Eran Eyal had it all: a trendy New York apartment, a jet-set lifestyle and investors lining up to get in on his million-dollar cryptocurrency start-up, Shopin. He had come a long way from an ordinary middle-class childhood in Durban and the burgeoning tech start-up world of Cape Town.

But the New York authorities pounced in 2018, charged him with fraud and packed him off to Rikers Island. There began the gobsmacking unravelling of a scam that spanned investors across the globe and revealed that Eyal had built a house of cards involving fictitious products, clients and advisors for Shopin and his previous company, Springleap. As more than $40 million went up in smoke, the South African entrepreneur was exposed as an audacious fraudster determined to succeed at any cost – even if it meant spinning a web of  lies to do so.

“An age-old narrative about ego and flying too close to the sun as well as a modern version of greed in the tech world.” Michael Jordaan

“Eyal proves definitively that a thousand white lies can get you convicted of fraud. This book meticulously walks the reader though the start-up lies that ended in tears.” Nic Haralambous

An edge-of-your-seat psychological thriller from the acclaimed author of Every Line of You - A Good Girl's Guide to Murder meets virtual reality ... 'A pacy, intelligent novel that will have readers racing to get to the final page.' THE BOOKSELLER 'A pixelated whirlwind of a ride through the darkest secrets of the human mind, explored through the lens of virtual reality gaming!' LEE NEWBERY, AUTHOR OF THE LAST FIREFOX Lola's been selected to play a new virtual reality game - Better Than Life. In her game, she's loved. Is beautiful. Can do whatever she wants. But she quickly breaks the one rule: not to recreate people or places from real life. She recreates her house and a boy she fancies. Soon she's skipping school to play. But Lola has secrets - dark ones that begin to surface inside her game - and the more she tries to fix her problems, the more she overlooks a much bigger threat ... An original, high-concept psychological thriller - Holly Jackson meets VR horror Set in an exclusive boarding school, this rollercoaster ride of a story involves an unreliable narrator,immersive gaming, a dark secret and a huge twist Perfect for fans of Cynthia Murphy and Kathryn Foxfield PRAISE FOR EVERY LINE OF YOU: 'What a debut. So tense - and it didn't lead where I thought it was going.' SUE WALLMAN, author of YOUR TURN TO DIE 'Frankenstein meets Heathers. Bonnie and Clyde for the digital age, Every Line of You is a gripping thriller about the power of AI and a fresh twist on the intensity of first love.' AMY MCCAW, author of MINA AND THE UNDEAD

WINNER OF THE FT & McKINSEY BUSINESS BOOK OF THE YEAR AWARD 2021 The instant New York Times bestseller A Financial Times and The Times Book of the Year 'A terrifying expose' The Times 'Part John le Carre . . . Spellbinding' New Yorker We plug in anything we can to the internet. We can control our entire lives, economy and grid via a remote web control. But over the past decade, as this transformation took place, we never paused to think that we were also creating the world's largest attack surface. And that the same nation that maintains the greatest cyber advantage on earth could also be among its most vulnerable. Filled with spies, hackers, arms dealers and a few unsung heroes, This Is How They Tell Me the World Ends is an astonishing and gripping feat of journalism. Drawing on years of reporting and hundreds of interviews, Nicole Perlroth lifts the curtain on a market in shadow, revealing the urgent threat faced by us all if we cannot bring the global cyber arms race to heel.

The bestselling account of a band of kids from New York who fought an electronic turf war that ranged across some of the nation's most powerful computer systems. "An immensely fun and -- one cannot emphasize this enough -- accessible history of the first outlaws in cyberspace."--Glamour

