Big Breaches Book by Neil Daswani - Bookswagon UAE
Home > Computer & Internet > Computer security > Privacy & data protection > Big Breaches
Big Breaches

Big Breaches


     5  |  3 Reviews 
5
4
3
2
1



International Edition


About the Book

Part I: The Biggest Breaches

The goal of this part is to explain, in plain English, the biggest breaches in recent years, focusing on what has resulted in everything from exposure of the majority of American consumers' financial identities to a foreign power more than significantly "influencing" the election of our most recent President. The breaches will be covered in reverse chronological order of the years in which the breaches were made public (even though some of them occurred prior), and in the summary section, I'll also comment on the relevance and implications of the actual years in which the breaches took place.

Chapter 1: The Five Key Root Causes

This chapter reviews the five basic root causes that we'll see in all the mega-breaches that will be reviewed in subsequent chapters.

  1. Phishing
  2. Malware
  3. Third-party compromise (suppliers, customers, and partners, as well as acquisitions)
  4. Software Vulnerabilities (application security as well as third-party vulnerabilities)
  5. Inadvertent employee mistakes

Chapter 2: The Capital One Breach in 2019

On July 29, 2019, court documents were released regarding a security breach at Capital One that exposed data for over 105 million people. A lone hacker gained access to highly sensitive data including names, social security numbers, addresses, and dates of birth. This hack is just one example in which over a hundred million customer records have been exposed to the entire Internet.

  1. The Modern Day Datacenter: The Cloud and Hybrid Clouds
  2. Erratic: Former Amazon Web Services employee
  3. The Firewall Hack
  4. The Ex-Filtration
  5. The Simple Mistakes
  6. The Charges & The Fallout

Chapter 3: Cambridge Analytica & Facebook

The goal of this chapter is to cover two issues that both involved Facebook. The first issue is how Cambridge Analytica, a data analytics firm that assisted President Trump's presidential campaign, abused Facebook to harvest data on 70 million U.S. consumers to create psychographic profiles of them and target ads to influence voting. The second issue is how a vulnerability in Facebook's "View As" feature (that allows users to see how their profiles look to the public) was exploited to allow for the take over of approximately 50 million Facebook accounts. The sections in this chapter will also set the groundwork for the Facebook hacking of the 2016 election by the Russians.

  1. How Facebook Works
  2. How Facebook Makes Money Through Ads
  3. Political Ads
  4. Security Challenges with Ads: Abusive Targeting, Bad Ads, Malvertising, and Click Fraud
  5. Facebook's Third-Party Apps and APIs
  6. Cambridge Analytica Harvesting
  7. Bungled Remediation of Harvested Data
  8. The "View As..." Vulnerability
  9. Remediation of the "View As..." Vulnerability

Chapter 4: The Marriott Hack in 2018

The Marriott hack disclosed in 2018 has been the second largest breach of all time as it involved 383 million records, and is only second to Yahoo's hack of 3 billion email accounts which we'll describe in see Chapter 8. Passport numbers, and the location history of hundreds of millions of people was amongst the data stolen in the breach. Combined with stolen data from the US Government's Office of Personnel Management breach (described in Chapter 7), one can even derive the location histories or potentially even impersonate some CIA agents and spies.

  1. Marriott and Starwood
  2. DBA Account Takeover
  3. Malware: Remote Access Trojan and Mimikatz
  4. Starwood Guest Reservation Database Exfiltration

