The Good, the Bad and the Ugly in Cybersecurity – Week 29

The Good

A transatlantic cybercrime operation was busted last week by Spanish Guardia Civil. Sixteen suspects in eight different locations throughout Spain were arrested on charges of laundering funds stolen through banking trojans made by Brazilian cybercrime groups. These groups developed and rented the banking trojans known as Mekotio and Grandoreiro, very capable pieces of malware targeting Windows computers through phishing emails. Post-infection, they remain hidden until the user logs into their banking accounts, silently harvesting credentials.

The police seized €276,470 in cash and, after forensic examination of the suspects’ computers, found an additional €3.5 million stashed away which had not yet been cashed out.

Back in North America, the U.S. government is stepping up its efforts to battle ransomware. The U.S. Department of Justice (DOJ), the U.S. Department of Homeland Security (DHS), and CISA have launched a website that aims to provide comprehensive information regarding ransomware attacks.

The site, stopransomware, includes guidance and resources, general information, tips, a Ransomware Readiness Assessment tool and a dedicated page for reporting ransomware incidents to the authorities.

The Bad

Software vulnerabilities are prime targets for attackers, who seek to identify and weaponize zero-day vulnerabilities. But this is a very expensive process that requires extremely skilled researchers. This is why traditionally it was only undertaken by well-funded, advanced nation-states. Now, however, commercial entities are doing their own research and selling weaponized zero-day end-products to whomever can afford them. While this has been known for some time, the general perception was that these enterprises focused on mobile exploits and to a lesser degree (and capability) on standard operating systems.

According to Google’s Threat Analysis Group (TAG) and Project Zero, four new zero-days were recently used as part of three targeted campaigns. These campaigns exploited previously unknown flaws in Google Chrome, Internet Explorer, and WebKit, the browser engine used by Apple’s Safari (CVE-2021-21166 and CVE-2021-30551 in Chrome; CVE-2021-33742 and CVE-2021-1879 for IE and Webkit, respectively).

Google says that three of these exploits were developed by a commercial surveillance company which then sold the vulnerabilities to two different government-backed actors. “Based on our analysis, we assess that the Chrome and Internet Explorer exploits described here were developed and sold by the same vendor providing surveillance capabilities to customers around the world”.

The Ugly

What does the University of London’s School of Oriental and African Studies (SOAS) have to do with cyber espionage? According to a recent study, Iranian attackers presented themselves as research fellows working at SOAS and contacted journalists covering the Middle East, Think Tank experts and senior professors.

The threat actors invited their unsuspecting victims to participate in an online conference called “US Security Challenges in the Middle East”. They then directed these contacts to a registration page, which was actually a compromised website belonging to SOAS, in order to steal Google, Microsoft and other single sign-on or email log-in credentials.

Based on TTPs and target selection, the activity has been attributed to TA453 (aka APT35, Phosphorus, and Magic Hound), an attack group affiliated with Iran’s Islamic Revolutionary Guard Corps (IRGC). One of the scholars who had his identity “borrowed”, told reporters “Of course it’s stressful, but on the upside I had conversations with a lot of interesting people that I would probably not have had interaction with otherwise. I’m taking it as a lived case study”. That’s the spirit!


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

Taste intelligence startup Halla closes $4.5M Series A1 to predict which grocery items shoppers will buy

Halla wants to answer the question of how people decide what to eat, and now has $4.5 million in fresh Series A1 capital from Food Retail Ventures to do it.

Headquartered in New York, Halla was founded in 2016 by Gabriel Nipote, Henry Michaelson and Spencer Price to develop “taste intelligence,” using human behavior to steer shoppers to food items they want while also discovering new ones as they shop online. This all results in bigger basket orders for stores. SOSV and E&A Venture Capital joined in on the round, which brings Halla’s total capital raised to $8.5 million, CEO Price told TechCrunch.

The company’s API technology is a plug-and-play platform that leverages more than 100 billion shopper and product data points and funnels it into three engines: Search, which takes into account a shopper’s preferences; Recommend, which reveals relevant complementary products as someone shops; and Substitute, which identifies replacement options.

Halla’s Substitute product was released earlier this year as an answer to better recommendations for out-of-stock items that even retailers like Walmart are creating technology to solve. Price cited a McKinsey report that found 20% of grocery shoppers sought out competitors following a negative outcome from bad substitutions.

Halla Substitute. Image Credits: Halla

None of these data points are linked to any shoppers’ private data, just the attributes around the shopping itself. The APIs, rather, are looking for context to return relevant recommendations and substitutions. For example, Halla’s platform would take into account the way someone adds items to their cart and suggest next ones: if you added turkey and then bread, the platform may suggest cheese and condiments.

