Infosec Reading List – July 2017

On a monthly basis I will publish my reading recommendations which mainly focus on Information Security and Outdoor Sports – but you will also find other recommendations from time to time.
All InfoSec Reading Lists can be found here.
Best of Twitterverse
InfoSec
- Pnyetya: Yet Another Ransomware Outbreak – link
- If the focus of cybersecurity programs continues to be on designing better technologies to combat the growing menace of cyberattacks, we’ll continue to neglect the most important aspect of security — the person in the middle. – link
- Some interesting aspects of bringing a device into China the secure way – Travel (Linux) laptop setup – link
- The 5 Stages of Data Breach Grief – link
- A curated list of amazingly awesome OSINT – link
- The .io Error – Taking Control of All .io Domains With a Targeted Registration – hijacking (unregistered) nameservers for a TLD can end up very badly in case this is done by adversaries – automatic redirections to drive-by malware servers, phishing websites etc. would be possible. Additionally, it could have a privacy impact on people visiting .io domains. A mitigation could be to make sure that all nameservers in the delegation chain are properly registered – this could be checked automatically on a frequent basis – link
- Beyond public key encryption – link
- Rooting a Printer: From Security Bulletin to Remote Code Execution – link
- Google’s Elite Hacker SWAT Team vs. Everyone – link
Layer 7
- One Cloud-based Local File Inclusion = Many Companies affected – that’s the risk in case you use 3rd party software which source code you don’t own – link
- Red Team Insights on HTTPS Domain Fronting Google Hosts Using Cobalt Strike – link
- Hunting in the Dark – Blind XXE – link
- Lifting the clouds from cloud investigations – investigating an Office 365 environment based on logfiles – link
IoT (with S for “Security”)
- Victoria Police cancel hundreds of speeding fines after WannaCry virus attack – link
- Now your nightlight can notify you of retweets and emails – obviously we have reached that level already – link
Malware/Phishing
- NonPetya: no evidence it was a “smokescreen” – link
- LeakerLocker: Mobile Ransomware Acts Without Encryption – the interesting part of this malware is that it threatens to share private content with people in the contact list – we have to expect more malware/ransomware like this which threatens to publish private information in the future – link
- PayBreak – Generically recovering from ransomware including WannaCry/WannaCryptor – the weakness of these kind of approaches is the need to install yet another agent on the endpoints which should act as a preventative measure, similar to an AV – the solution can’t be to install an agent for whatever risk you face – link
- Can files locked by WannaCry be decrypted: A technical analysis – link
Mobile Related
- Two Ztorg Trojans Removed from Google Play Store Are Definitely Better – on the difficulty of finding malicious code updates of android apps – link
- Google Play is fighting an uphill battle against Android adware – link
Outdoors
- New Conquerors of The Useless — The Role Of Achieving Nothing in a World Obsessed with Doing Everything – link
MISC
- Brain Drain: The Mere Presence of One’s Own Smartphone Reduces Available Cognitive Capacity – “We all understand the joys of our always-wired world – the connections, the validations, the laughs … the info. … But we are only beginning to get our minds around the costs.” – link
- Ten Steps to Better Public Speaking – link
- Documents expose how Hollywood promotes war on behalf of the Pentagon, CIA and NSA – link