Chapter 5: The Equifax
About the Author: ​Dr. Neil Daswani is Co-Director of the Stanford Advanced Security Certification program, and is President of Daswani Enterprises, his security consulting and training firm. He has served in a variety of research, development, teaching, and executive management roles at Symantec, LifeLock, Twitter, Dasient, Google, Stanford University, NTT DoCoMo USA Labs, Yodlee, and Telcordia Technologies (formerly Bellcore). At Symantec, he was Chief Information Security Officer (CISO) for the Consumer Business Unit, and at LifeLock he was the company-wide CISO. Neil has served as Executive-in-Residence at Trinity Ventures (funders of Auth0, New Relic, Aruba, Starbucks, and Bulletproof). He is an investor in and advisor to several cybersecurity startup companies and venture capital funds, including Benhamou Global Ventures, Firebolt, Gravity Ranch Ventures, Security Leadership Capital, and Swift VC. Neil is also co-author of Foundations of Security: What Every Programmer Needs to Know (Apress).
Neil's DNA is deeply rooted in security research and development. He has dozens of technical articles published in top academic and industry conferences (ACM, IEEE, USENIX, RSA, BlackHat, and OWASP), and he has been granted over a dozen US patents. He frequently gives talks at industry and academic conferences, and has been quoted by publications such as The New York Times, USA Today, and CSO Magazine. He earned PhD and MS degrees in computer science at Stanford University, and he holds a BS in computer science with honors with distinction from Columbia University.
Dr. Moudy Elbayadi has more than 20 years of experience and has worked with a number of high-growth companies and across a variety of industries, including mobile and SaaS consumer services, and security and financial services. Having held C-level positions for leading solution providers, Dr. Elbayadi has a unique 360-degree view of consumer and enterprise SaaS businesses. He has a consistent track record of defining technology and product strategies that accelerate growth.
As CTO of Shutterfly, Dr. Elbayadi oversees all technology functions including product development, cybersecurity, DevOps, and machine learning/AI R&D functions. In this capacity he is leading the technology platform transformation. Prior to Shutterfly, Dr. Elbayadi held the position of SVP, Product & Technology for Brain Corp, a San Diego-based AI company creating transformative core technology for the robotics industry.
As advisor, Dr. Elbayadi has been engaged by CEOs and senior executives of companies ranging from $10M to $2B in revenues. Representative engagements include public cloud strategy, platform integration and M&A strategy. He has advised numerous VC firms on technology and prospective investments.
Dr. Elbayadi earned a doctorate in leadership and change from Antioch University, a master's degree in organizational leadership from Chapman University, and a master's degree in business administration from the University of Redlands.


Best Sellers



Product Details
  • ISBN-13: 9781484266540
  • Publisher: Apress
  • Publisher Imprint: Apress
  • Height: 234 mm
  • No of Pages: 427
  • Spine Width: 24 mm
  • Weight: 711 gr
  • ISBN-10: 1484266544
  • Publisher Date: 26 Mar 2021
  • Binding: Paperback
  • Language: English
  • Returnable: Y
  • Sub Title: Cybersecurity Lessons for Everyone
  • Width: 156 mm


Similar Products

Add Photo
Add Photo

Customer Reviews

     5  |  3 Reviews 
out of (%) reviewers recommend this product
Top Reviews
Rating Snapshot
Select a row below to filter reviews.
5
4
3
2
1
Average Customer Ratings
     5  |  3 Reviews 
00 of 0 Reviews
Sort by :
Active Filters

00 of 0 Reviews
SEARCH RESULTS
1–2 of 2 Reviews
    BoxerLover2 - 5 Days ago
    A Thrilling But Totally Believable Murder Mystery

    Read this in one evening. I had planned to do other things with my day, but it was impossible to put down. Every time I tried, I was drawn back to it in less than 5 minutes. I sobbed my eyes out the entire last 100 pages. Highly recommend!

    BoxerLover2 - 5 Days ago
    A Thrilling But Totally Believable Murder Mystery

    Read this in one evening. I had planned to do other things with my day, but it was impossible to put down. Every time I tried, I was drawn back to it in less than 5 minutes. I sobbed my eyes out the entire last 100 pages. Highly recommend!


