CTRL + ALT + SEC

Author: ByteMe

  • Book Review: “Cult of the Dead Cow” – Inside the World of the Original Hacking Supergroup

    Book Review: “Cult of the Dead Cow” – Inside the World of the Original Hacking Supergroup

    • Author: Joseph Menn
    • Fiction: Non-Fiction
    • Genres: Technology, Cyber Security
    • Rating: 3.5 Stars
    • Date Finished: 3/6/25

    The Book in 3 Sentences

    The book explores the history and influence of the legendary hacking collective known as cDc, which pioneered hacktivism and shaped modern cybersecurity. The book delves into the group’s groundbreaking contributions, such as exposing software vulnerabilities, promoting ethical hacking, and influencing figures like Beto O’Rourke. Menn also highlights the evolving cyber threat landscape, emphasizing the ongoing battle between hackers, corporations, and governments over privacy and security.

    Impressions

    How I Discovered It

    I’m reading through all the information security books that my local library has. I’m also try to get them to include more books from this subject.

    Who Should Read It?

    Cult of the Dead Cow is ideal for cybersecurity professionals, ethical hackers, and tech enthusiasts interested in the origins of hacktivism and its impact on modern security. It’s also a great read for policymakers, journalists, and privacy advocates who want to understand the ethical dilemmas and power struggles shaping the digital world. Additionally, anyone curious about the intersection of technology, activism, and government surveillance will find this book insightful and thought-provoking.

    How the Book Changed Me

    • Expanded Perspective on Hacktivism – It shifted your view of hackers to individuals who use their skills for social good, advocating for privacy, security, and accountability.
    • Strengthened Awareness of Cybersecurity Risks – It revalidated by view of digital vulnerabilities, how governments and corporations handle (or mishandle) cybersecurity, and the importance of protecting personal data.
    • Inspiration for Ethical Advocacy – The book motivated me to push for stronger digital rights.

    My Top 3 Quotes

    • “Hacking is not inherently bad. It’s about figuring out how things work and making them better.”
    • “The greatest threat to cybersecurity is not hackers—it’s apathy.”
    • “Privacy is not about having something to hide; it’s about having control over your own life.”

    Summary

    Cult of the Dead Cow by Joseph Menn chronicles the rise and influence of one of the most legendary and impactful hacking groups in history. The book explores how the cDc pioneered hacktivism, exposing software vulnerabilities, advocating for digital privacy, and shaping cybersecurity policies. Menn highlights their role in pushing companies and governments to take security more seriously while also delving into their ethical dilemmas and controversial tactics. The book also reveals the surprising connection of some members to mainstream politics and business, illustrating how hacking culture has evolved from the underground to the halls of power. Ultimately, Cult of the Dead Cow is a compelling look at the battle for control over the internet, security, and personal freedoms in the digital age.

  • Crowdstrike Global Threat Report 2025

    Crowdstrike Global Threat Report 2025

    CrowdStrike’s 2025 Global Threat Report details the evolving cybersecurity landscape, emphasizing the increasing sophistication and business-like approach of cyber adversaries. The report underscores the rise of “enterprising adversaries” leveraging genAI for social engineering and malicious activities.

    TLDR:

    • The average breakout time has decreased to 48 minutes, with the fastest recorded breakout time being only 51 seconds.
    • Voice phishing (vishing) attacks saw a significant increase of 442% between the first and second half of 2024.
    • Attacks related to initial access accounted for 52% of the vulnerabilities observed by CrowdStrike in 2024.
    • Advertisements for access brokers increased by 50% year-over-year, indicating a thriving business in providing access as a service.
    • China-nexus activity surged by 150% overall, with some targeted industries experiencing a 200% to 300% increase in attacks compared to the previous year.
    • 79% of detections in 2024 were malware-free, a significant increase from 40% in 2019, indicating a shift towards hands-on-keyboard techniques.
    • 26 new adversaries were tracked by CrowdStrike in 2024, bringing the total to 257.
    • Interactive intrusion campaigns increased by 35% year-over-year.
    • Valid account abuse was responsible for 35% of cloud-related incidents.
    • FAMOUS CHOLLIMA had 304 incidents, with nearly 40% representing insider threat operations.
    • LLM-generated phishing messages had a 54% click-through rate, significantly higher than human-written phishing messages at 12%.
    • New cloud intrusions increased 26% compared to 2023, indicating more threat actors are targeting cloud services.
    • China-nexus intrusions increased 150% across all sectors on average compared to 2023
  • A Must-Read for Parents of Gen Z and Gen Alpha: “The Anxious Generation” by Jonathan Haidt

    A Must-Read for Parents of Gen Z and Gen Alpha: “The Anxious Generation” by Jonathan Haidt

    As a parent, it’s natural to be concerned about the impact of social media on our children. In recent years, we’ve seen an alarming rise in anxiety, depression, and other mental health issues among young people. That’s why I was excited to dive into “The Anxious Generation” by Jonathan Haidt, a thought-provoking book that sheds light on this critical issue.

    I really enjoyed reading this book, which offers a comprehensive analysis of how social media is affecting our children’s lives and the world at large. As someone who values play-based childhoods and more independence for kids, I found myself nodding in agreement with Haidt’s arguments throughout the book. Although, I’m not always the best at executing these principles in my own children.