JUMPSTART YOUR NEW AND EXCITING CAREER AS A PENETRATION TESTER The Pentester BluePrint: Your Guide to Being a Pentester offers readers a chance to delve deeply into the world of the ethical, or "white-hat" hacker. Accomplished pentester and author Phillip L. Wylie and cybersecurity researcher Kim Crawley walk you through the basic and advanced topics necessary to understand how to make a career out of finding vulnerabilities in systems, networks, and applications. You'll learn about the role of a penetration tester, what a pentest involves, and the prerequisite knowledge you'll need to start the educational journey of becoming a pentester. Discover how to develop a plan by assessing your current skillset and finding a starting place to begin growing your knowledge and skills. Finally, find out how to become employed as a pentester by using social media, networking strategies, and community involvement. Perfect for IT workers and entry-level information security professionals, The Pentester BluePrint also belongs on the bookshelves of anyone seeking to transition to the exciting and in-demand field of penetration testing. Written in a highly approachable and accessible style, The Pentester BluePrint avoids unnecessarily technical lingo in favor of concrete advice and practical strategies to help you get your start in pentesting. This book will teach you: The foundations of pentesting, including basic IT skills like operating systems, networking, and security systems The development of hacking skills and a hacker mindset Where to find educational options, including college and university classes, security training providers, volunteer work, and self-study Which certifications and degrees are most useful for gaining employment as a pentester How to get experience in the pentesting field, including labs, CTFs, and bug bounties

Must-have guide for professionals responsible for securing credit and debit card transactions

As recent breaches like Target and Neiman Marcus show, payment card information is involved in more security breaches than any other data type. In too many places, sensitive card data is simply not protected adequately. "Hacking Point of Sale" is a compelling book that tackles this enormous problem head-on. Exploring all aspects of the problem in detail - from how attacks are structured to the structure of magnetic strips to point-to-point encryption, and more - it's packed with practical recommendations. This terrific resource goes beyond standard PCI compliance guides to offer real solutions on how to achieve better security at the point of sale.A unique book on credit and debit card security, with an emphasis on point-to-point encryption of payment transactions (P2PE) from standards to design to applicationExplores all groups of security standards applicable to payment applications, including PCI, FIPS, ANSI, EMV, and ISOExplains how protected areas are hacked and how hackers spot vulnerabilitiesProposes defensive maneuvers, such as introducing cryptography to payment applications and better securing application code

"Hacking Point of Sale: Payment Application Secrets, Threats, and Solutions" is essential reading for security providers, software architects, consultants, and other professionals charged with addressing this serious problem.

The Security Hippie is Barak Engel's second book. As the originator of the "Virtual CISO" (fractional security chief) concept, he has served as security leader in dozens of notable organizations, such as Mulesoft, Stubhub, Amplitude Analytics, and many others. The Security Hippie follows his previous book, Why CISOs Fail, which became a sleeper hit, earning a spot in the Cybercannon project as a leading text on the topic of information security management. In this new book, Barak looks at security purely through the lens of story-telling, sharing many and varied experiences from his long and accomplished career as organizational and thought leader, and visionary in the information security field. Instead of instructing, this book teaches by example, sharing many real situations in the field and actual events from real companies, as well as Barak's related takes and thought processes. An out-of-the-mainstream, counterculture thinker - Hippie - in the world of information security, Barak's rich background and unusual approach to the field come forth in this book in vivid color and detail, allowing the reader to sit back and enjoy these experiences, and perhaps gain insights when faced with similar issues themselves or within their organizations. The author works hard to avoid technical terms as much as possible, and instead focus on the human and behavioral side of security, finding the humor inherent in every anecdote and using it to demystify the field and connect with the reader. Importantly, these are not the stories that made the news; yet they are the ones that happen all the time. If you've ever wondered about the field of information security, but have been intimidated by it, or simply wished for more shared experiences, then The Security Hippie is the perfect way to open that window by accompanying Barak on some of his many travels into the land of security.