“It’s also about personalization when it comes to grocery shopping and food,” Price said. “When you want organic eggs from a specific brand and it is out of stock, it is often up to your personal shopper’s discretion. We want to lead them to the right substitutions, so you can still cook the meal you intended instead of ‘close enough.’ ”

Halla’s technology is now live in more than 1,100 e-commerce storefronts. The new funding gives Halla some fuel for the fire Price said is happening within the company, including plans to double the number of stores it supports across accounts. He also expects to double employees to 30 in order to support growth and customer base, admitting there is “more inbound interest that we can handle.” Halla has been busy fast-tracking big customers for pilots, and at the same time, wants to expand internationally with additional product lines over the next 18 months.

The company is also seeing “a near infinite increase in recurring revenue,” as it attracts six- and seven-figure contracts that push the company closer to cash flow positivity. All of that growth is positioning Halla for a Series B if it needs it, Price said.

Meanwhile, as part of the investment, Food Retail Ventures’ James McCann will join Halla’s board of directors.

McCann, who only invests in food and retail technology, told TechCrunch that grocery stores need a way to inspire shoppers, that Halla is doing that and in a better way than other intelligence versions he has seen.

“Their technology is miles ahead of everyone else,” he added. “They have a terrific team and a terrific product. They are seeing huge uplifts in terms of suggestions and what people are buying, and their measurements are out of this world.”

Photo includes Halla co-founders, from left, Spencer Price (CEO), Henry Michaelson (CTO & President) and Gabriel Nipote (COO).

Intel rumored to be in talks to buy chip manufacturer GlobalFoundries for $30B

When it comes to M&A in the chip world, the numbers are never small. In 2020, four deals involving chip companies totaled $106 billion, led by Nvidia snagging ARM for $40 billion. One surprise from last year’s chip-laced M&A frenzy was Intel remaining on the sidelines. That would change if a rumored $30 billion deal to buy chip manufacturing concern GlobalFoundries comes to fruition.

The rumor was first reported by The Wall Street Journal yesterday.

Patrick Moorhead, founder and principal analyst at Moor Insight & Strategies, who watches the chip industry closely, says that snagging GlobalFoundries would certainly make sense for Intel. The company is currently pursuing a new strategy to manufacture and sell chips for both Intel and to others under CEO Pat Gelsinger, who came on board in January to turn around the flagging chip maker.

“GlobalFoundries has technologies and processes that are specialized for 5G RF, IoT and automotive. Intel with GlobalFoundries would become what I call a ‘full-stack provider’ that could offer a customer everything. This is in full alignment with IDM 2.0 (Intel’s chip manufacturing strategy) and would get Intel there years before it could without GlobalFoundries,” Moorhead told TechCrunch.

It would also give Intel a chip manufacturing facility at a time when there are global chip shortages and huge demand for product from every corner, due in part to the pandemic and the impact it has had on the global supply chain. Intel has already indicated it has plans to spend more than $20 billion to build two fabs (chip manufacturing plants) in Arizona. Adding GlobalFoundries to these plans would give them a broad set of manufacturing capabilities in the coming years if it came to pass, but would also involve a significant investment of tens of billions of dollars to get there.

GlobalFoundries is a worldwide chip manufacturing concern based in the U.S. The company was spun off from Intel’s rival chip maker AMD in 2012, and is currently owned by Mubadala Investment Company, the investment arm of the government of Abu Dhabi.

Investors seem to like the idea of combining these two companies, with Intel stock up 1.59% as of publication. It’s important to note that this deal is still in the rumor stage and nothing is definitive or final yet. We will let you know if that changes.

ServiceMax promises accelerating growth as key to $1.4B SPAC deal

ServiceMax, a company that builds software for the field-service industry, announced yesterday that it will go public via a special purpose acquisition company, or SPAC, in a deal valued at $1.4 billion. The transaction comes after ServiceMax was sold to GE for $915 million in 2016, before being spun out in late 2018. The company most recently raised $80 million from Salesforce Ventures, a key partner.

Broadly, ServiceMax’s business has a history of modest growth and cash consumption.

ServiceMax competes in the growing field-service industry primarily with ServiceNow, and interestingly enough given Salesforce Ventures’ recent investment, Salesforce Service Cloud. Other large enterprise vendors like Microsoft, SAP and Oracle also have similar products. The market looks at helping digitize traditional field service, but also touches on in-house service like IT and HR giving it a broader market in which to play.

GE originally bought the company as part of a growing industrial Internet of Things (IoT) strategy at the time, hoping to have a software service that could work hand in glove with the automated machine maintenance it was looking to implement. When that strategy failed to materialize, the company spun out ServiceMax and until now it remained part of Silver Lake Partners thanks to a deal that was finalized in 2019.

