On a monthly basis I will publish my reading recommendations which mainly focus on Information Security (InfoSec) and Outdoor Sports. All InfoSec Reading Lists can be found here.
Quotes from the Twitterverse
InfoSec
- Make Confide great again? No, we cannot - [link]
- How Much Your Org Reaction to a Tweet Says? - It’s all about asset management - [link]
- Password Magic Numbers - 28 character password on Win machines - read here why - [link]
- Lessons Learned in Detection Engineering - [link]
- PoC GTFO - [pdf] - [link]
- Setting the Record Straight: containers vs. Zones vs. Jails vs. VMs - [link]
- How Long Does It Take to Crack Your Password? - baseline explanation around the topic of password complexity - [link]
- Penetration Testing Tools Cheat Sheet - [link]
- Securing Browsers Through Isolation Versus Mitigation - on the difference of Edge vs Chrome in regards to approaching a secure browser - [link]
- How my car insurance exposed my position - - [link]
- Google Bug Bounty - The 5k Error Page - [link]
- Finding an arbitrary file upload vulnerability in a filesharing script - Repeat once again: never trust client data - [link]
- Web Bluetooth API Privacy - this sounds spooky but obviously is the way forward to connect browser environments to the surrounding IoT environment - what could possibly go wrong? - “Can we realistically assume that users in general will know the distinction between pairing a local smartphone/kettle/beacon with a local laptop, and pairing a smartphone/kettle/beacon/toothbrush with a remote site?” - [link] - [link]
- Cybercrime on the high seas: the new threat facing billionaire superyacht owners - [link]
- Radio Controlled Pacemakers Are Easily Hacked - [link]
- Bad malware, worse reporting - Ross Anderson on the hype around the Wannacry malware - [link]
- Patching is Hard - some thoughts from Steven Bellovin - [link]
- Op-ed: It’s time for Google to take responsibility for Android’s security updates - On the responsibility of patching android devices - [link]
- Android Encryption Demystified - [link]