Sample text
Photo of
    Media Viewer

    Sample text
    Reviews
    Reader Type:
    BoxerLover2
    00 of 0 review

    Your review was submitted!
    Big Breaches
    Apress -
    Big Breaches
    Writing guidlines
    We want to publish your review, so please:
    • keep your review on the product. Review's that defame author's character will be rejected.
    • Keep your review focused on the product.
    • Avoid writing about customer service. contact us instead if you have issue requiring immediate attention.
    • Refrain from mentioning competitors or the specific price you paid for the product.
    • Do not include any personally identifiable information, such as full names.

    Big Breaches

    Required fields are marked with *

    Review Title*
    Review
      Add Photo Add up to 6 photos
      Would you recommend this product to a friend?
      Tag this Book Read more
      Does your review contain spoilers?
      What type of reader best describes you?
      I agree to the terms & conditions
      You may receive emails regarding this submission. Any emails will include the ability to opt-out of future communications.

      CUSTOMER RATINGS AND REVIEWS AND QUESTIONS AND ANSWERS TERMS OF USE

      These Terms of Use govern your conduct associated with the Customer Ratings and Reviews and/or Questions and Answers service offered by Bookswagon (the "CRR Service").


      By submitting any content to Bookswagon, you guarantee that:
      • You are the sole author and owner of the intellectual property rights in the content;
      • All "moral rights" that you may have in such content have been voluntarily waived by you;
      • All content that you post is accurate;
      • You are at least 13 years old;
      • Use of the content you supply does not violate these Terms of Use and will not cause injury to any person or entity.
      You further agree that you may not submit any content:
      • That is known by you to be false, inaccurate or misleading;
      • That infringes any third party's copyright, patent, trademark, trade secret or other proprietary rights or rights of publicity or privacy;
      • That violates any law, statute, ordinance or regulation (including, but not limited to, those governing, consumer protection, unfair competition, anti-discrimination or false advertising);
      • That is, or may reasonably be considered to be, defamatory, libelous, hateful, racially or religiously biased or offensive, unlawfully threatening or unlawfully harassing to any individual, partnership or corporation;
      • For which you were compensated or granted any consideration by any unapproved third party;
      • That includes any information that references other websites, addresses, email addresses, contact information or phone numbers;
      • That contains any computer viruses, worms or other potentially damaging computer programs or files.
      You agree to indemnify and hold Bookswagon (and its officers, directors, agents, subsidiaries, joint ventures, employees and third-party service providers, including but not limited to Bazaarvoice, Inc.), harmless from all claims, demands, and damages (actual and consequential) of every kind and nature, known and unknown including reasonable attorneys' fees, arising out of a breach of your representations and warranties set forth above, or your violation of any law or the rights of a third party.


      For any content that you submit, you grant Bookswagon a perpetual, irrevocable, royalty-free, transferable right and license to use, copy, modify, delete in its entirety, adapt, publish, translate, create derivative works from and/or sell, transfer, and/or distribute such content and/or incorporate such content into any form, medium or technology throughout the world without compensation to you. Additionally,  Bookswagon may transfer or share any personal information that you submit with its third-party service providers, including but not limited to Bazaarvoice, Inc. in accordance with  Privacy Policy


      All content that you submit may be used at Bookswagon's sole discretion. Bookswagon reserves the right to change, condense, withhold publication, remove or delete any content on Bookswagon's website that Bookswagon deems, in its sole discretion, to violate the content guidelines or any other provision of these Terms of Use.  Bookswagon does not guarantee that you will have any recourse through Bookswagon to edit or delete any content you have submitted. Ratings and written comments are generally posted within two to four business days. However, Bookswagon reserves the right to remove or to refuse to post any submission to the extent authorized by law. You acknowledge that you, not Bookswagon, are responsible for the contents of your submission. None of the content that you submit shall be subject to any obligation of confidence on the part of Bookswagon, its agents, subsidiaries, affiliates, partners or third party service providers (including but not limited to Bazaarvoice, Inc.)and their respective directors, officers and employees.

      Accept

      New Arrivals



      Inspired by your browsing history


      Your review has been submitted!

      You've already reviewed this product!