TechCrunch was curious why that was the case, so we dug into the company’s investor presentation for more hints about its financial performance. Broadly, ServiceMax’s business has a history of modest growth and cash consumption. It promises a big change to that storyline, though. Here’s how.

A look at the data

The company’s pitch to investors is that with new capital it can accelerate its growth rate and begin to generate free cash flow. To get there, the company will pursue organic (in-house) and inorganic (acquisition-based) growth. The company’s blank-check combination will provide what the company described as “$335 million of gross proceeds,” a hefty sum for the company compared to its most recent funding round.

Top 50 Subreddits for Cybersecurity and Infosec

Reddit, the centralized community platform founded in 2005, is a massive social media platform, ranked as the 18th-most-visited website in the world and 7th most-visited website in the U.S. The site enjoys 52 million daily active users, and like most other areas of special interest, the cybersecurity community has taken the platform to heart. There are many subreddits dedicated to cyber news, hacking tutorials, reverse engineering and more.

Reddit’s format offers infosec and cybersecurity users the chance to really dig deep into a topic in a way that is perhaps more natural than Twitter threads or even Telegram groups. Whether it’s keeping up with breaking and developing news in cybersecurity, asking questions about malware, penetration testing, detection tools or vulnerabilities, picking up new tips for red teaming, blue teaming or learning about what’s happening at the next big cybersecurity conference, you’re bound to find a subreddit that fits your needs.

Like most social media platforms, Reddit has its own ‘netiquette’ rules, aka reddiquette, but be aware that each subreddit also defines its own rules (prominently displayed in the sidebar) in addition that participants need to be aware of.

If you haven’t yet discovered all that Reddit has to offer for cybersecurity and infosec professionals, then this is the post for you. Here’s our list of the top 50 subreddits for cybersecurity and infosec professionals.

1 AccessCyber

This relatively new subreddit offers cybersecurity career, training and education resources for “Digital Defenders”. Largely a curated list of links, AccessCyber is a useful source of info for anyone looking to improve or develop their skills, from beginners to those branching out into any of infosec’s many specialist areas.

2 apple

Billing itself as “the unofficial Apple community”, r/apple boast an incredible 2.6 million members. While the focus here is on news, rumors, opinions and analysis pertaining to Apple, its devices and software, there’s a number of useful flairs like the Daily Advice Thread, which can be used to ask for technical advice. Want to learn how to send your Watch or iPhone a message from your Mac when some long running Terminal job completes? Yep, you’ll find that and many other goodies here.

3 AskNetsec

The AskNetsec subreddit takes a Q&A format and offers a place to ask questions about information security and network security from an enterprise perspective. With over 150k members you have access to a lot of expertise in one place for all your infosec questions. This subreddit is also worth browsing as it contains a mine of information about both common and esoteric problems such as “Is there any way to download Cobalt Strike from the command line?” and “PHP command injection without $_POST or $_GET?”

4 BadApps

Malware in proprietary app stores is one of those nasty problems that can really hurt, as both users (and sometimes security software) have a poor habit of trusting software that comes from, well, trusted sources. Google’s Play Store has had more than its fair share of this problem over the years to the point where there’s a dedicated subreddit, BadApps, for discussing and coordinating the reporting of such “bad apps” to the Play Store.

5 blackhat

If vulnerabilities and exploitation are your thing, then you need to head over to the r/blackhat subreddit without delay. Here you’ll find a library of hacking techniques and research on all the latest attacks as well as more general topics like how to track the source of an image when google reverse image search doesn’t work, cryptography for pentesters, and links to both free and paid hacking tutorials and courses. This subreddit also has an IRC-style web chat site for live discussions.

6 blueteamsec


The r/blueteamsec subreddit focuses on technical intelligence, research and engineering to help blue and purple teams defend their estates. Some of the useful flairs include tradecraft (how we defend), intelligence (threat actors) and a Q&A flair for questions called help me obiwan (ask the blueteam). With over 16,000 “hunters” and “analysts”, it’s a community every blue teamer should consider joining.

7 cissp

If you’re thinking about becoming a Certified Information Systems Security Professional then you are going to want to see what you can learn from r/cissp and its nearly 40,000-strong community. This subreddit covers issues, questions and materials regarding studying, writing, and working with the CISSP exam certification.

8 CompTIA

CompTIA is one of those certs that prospective employers will either ask for or be pleased to see on your resumé. There’s apparently over 1 million certified CompTIA professionals out there, but don’t think that means the exams are easy. Underestimating the difficulty of the exams and the amount of study required is a common cause of failure. However, over at r/CompTIA, they’ve got you covered. From the “looking to get certified,” to conversations and questions from current students, this subreddit is dedicated to CompTIA certifications.

