as the most audacious and sophisticated supply chain hack ever undertaken.
For years, few people knew about Appin, an Indian company. However, as reported by Reuters, thanks to an investigation based on “hundreds of interviews, thousands of documents, and research from multiple cybersecurity companies,” a team of journalists discovered that Appin was involved in hacking activities for hacking purposes. reported and made public evidence showing that It helped obtain information on executives, politicians, military personnel, and wealthy people around the world. This is one of the most detailed and thorough looks inside the shadow world of professional hacking companies that don’t work for governments like his team or his NSO group, but for wealthy private clients. This is one of the things I researched.When this story itself became a headline Reuters forced to remove article to comply with New Delhi court order. Reuters reported. Editor’s note It supports the report. Trickbot is one of the most active and damaging Russian cybercrime organizations, attacking thousands of businesses, hospitals, and governments over the past few years.The study is based on interviews with cybersecurity experts and analysis of large amounts of data from ransomware gangs leaked online. matt burgess and lily hay newman Revealing one of Trickbot’s “key personas”.Journalists identified him as a Russian man who said he was “obsessed” with Metallica and liked classic movies. hacker. A week after the reporter published this article, US and UK governments announce sanctions against 11 people For alleged involvement in Trickbot, including the man identified in WIRED’s original article. Today, U.S. and British authorities sanctioned 11 suspected Trickbot members, and the Department of Justice dropped three charges against Trickbot and Conti members. Maxim Galochkin is the only person charged in all three cases. @WIRED It was made public in an investigation last week. Data obtained by a Politico reporter includes nearly a year’s worth of facial recognition requests. Alfred Ng In the year after New Orleans police began using facial recognition, the technique was shown to fail to identify suspects in most cases and was used almost exclusively against black people.The use of facial recognition by police, law enforcement, and government agencies remains highly controversial act all over America. Critics have argued that facial recognition is deeply flawed at the technical level because it is almost always trained on white faces, but Ng’s report shows that facial recognition is a serious problem for authorities using the technology. It confirms what civil rights activists have long argued is that it amplifies prejudice. Or, in the words of a New Orleans City Council member who voted against facial recognition, its use in New Orleans is “totally ineffective and patently racist.” Toward the end of last year, password management company LastPass lost its encrypted password vault containing customer passwords and other sensitive information to cybercriminals during a previous data breach. I admitted that. The full impact of this theft remained unknown until September 2023. Cybersecurity reporter Brian Krebs Researchers have reported that they have identified a “highly reliable set of leads” to more than 150 possible victims of cryptocurrency theft related to stolen LastPass password vaults. According to Kleb’s extensive reporting, more…
Source: techcrunch.com
