TaoSecurity Blog

I've been meeting with policymakers of all ages and levels of responsibility during the last few months. Frequently they ask "what can I read to better understand cyber security?" I decided to answer them collectively in this quick blog post. By posting these, I am not endorsing everything they say (with the exception of the last book). On balance, however, I think they provide a great introduction to current topics in digital security. Cybersecurity and Cyberwar: What Everyone Needs to Know by Peter W. Singer and Allan Friedman Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon by Kim Zetter @War: The Rise of the Military-Internet Complex by Shane Harris China and Cybersecurity: Espionage, Strategy, and Politics in the Digital Domain by  Jon R. Lindsay, Tai Ming Cheung, and Derek S. Reveron Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World by Bruce Schneier Spam Nation: The Inside Story of O

I read Brian Krebs story  Tech Firm Ubiquiti Suffers $46M Cyberheist just now. He writes: Ubiquiti, a San Jose based maker of networking technology for service providers and enterprises, disclosed the attack in a quarterly financial report filed this week  [6 August; RMB]  with the U.S. Securities and Exchange Commission (SEC). The company said it discovered the fraud on June 5, 2015, and that the incident involved employee impersonation and fraudulent requests from an outside entity targeting the company’s finance department. “This fraud resulted in transfers of funds aggregating $46.7 million held by a Company subsidiary incorporated in Hong Kong to other overseas accounts held by third parties,” Ubiquiti wrote. “As soon as the Company became aware of this fraudulent activity it initiated contact with its Hong Kong subsidiary’s bank and promptly initiated legal proceedings in various foreign jurisdictions. As a result of these efforts, the Company has recovered $8.1 million of