    One of the most compelling aspects of “The Anxious Generation” is its accessibility. Written in an approachable tone, Haidt breaks down complex concepts into easy-to-understand language, making it a must-read for parents and caregivers alike. The author’s passion for this topic shines through on every page, inspiring readers to take action.

    What I appreciated most about the book was how Haidt tackles tough topics like social media addiction, pornography, and the impact of technology on relationships. He offers practical advice for parents, educators, employers, and policymakers on how to mitigate these effects and promote healthier habits among young people.

    As a parent of Gen Z or Alpha children, I highly recommend “The Anxious Generation” as an essential read. It’s not just a book – it’s a call to action. By speaking up and supporting the four foundational reforms outlined in the book, we can create a better future for our children. Haidt encourages readers to connect with others who share their values, creating a powerful movement that will inspire positive change.

    If you’re looking for a thought-provoking read that will make you think about your role as a parent and how you can support your child’s well-being in the digital age, “The Anxious Generation” is an excellent choice. Sign up at www.afterbabel.com to access Haidt’s Substack posts on related topics and join the conversation.

    Rating: 4.5/5 stars

    I highly recommend this book to anyone concerned about the impact of social media on our children’s lives. It’s a must-read for parents, educators, policymakers, and anyone who wants to make a difference in creating a healthier digital landscape for future generations.

  • Decoding the 2025 Cybersecurity Executive Order: What Every Tech Professional Needs to Know

    I’m excited to share my thoughts on the latest Executive Order signed by the President today, January 16, 2025. This order, titled “Strengthening and Promoting Innovation in the Nation’s Cybersecurity,” marks a significant step forward in our national cybersecurity strategy.

    If you would prefer to listen here is an overview provide by NotebookLM:

    Key Points of the Executive Order

    Enhanced Public-Private Partnerships
    The order emphasizes the critical need for stronger collaboration between government agencies and private sector entities. This approach recognizes that cybersecurity is a shared responsibility and that the most effective defense strategies leverage the strengths of both sectors.

    Investment in Emerging Technologies
    A major focus of this order is the promotion of innovation in cybersecurity. It calls for increased investment in cutting-edge technologies such as artificial intelligence, quantum computing, and advanced encryption methods. These technologies have the potential to revolutionize our cyber defense capabilities.

    Workforce Development
    Recognizing the ongoing shortage of cybersecurity professionals, the order outlines initiatives to bolster education and training programs. This includes expanding scholarship opportunities and creating more pathways for individuals to enter the cybersecurity field.

    Supply Chain Security
    The order addresses the critical issue of supply chain vulnerabilities, which have been exploited in several high-profile attacks in recent years. It mandates stricter security standards for software and hardware used in critical infrastructure and government systems.

    Implications for Cybersecurity Professionals

    As cybersecurity enthusiasts, this Executive Order should be seen as a positive development. It demonstrates a commitment at the highest levels of government to addressing the evolving cyber threats we face. The focus on innovation and emerging technologies aligns with the direction many of us in the field have been advocating for years.

    The emphasis on workforce development is particularly encouraging. It acknowledges the need for a larger and more diverse pool of cybersecurity talent, which is crucial for meeting the challenges of an increasingly complex threat landscape.

    Challenges and Opportunities

    While the order sets ambitious goals, implementation will be key. We should expect to see new initiatives and funding opportunities in the coming months. For those in the cybersecurity field, this presents exciting opportunities for research, innovation, and career advancement.

    However, we must also be prepared for the challenges that come with rapid technological change. As we adopt new technologies and strategies, we’ll need to remain vigilant and adaptable.

    In conclusion, this Executive Order represents a significant step forward in our national cybersecurity posture. It aligns with the realities of the current threat landscape and sets a course for a more secure digital future. As cybersecurity professionals and enthusiasts, we have a crucial role to play in turning these directives into reality.

  • TryHackMe | Advent of Cyber 2024 – Day 24

    Follow along as we crack open a new year of the Advent of Cyber from TryHackMe! This is always fun! Here is the playlist on youtube, but I’ll be posting them on this site as well.

  • TryHackMe | Advent of Cyber 2024 – Day 23

    Follow along as we crack open a new year of the Advent of Cyber from TryHackMe! This is always fun! Here is the playlist on youtube, but I’ll be posting them on this site as well.

  • TryHackMe | Advent of Cyber 2024 – Day 22

    Follow along as we crack open a new year of the Advent of Cyber from TryHackMe! This is always fun! Here is the playlist on youtube, but I’ll be posting them on this site as well.

  • TryHackMe | Advent of Cyber 2024 – Day 21

    Follow along as we crack open a new year of the Advent of Cyber from TryHackMe! This is always fun! Here is the playlist on youtube, but I’ll be posting them on this site as well.

  • TryHackMe | Advent of Cyber 2024 – Day 20

    Follow along as we crack open a new year of the Advent of Cyber from TryHackMe! This is always fun! Here is the playlist on youtube, but I’ll be posting them on this site as well.

  • TryHackMe | Advent of Cyber 2024 – Day 19

    Follow along as we crack open a new year of the Advent of Cyber from TryHackMe! This is always fun! Here is the playlist on youtube, but I’ll be posting them on this site as well.