Unique selling point: * Industry standard book for merchants, banks, and consulting firms looking to learn more about PCI DSS compliance. Core audience: * Retailers (both physical and electronic), firms who handle credit or debit cards (such as merchant banks and processors), and firms who deliver PCI DSS products and services. Place in the market: * Currently there are no PCI DSS 4.0 books

1) What to do when you get hacked 2) A guide to incident response 3) Incident response and cybersecurity for small businesses

A fast, hands-on introduction to offensive hacking techniques Hands-On Hacking teaches readers to see through the eyes of their adversary and apply hacking techniques to better understand real-world risks to computer networks and data. Readers will benefit from the author's years of experience in the field hacking into computer networks and ultimately training others in the art of cyber-attacks. This book holds no punches and explains the tools, tactics and procedures used by ethical hackers and criminal crackers alike. We will take you on a journey through a hacker's perspective when focused on the computer infrastructure of a target company, exploring how to access the servers and data. Once the information gathering stage is complete, you'll look for flaws and their known exploits--including tools developed by real-world government financed state-actors. An introduction to the same hacking techniques that malicious hackers will use against an organization Written by infosec experts with proven history of publishing vulnerabilities and highlighting security flaws Based on the tried and tested material used to train hackers all over the world in the art of breaching networks Covers the fundamental basics of how computer networks are inherently vulnerable to attack, teaching the student how to apply hacking skills to uncover vulnerabilities We cover topics of breaching a company from the external network perimeter, hacking internal enterprise systems and web application vulnerabilities. Delving into the basics of exploitation with real-world practical examples, you won't find any hypothetical academic only attacks here. From start to finish this book will take the student through the steps necessary to breach an organization to improve its security. Written by world-renowned cybersecurity experts and educators, Hands-On Hacking teaches entry-level professionals seeking to learn ethical hacking techniques. If you are looking to understand penetration testing and ethical hacking, this book takes you from basic methods to advanced techniques in a structured learning format.

Phishing for Nazis is an evidence-based, undercover study of neo-Nazi communities on anonymous communication platforms that helps to shine a light on the dark web. It unveils how hatred and conspiracies spread and thrive online and how white supremacy is becoming prominent as extremists find shelter in the online dank underbelly of society. Phishing for Nazis explains how online manifestations of hate radicalize people into taking "real-world" action, such as shooting sprees. Methodologically, this book is unique, as it incorporates undercover cyberethnography, a method frequently used by law enforcement and intelligence agencies, unlike traditional academic studies of racism or social behavior that rely on secondary sources or surveys. With a particular interest on how race issues translate online, the book presents the true phenomenon of racism without relying on political correctness or whitewashing. It contributes to the field of cyber communication, as it details why and how people communicate and manage entire communities without knowing one another. The book also contributes to public policy, regulators, and technology companies as they deal with the practice of online anonymity and extremism.

This book examines the evolution of legal institutions in containing and tackling fraudulent activities plaguing payment systems ('payment fraud', e.g. forged cheques, wrongful payment instructions, etc.) in Asia, focusing on laws in Greater China and Singapore. In the past century, the payment system has invited much innovation, changing the modes of payments from exchanging cash and coins to the use of cards, wire transfers and other new types of payment instruments or services (e.g. bitcoins or QR code payments). As the nature of payment services is to move money from one place to another, it naturally attracts fraudsters. Even with advanced computer technology, payment fraud is still rampant in the market, causing billions of dollars in losses globally per annum. Through an examination of payment instruments and associated frauds over time, the book illustrates a shifting trend of legal solutions from criminal sanctions and civil compensation to a gradual focus on regulations of payment intermediaries. This trend reflects the complexity of payment systems and the challenge of protecting them. The book also identifies the underlying actors and institutional characteristics driving the evolution of legal institutions to deal with payment fraud and illustrates how the arrival of new technology may affect the market and thus the evolution of legal institutions. The book will help readers to better understand the interaction between technology, the market and law and help regulators, financial institutions, practitioners and end users, as well as about payment fraud and corresponding legal responses.

This book provides solid, state-of-the-art contributions from both scientists and practitioners working on botnet detection and analysis, including botnet economics. It presents original theoretical and empirical chapters dealing with both offensive and defensive aspects in this field. Chapters address fundamental theory, current trends and techniques for evading detection, as well as practical experiences concerning detection and defensive strategies for the botnet ecosystem, and include surveys, simulations, practical results, and case studies.