9 computerforensics


If computer forensics and DFIR are your thing, then check out r/computerforensics. Dedicated to the branch of forensic science encompassing the recovery and investigation of material found in digital devices, this subreddit is not limited to just personal computers and encompasses all media that may also fall under digital forensics (such as cellphones and video). Recent hot topics include “New Windows 10 artifact found/explored #EventTranscript.db (1 of 5 posts)” and “Disk encryption on analysis workstations / Windows 11 testing”.

10 ComputerSecurity

The Computer Security subreddit provides a curated list of links to IT security news, articles and tools as well as a place to ask cybersecurity-related questions. Questions here span the basics like “How can I best protect my PC on a home network?” to the technical such as “Can I create a secure port from my cable-supplied router”. With almost 30,000 members, there’s certain to be a slew of answers for any well-crafted question.

11 Crypto

This technical subreddit covers the theory and practice of modern cryptography, with a focus on strong algorithms and implementation. There are nearly 200,000 members discussing the “art of creating mathematical assurances for who can do what with data, including but not limited to encryption of messages such that only the keyholder can read it”.

12 cyber

The r/cyber subreddit bills “Cyber” as “the 5th Domain of Warfare”, and given the geopolitical, corporate and intelligence aspects of cyber security in recent years, that’s no overstatement. This community was founded back in 2010 from an abandoned subreddit and recently hit 10,000 members. Here you’ll find a mix of posts revolving around APTs, government policy, breach organizations, and law enforcement alerts from the likes of CISA, the FBI and more.

13 cyberlaws

If you are interested in the intersection between computing and the law, then r/cyberlaws and its 34,000 or so members is your next stop. Dedicated to legal news linked to technology, its remit covers computer crime, copyright, privacy, free speech, intellectual property, net neutrality and more. You’ll also find here posts listing cyber law courses you can take as well as both news articles and questions like “are clickbots legal for use on your own website?”.

14 cybersecurity

Another general community hangout for those that are current or aspiring technical professionals seeking to discuss cybersecurity, careers, developing threats and pretty much anything else pertaining to the ever expanding domain of cybersecurity. The r/cybersecurity subreddit aims to be “business-oriented” to handle questions from professionals and from students aiming to become professionals in the field of cybersecurity. With 275,000 members, there’s something for everyone looking to get into infosec here.

15 Cybersecurity101

In contrast to r/cybersecurity for professionals, r/Cybersecurity101 is the place to head for discussion of beginner topics concerning cybersecurity and privacy from a home, family and personal perspective. Basic questions like “Am I being keylogged” and “Does my PC have malware, a keylogger or a RAT on it” are common themes as well as similar concerns relating to mobile devices. If you’re concerned about your personal device security and not sure where to turn, this is the subreddit for you.

16 CyberSecurityJobs

If you’re looking for a new gig or just getting into the world of infosec, then r/CyberSecurityJobs should be on your list of regular stops. This subreddit has the latest jobs in Information Security, covering current job listings in cybersecurity, digital forensics, incident response and related fields. There’s also a “Mega-Thread” where job seekers are welcome to post in the commumity to attract potential employers.

17 datarecovery

The datarecovery subreddit exists as a place to discuss the ins and outs of data recovery, both logical and physical. The moderators warn that discussion is primarily aimed at education and information and that DIY datarecovery is a risky business (tl;dr: go to a pro!). That said, this subreddit is filled with useful tips and tricks as well as advice on how to find a data recovery specialist.

18 ethicalhacking

This subreddit caters for those interested in discussing computer hacking done for ethical purposes. There are flairs for newcomers as well as careers, but the majority of discussion will introduce or develop your knowledge of topics like wifi hacking, web vulnerabilities, pen testing, social engineering and essential tools like Kali Linux and Metasploit.

19 exploitdev

The exploitdev subreddit is the place to be for anyone interested in exploit development. Posts cover the whole spectrum of exploitation topics from basic beginners’ guides to advanced questions on shellcode and return-oriented programming. Whether you are interested in learning about buffer overflows, binary exploitation, fuzzing, or developing your CTF skills, you’ll find plenty of interest in this subreddit.

20 fulldisclosure

Over at r/fulldisclosure you will find a wealth of information related to breaches, data leaks, exploits, vulnerabilities and both informed and uninformed disclosures and zero days. Somewhat controversially, this subreddit declares that it will not remove posts on zero-day exploits. Fortunately, this forum doesn’t have a lot of traffic, but since it has been around since 2012 it provides an interesting and useful archive for researchers.