This textbook offers an accessible introduction to the topic of cybersecurity ethics. The second edition has been revised and updated, and contains new chapters on social justice, AI, and Big Data. The book is split into three parts. Part I provides an introduction to the field of ethics, philosophy, and philosophy of science, three ethical frameworks - virtue ethics, utilitarian ethics, and communitarian ethics - and the notion of ethical hacking. Part II applies these frameworks to particular issues within the field of cybersecurity, including privacy rights, surveillance, and intellectual property. The third part concludes by exploring current codes of ethics used in cybersecurity, with chapters on artificial intelligence, social diversity, Big Data, and cyberwarfare. The overall aims of the book are to: Provide ethical frameworks to aid decision-making Present the key ethical issues in relation to computer security Highlight the connection between values and beliefs and the professional code of ethics The textbook also includes three different features to aid students: "Going Deeper" features provide background on individuals, events, and institutions in cybersecurity; "Critical Issues" features contemporary case studies; and "Tech Talks" contain features that assume some familiarity with technological developments. The book will be of much interest to students of cybersecurity, cyberethics, hacking, surveillance studies, ethics, and information science.

Up-to-date strategies for thwarting the latest, most insidious network attacks This fully updated, industry-standard security resource shows, step by step, how to fortify computer networks by learning and applying effective ethical hacking techniques. Based on curricula developed by the authors at major security conferences and colleges, the book features actionable planning and analysis methods as well as practical steps for identifying and combating both targeted and opportunistic attacks. Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition clearly explains the enemy's devious weapons, skills, and tactics and offers field-tested remedies, case studies, and testing labs. You will get complete coverage of Internet of Things, mobile, and Cloud security along with penetration testing, malware analysis, and reverse engineering techniques. State-of-the-art malware, ransomware, and system exploits are thoroughly explained. Fully revised content includes 7 new chapters covering the latest threats Includes proof-of-concept code stored on the GitHub repository Authors train attendees at major security conferences, including RSA, Black Hat, Defcon, and Besides

Features cross-disciplinary exchange among psychologists, criminologists, and computer scientists addressing fraud, scams, and financial abuse Includes discussion of the 'Next Frontiers' in research and important insights on how to create solutions

This book offers a fresh approach to a range of pressing issues, emphasising the value of establishing economic crime as a sub-discipline within criminology. This will be essential reading for a range of more applied graduate courses across the UK and Europe on counter-fraud, money laundering, corruption, security management and financial crime investigation. Given the prominence of 'economic crime' amongst police forces, law enforcement agencies and government, this book has a secondary market amongst practitioners.

'A brilliant page-turner by one of Holland's finest investigative journalists' Rutger Bregman, author of Humankind 'Essential . . . What's revealed are networks of spies and criminals fighting an invisible war that involves us all' Eliot Higgins, bestselling author of We Are Bellingcat Summer 2017: computer screens go blank in 150 countries. The NHS is so affected that hospitals can only take in patients for A&E. Ambulances are grounded. Computer screens turn on spontaneously and warnings appear. Employees who desperately pull the plugs are too late. Restarting is pointless; the computers are locked. And now the attackers ask each victim for money. This is hijack software. It is just one example of how vulnerable the digital world has made us. Based on the cases he investigated over a period of six years, award-winning Dutch journalist Huib Modderkolk takes the reader on a tour of the corridors and back doors of the globalised digital world. He reconstructs British-American espionage operations and reveals how the power relationships between countries enable intelligence services to share and withhold data from each other. Looking at key players including Edward Snowden, Russian hackers Cozy Bear and Evgeniy Bogachev, 'the Pablo Escobar of the digital era', Modderkolk opens our eyes to the dark underbelly of the digital world with the narrative drive of a thriller.