Top 10 Telegram Cybersecurity Groups You Should Join

21 HackBloc

If you like to mix your hacking interests with politics then hacktivism subreddit r/HackBloc may be for you. This community promotes itself as covering all interests relating to Hacktivism, Crypto-anarchy, Darknets and Free Culture and claims to be “proudly feminist, Anarchist, Anti-Capitalist, Anarchist hackers”. That should give you a fairly clear indication of whether it’s for you. If the answer is yes, you should find plenty of help and common interest among its 23,000 members.

22 hackers

The r/hackers subreddit shines a light on the most recent, interesting, and historical hacks. Topics are not necessarily technical and can also cover social engineering, commonly the most effective way to gain access to someone’s account. This community is not a Q&A help forum (see some of our other picks in this guide) but mainly caters to an audience seeking detailed news.

23 hackersec

Hackersec bills itself as a place to learn, interact and share information on Cybersecurity, CTFs, programming, cryptography, anonymity and other security-focused topics. The mods are keen to point out that the community does not welcome questions asking for help hacking in the sense of recruiting others and posts offering hacking services are likely to be banned. Welcome content includes technical how-to guides, infosec developments and newbies trying to learn fundamentals.

24 hacking

The hacking subreddit is dedicated to hacking and hackers. Constructive collaboration and learning about exploits, industry standards, grey and white hat hacking, new hardware and software hacking technology, sharing ideas and suggestions for small business and personal security. This community has an incredible 1.9 million members and is never short of interesting questions from broad advice on how to start malware analysis to specific areas like how to embed custom code inside USB device memory.

25 Hacking_Tutorials


Hacking Tutorials is a subreddit where members can post various resources that discuss and teach the art of hacking and pentesting while staying ethical and legal. There is a pinned post on how to get started as well as a list of useful websites. If you’re looking for a guided intro to something in infosec, this subreddit is a good place to start.

26 HowToHack

This subreddit is an outlet for the Zempirian wargaming community, which aims to provide challenges to teach various hacking skills to the public. r/HowToHack has a stunning 390,000 members and includes filters for hacking, pentesting, exploiting and script kiddie topics. Recent posts include questions like ‘What is your next step after gaining access to a network?’ and ‘Posting my Progress on Becoming an Ethical Hacker / Pen-tester’.

27 i2p

The Invisible Internet Project (I2P) is a fully encrypted, decentralized private network layer that aims to protect user activity and location, and r/i2p is the subreddit dedicated to information and discussions related to the I2p anonymous network. All your questions on how to set up and get I2P to work are welcome here.

28 Information_Security

Another general infosec subreddit, r/Information_Security is dedicated to providing information security news, analysis and links to blog posts as well as member questions. Recent topics include questions like ‘what is the best way to break into infosec for someone with my experience?’ and ‘Can Cisco VPN track/monitor my traffic on a personal device when disconnected?’ Almost 18,000 members ensure plenty of fresh traffic.

29 InfoSecNews

This subreddit is designed for users to post the latest Information Security related news and articles from around the Internet. The subreddit is intended to provide a location one can come and receive updated security news including security, privacy, and other security related industries or topics.

30 IOT

We’ve lost count of how many IoT devices there are predicted to be on the Internet by 2025, but it’s somewhere in the region of 30 billion units. Surprisingly, a couple of existing IoT security subreddits [1, 2] are not well populated, but r/IoT has a strong community of over 30,000 members where you can ask and learn about all things IoT related, including IoT security.

31 ISO27001

The r/ISO27001 subreddit aims to bring together like-minded professionals who want to network, discuss hot, relevant or important topics and contribute to an active ISO27001 community. Here you’ll find intro topics such as ‘I’m a new traveler on the ISO27001 journey’ as well as plenty of links to ISO27001 training and certification.

32 MacOS

Security on macOS is of increasing importance particularly in the Enterprise. Although the r/MacOS isn’t a dedicated macOS cybersecurity subreddit, with 186,000 members it is one of a number of places where new security issues can get an early mention and is worth keeping an eye on if you’re trying to stay ahead of new and developing threats for Apple’s desktop platform.

33 macsysadmin

This subreddit is definitely one for all you Mac admins out there. Here you’ll find lots of useful posts related to Mac administration, scripting, configuration profiles, remote management, firewalls, networking, MFA, and other topics that impact macOS security.

34 malware

The r/malware subreddit is a community for malware reports and information and enjoys a healthy 53,000+ members. Here you’ll find a wealth of information on the latest threats, and the forum is also a great place to ask your own questions, find things like phishing analysis tools or just discover general malware resources.