Cybersecurity is an extremely important area which is rapidly evolving, necessarily, to meet current and future threats. Anyone who studies within this domain requires a particular skillset and way of thinking, balancing technical knowledge and human insight. It is vital to recognize both sides of this complex area and integrate the two. This book looks at the technical fields progressively, building up in layers before expanding into more advanced topics. Each area is looked at succinctly, describing the main elements and problems in each area and reinforcing these concepts with practical coding examples, questions and ideas for further research. The book builds on an overview of basic architecture of systems and networks, setting a context for how information is vulnerable. Cryptography is explained in detail with examples, showing the steady progress in this area over time through to the possibilities of quantum encryption. Steganography is also explained, showing how this can be used in a modern-day context through multimedia and even Virtual Reality. A large section of the book is given to the technical side of hacking, how such attacks occur, how they can be avoided and what to do after there has been an intrusion of some description. Cyber countermeasures are explored, along with automated systems of defense, whether created by the programmer or through firewalls and suchlike. The human aspect of cyber security is detailed along with the psychology and motivations for launching attacks. Social engineering is focused on and with the various techniques looked at - revealing how an informed individual, organization or workplace can protect themselves against incursions and breaches. Finally, there is a look the latest developments in the field, and how systems, such as the IoT are being protected. The book is intended for advanced undergraduate and postgraduate courses on cybersecurity but is also useful for those studying IT or Computer Science more generally.

* The book provides an end-to-end view of the Zero Trust approach across organization's digital estates that includes Strategy, Business Imperatives, Architecture, Solutions, Human Elements, Implementation Approach etc that could significantly benefit large, small and medium enterprises who want to learn adapt and implement Zero Trust in their organization. * The book's scope will be primarily benefited for the Business Decision Makars, Security leadership and organizational change agent who wants to adopt and implement "Zero Trust" Security approach and architecture across their digital estate. * After reading this book, readers will be in a better position to strategize, plan and design a credible and defensible Zero Trust security architecture and solution for their organization, understand the relevance of human elements and implement a stepwise journey that delivers significantly improved security and streamlined operations.

Countering Cyber Sabotage: Introducing Consequence-Driven, Cyber-Informed Engineering (CCE) introduces a new methodology to help critical infrastructure owners, operators and their security practitioners make demonstrable improvements in securing their most important functions and processes. Current best practice approaches to cyber defense struggle to stop targeted attackers from creating potentially catastrophic results. From a national security perspective, it is not just the damage to the military, the economy, or essential critical infrastructure companies that is a concern. It is the cumulative, downstream effects from potential regional blackouts, military mission kills, transportation stoppages, water delivery or treatment issues, and so on. CCE is a validation that engineering first principles can be applied to the most important cybersecurity challenges and in so doing, protect organizations in ways current approaches do not. The most pressing threat is cyber-enabled sabotage, and CCE begins with the assumption that well-resourced, adaptive adversaries are already in and have been for some time, undetected and perhaps undetectable. Chapter 1 recaps the current and near-future states of digital technologies in critical infrastructure and the implications of our near-total dependence on them. Chapters 2 and 3 describe the origins of the methodology and set the stage for the more in-depth examination that follows. Chapter 4 describes how to prepare for an engagement, and chapters 5-8 address each of the four phases. The CCE phase chapters take the reader on a more granular walkthrough of the methodology with examples from the field, phase objectives, and the steps to take in each phase. Concluding chapter 9 covers training options and looks towards a future where these concepts are scaled more broadly.

The shocking untold story of the elite secret society of hackers fighting to protect our privacy, our freedom, and even democracy itself. Cult of the Dead Cow is the tale of the oldest, most respected, and most famous American hacking group of all time. Though until now it has remained mostly anonymous, its members invented the concept of hacktivism, released the top tool for testing password security, and created what was for years the best technique for controlling computers from afar, forcing giant companies to work harder to protect customers. They contributed to the development of Tor, the most important privacy tool on the net, and helped build cyberweapons that advanced US security without injuring anyone. With its origins in the earliest days of the Internet, the cDc is full of oddball characters -- activists, artists, even future politicians. Many of these hackers have become top executives and advisors walking the corridors of power in Washington and Silicon Valley. The most famous is former Texas Congressman and current presidential candidate Beto O'Rourke, whose time in the cDc set him up to found a tech business, launch an alternative publication in El Paso, and make long-shot bets on unconventional campaigns. Today, the group and its followers are battling electoral misinformation, making personal data safer, and battling to keep technology a force for good instead of for surveillance and oppression. Cult of the Dead Cow shows how governments, corporations, and criminals came to hold immense power over individuals and how we can fight back against them.