35 msp


If you’re using or thinking about using a Managed Services Provider in your organization, then msp is a subreddit for you. This community is heavily Q&A based with a lot of traffic from people seeking solutions to a wide variety of issues. With 113,000 members, there’s also lots of answers and this is definitely a friendly community where you can get help fast.

36 netsec

The r/netsec subreddit is a community for technical news and discussion of information security and closely related topics. This site is heavy on links to community-created tools available from github and similar repositories for all manner of useful scripts and programs to solve common and not so-common security problems.

37 netsecstudents

The r/netsecstudents subreddit is for students or anyone studying Network Security. This is the place to ask questions regarding your netsec homework, or perhaps you need resources for certain subjects, either way you’ll find them here! Users are welcom to contribute their own nfo or resources, too.

38 NetworkSecurity

This small community of around 6,000 doesn’t seem to have a lot of traffic at the moment, but it has been around since 2011 so there’s a wealth of useful archive material on enterprise and business network security topics, data centers, VPNs and related netsec topics.

39 opendirectories

The opendirectories is a subreddit for data hunters. Whether you’re looking for manuals on old computers or lab equipment, or desperate to find some obscure ebook, then this subreddit listing unprotected directories of images, videos, music, software and otherwise interesting files is a good place to start.

40 osx

Another general Mac related subreddit, this community has been around since 2008 (that’s OSX 10.5 Leopard era) and is another great place to keep up with what’s happening in the Mac world or to ask questions. While there’s definitely an emphasis on people running pre-macOS versions of Apple’s Desktop system, there’s still plenty of help requested and given for the newer versions and the newer M1 hardware.

21 Cybersecurity Twitter Accounts You Should Be Following in 2021

41 privacy

Cruising at over 1.2 million members, there’s no mistaking that the r/privacy community is a popular and important place to swap news and join discussions around the intersection of technology, privacy and freedom in the digital world.

42 pwned

The r/pwned subreddit discusses news of recent breaches, leaked or stolen data, and other examples of pwnage affecting the confidentiality or integrity of data. You can filter by industry such as Finance, Technology, Healthcare and Government.

43 redteamsec


This subreddit is dedicated to red and blue teaming content including malware, tradecraft, and reverse engineering. Aside from links to breaking stories and helpful articles there’s also plenty of links to shared tools, techniques and github projects aimed at red and blue teams.

44 regames

If you are interested in reverse engineering, then regames could be the ideal place for you. This is a subreddit for those who enjoy reverse engineering games, figuring out how they work, defeating cheat detection, and all of the other fun things that advanced problem solving gives.

45 reverseengineering

With 110,000 members and a history that stretches back to 2008, the r/ReverseEngineering subreddit is the granddaddy of all things RE on Reddit. This amazing subreddit has a RE Weely Questions Thread, Triannual Hiring Thread and offers a moderated community dedicated to all things reverse engineering. An absolute must for all who like taking software (and other things) apart.

46 SecurityCareerAdvice

This subreddit bills itself as “like CSCareerQuestions, only cooler. Its 9,000 members offer a place to connect those seeking to learn with those who have walked the path before. Ask questions about cybersecurity careers here, and mentors can choose to answer as they have time.

47 securityCTF

Capture the Flag competitions are a hallmark of the uber-hacker and there’s no better subreddit to hang out for CTF folks than securityCTF. Here you’ll find news and links to wargames, CTF tournaments, tutorials and walkthroughs for challenges on HackTheBox and other platforms.

48 TOR


The TOR subreddit boasts almost 180,000 users dedicated to news and discussion around the TOR anonymity software. This forum covers everything from setting up your initial TOR instance to concerns about the most anonymous and secure way to setup and use The Onion Router software.

49 websecurity

As applications and services move to the web, avoiding web vulnerabilities such as XSS and CSRF becomes critical, and that’s where the r/websecurity subreddit comes in. Here you’ll find links and discussions on the development and maintenance of secure websites, for website owners, developers and pentesters.

50 zeroday

An A-Z of cybersecurity communities wouldn’t be complete without the last letter of the alphabet, and taking up our final spot is r/zeroday (what else?). This is a small community of around 2500 members focused mainly on links to published exploits and breaking news about new vulnerabilities.

Conclusion

And that rounds up our tour of the top 50 cybersecurity subreddits. There’s something for everyone from CISOs and CIOs to SOC analysts, malware hunters, penetration testers, reverse engineers and more. What’s your favorite subreddit? Did we miss it in our list? Share with us on  LinkedIn, Twitter, YouTube or Facebook.


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

Lightyear nabs $13M Series A as online network procurement takes shape

It seems like everything is being pushed online now, but network procurement stubbornly has remained an in-person or phone-based negotiation. Lightyear, an early-stage New York City startup, decided to change that last year, and the company announced a $13.1 million Series A today.

The round was led by Ridge Ventures with participation from Zigg Capital and a slew of individual investors. Today’s investment comes on the heels of a $3.7 million seed round last October, bringing the total raised to $16.8 million.

CEO and co-founder Dennis Thankachan says that the company has been able to gain customers by offering a new way to procure network resources, which was a great improvement over manual negotiating.

“Last year we launched Lightyear, which was the first tool for buying your telecom infrastructure on the web. And although changing behaviors and the way that enterprises have done things for years is difficult, the status quo in telecom has been zero transparency, no web-based ways to do things, and oftentimes interfacing with really, really large vendors where you have no negotiating leverage even if you’re a big enterprise. That experience was so poor that a lot of enterprises were extremely happy to see what we put in the market,” he said.

What Lightyear offers is an online marketplace where companies can interact with vendors and get a range of price quotes to make a more informed buying decision. The company spent a lot of time improving the product since last October when you could configure some basic stuff, get a price quote and Lightyear would help you buy it.

Now Thankachan says that the solution covers the full life cycle of services including configuring a bigger array of services, helping manage the installation of the services and helping reduce the amount of delays and errors in installs. Finally, they help track and manage network inventory and can automate renewal for a whole group of services.

That has resulted in 4X growth in just nine months since the last round. In addition, the company had relationships with 400 vendors in October and has grown that to mid-500 vendors today. The startup has also doubled the number of employees to around 20.

Thankachan says that as a person of color he is particularly cognizant about building a diverse and inclusive culture. “I’m a person of color, who has been a minority in different work environments in the past, and I know how that feels and how frustrating that can be for a person who feels like their voice is not heard. […] So I think we can start to build a culture that is not necessarily the norm in [the telecommunications industry] by trying to give opportunities to [underrepresented] people,” he said.

Yousuf Khan, a partner at Ridge Ventures, who is leading the round and will be joining the board under the terms of the deal, says that as a former CIO he found Lightyear’s approach quite appealing.

“As a former CIO and someone who has led global technology operations, it’s refreshing to see Lightyear transforming the way business infrastructure gets bought…I wish Lightyear existed during my years as a CIO,” Khan said in a statement.

 

Scaling CockroachDB in the red ocean of relational databases

Most database startups avoid building relational databases, since that market is dominated by a few goliaths. Oracle, MySQL and Microsoft SQL Server have embedded themselves into the technical fabric of large- and medium-size companies going back decades. These established companies have a lot of market share and a lot of money to quash the competition.

So rather than trying to compete in the relational database market, over the past decade, many database startups focused on alternative architectures such as document-centric databases (like MongoDB), key-value stores (like Redis) and graph databases (like Neo4J). But Cockroach Labs went against conventional wisdom with CockroachDB: It intentionally competed in the relational database market with its relational database product.

While it did face an uphill battle to penetrate the market, Cockroach Labs saw a surprising benefit: It didn’t have to invent a market. All it needed to do was grab a share of a market that also happened to be growing rapidly.

Cockroach Labs has a bright future, compelling technology, a lot of money in the bank and has an experienced, technically astute executive team.

In previous parts of this EC-1, I looked at the origins of CockroachDB, presented an in-depth technical description of its product as well as an analysis of the company’s developer relations and cloud service, CockroachCloud. In this final installment, we’ll look at the future of the company, the competitive landscape within the relational database market, its ability to retain talent as it looks toward a potential IPO or acquisition, and the risks it faces.

CockroachDB’s success is not guaranteed. It has to overcome significant hurdles to secure a profitable place for itself among a set of well-established database technologies that are owned by companies with very deep pockets.

It’s not impossible, though. We’ll first look at MongoDB as an example of how a company can break through the barriers for database startups competing with incumbents.

When life gives you Mongos, make MongoDB

Dev Ittycheria, MongoDB CEO, rings the Nasdaq Stock Market Opening Bell. Image Credits: Nasdaq, Inc

MongoDB is a good example of the risks that come with trying to invent a new database market. The company started out as a purely document-centric database at a time when that approach was the exception rather than the rule.

Web developers like document-centric databases because they address a number of common use cases in their work. For example, a document-centric database works well for storing comments to a blog post or a customer’s entire order history and profile.

“Developers, as you know, do not like to pay for things”

In the previous part of this EC-1, we looked at the technical details of CockroachDB and how it provides accurate data instantaneously anywhere on the planet. In this installment, we’re going to take a look at the product side of Cockroach, with a particular focus on developer relations.