Digital forensics plays a crucial role in identifying, analysing, and presenting cyber threats as evidence in a court of law. Artificial intelligence, particularly machine learning and deep learning, enables automation of the digital investigation process. This book provides an in-depth look at the fundamental and advanced methods in digital forensics. It also discusses how machine learning and deep learning algorithms can be used to detect and investigate cybercrimes. This book demonstrates digital forensics and cyber-investigating techniques with real-world applications. It examines hard disk analytics and style architectures, including Master Boot Record and GUID Partition Table as part of the investigative process. It also covers cyberattack analysis in Windows, Linux, and network systems using virtual machines in real-world scenarios. Digital Forensics in the Era of Artificial Intelligence will be helpful for those interested in digital forensics and using machine learning techniques in the investigation of cyberattacks and the detection of evidence in cybercrimes.

Crime and Punishment in the Future Internet is an examination of the development and impact of digital frontier technologies (DFTs) such as Artificial Intelligence, the Internet of things, autonomous mobile robots, and blockchain on offending, crime control, the criminal justice system, and the discipline of criminology. It poses criminological, legal, ethical, and policy questions linked to such development and anticipates the impact of DFTs on crime and offending. It forestalls their wide-ranging consequences, including the proliferation of new types of vulnerability, policing and other mechanisms of social control, and the threat of pervasive and intrusive surveillance. Two key concerns lie at the heart of this volume. First, the book investigates the origins and development of emerging DFTs and their interactions with criminal behaviour, crime prevention, victimisation, and crime control. It also investigates the future advances and likely impact of such processes on a range of social actors: citizens, non-citizens, offenders, victims of crime, judiciary and law enforcement, media, NGOs. This book does not adopt technological determinism that suggests technology alone drives social development. Yet, while it is impossible to know where the emerging technologies are taking us, there is no doubt that DFTs will shape the way we engage with and experience criminal behaviour in the twenty-first century. As such, this book starts the conversation about a range of essential topics that this expansion brings to social sciences, and begins to decipher challenges we will be facing in the future. An accessible and compelling read, this book will appeal to those engaged with criminology, sociology, politics, policymaking, and all those interested in the impact of DFTs on the criminal justice system.

Countering Cyber Sabotage: Introducing Consequence-Driven, Cyber-Informed Engineering (CCE) introduces a new methodology to help critical infrastructure owners, operators and their security practitioners make demonstrable improvements in securing their most important functions and processes. Current best practice approaches to cyber defense struggle to stop targeted attackers from creating potentially catastrophic results. From a national security perspective, it is not just the damage to the military, the economy, or essential critical infrastructure companies that is a concern. It is the cumulative, downstream effects from potential regional blackouts, military mission kills, transportation stoppages, water delivery or treatment issues, and so on. CCE is a validation that engineering first principles can be applied to the most important cybersecurity challenges and in so doing, protect organizations in ways current approaches do not. The most pressing threat is cyber-enabled sabotage, and CCE begins with the assumption that well-resourced, adaptive adversaries are already in and have been for some time, undetected and perhaps undetectable. Chapter 1 recaps the current and near-future states of digital technologies in critical infrastructure and the implications of our near-total dependence on them. Chapters 2 and 3 describe the origins of the methodology and set the stage for the more in-depth examination that follows. Chapter 4 describes how to prepare for an engagement, and chapters 5-8 address each of the four phases. The CCE phase chapters take the reader on a more granular walkthrough of the methodology with examples from the field, phase objectives, and the steps to take in each phase. Concluding chapter 9 covers training options and looks towards a future where these concepts are scaled more broadly.