As a business, Cockroach Labs has many things going for it. The company’s approach to distributed database technology is novel. And, as more companies operate on a global level, CockroachDB has the potential to gain some significant market share internationally. The company is seven years into a typical 10-year maturity model for databases, has raised $355 million, and holds a $2 billion market value. It’s considered a double unicorn. Few database companies can say this.

The company is now aggressively expanding into the database-as-a-service space, offering its own technology in a fully managed package, expanding the spectrum of clients who can take immediate advantage of its products.

But its growth depends upon securing the love of developers while also making its product easier to use for new customers. To that end, I’m going to analyze the company’s pivot to the cloud as well as its extensive outreach to developers as it works to set itself up for long-term, sustainable success.

Cockroach Labs looks to the cloud

These days, just about any company of consequence provides services via the internet, and a growing number of these services are powered by products and services from native cloud providers. Gartner forecasted in 2019 that cloud services are growing at an annual rate of 17.5%, and there’s no sign that the growth has abated at all.

Its founders’ history with Google back in the mid-2000s has meant that Cockroach Labs has always been aware of the impact of cloud services on the commercial web. Unsurprisingly, CockroachDB could run cloud native right from its first release, given that its architecture presupposes the cloud in its operation — as we saw in part 2 of this EC-1.

How engineers fought the CAP theorem in the global war on latency

CockroachDB was intended to be a global database from the beginning. The founders of Cockroach Labs wanted to ensure that data written in one location would be viewable immediately in another location 10,000 miles away. The use case was simple, but the work needed to make it happen was herculean.

The company is betting the farm that it can solve one of the largest challenges for web-scale applications. The approach it’s taking is clever, but it’s a bit complicated, particularly for the non-technical reader. Given its history and engineering talent, the company is in the process of pulling it off and making a big impact on the database market, making it a technology well worth understanding. In short, there’s value in digging into the details.

Using CockroachDB’s multiregion feature to segment data according to geographic proximity fulfills Cockroach Labs’ primary directive: To get data as close to the user as possible.

In part 1 of this EC-1, I provided a general overview and a look at the origins of Cockroach Labs. In this installment, I’m going to cover the technical details of the technology with an eye to the non-technical reader. I’m going to describe the CockroachDB technology through three questions:

  1. What makes reading and writing data over a global geography so hard?
  2. How does CockroachDB address the problem?
  3. What does it all mean for those using CockroachDB?

What makes reading and writing data over a global geography so hard?

Spencer Kimball, CEO and co-founder of Cockroach Labs, describes the situation this way:

There’s lots of other stuff you need to consider when building global applications, particularly around data management. Take, for example, the question and answer website Quora. Let’s say you live in Australia. You have an account and you store the particulars of your Quora user identity on a database partition in Australia.

But when you post a question, you actually don’t want that data to just be posted in Australia. You want that data to be posted everywhere so that all the answers to all the questions are the same for everybody, anywhere. You don’t want to have a situation where you answer a question in Sydney and then you can see it in Hong Kong, but you can’t see it in the EU. When that’s the case, you end up getting different answers depending where you are. That’s a huge problem.

Reading and writing data over a global geography is challenging for pretty much the same reason that it’s faster to get a pizza delivered from across the street than from across the city. The essential constraints of time and space apply. Whether it’s digital data or a pepperoni pizza, the further away you are from the source, the longer stuff takes to get to you.

CockroachDB, the database that just won’t die

There is an art to engineering, and sometimes engineering can transform art. For Spencer Kimball and Peter Mattis, those two worlds collided when they created the widely successful open-source graphics program, GIMP, as college students at Berkeley.

That project was so successful that when the two joined Google in 2002, Sergey Brin and Larry Page personally stopped by to tell the new hires how much they liked it and explained how they used the program to create the first Google logo.

Cockroach Labs was started by developers and stays true to its roots to this day.

In terms of good fortune in the corporate hierarchy, when you get this type of recognition in a company such as Google, there’s only one way you can go — up. They went from rising stars to stars at Google, becoming the go-to guys on the Infrastructure Team. They could easily have looked forward to a lifetime of lucrative employment.

But Kimball, Mattis and another Google employee, Ben Darnell, wanted more — a company of their own. To realize their ambitions, they created Cockroach Labs, the business entity behind their ambitious open-source database CockroachDB. Can some of the smartest former engineers in Google’s arsenal upend the world of databases in a market spotted with the gravesites of storage dreams past? That’s what we are here to find out.

Berkeley software distribution

Mattis and Kimball were roommates at Berkeley majoring in computer science in the early-to-mid-1990s. In addition to their usual studies, they also became involved with the eXperimental Computing Facility (XCF), an organization of undergraduates who have a keen, almost obsessive interest in CS.