Infosec Reading List – July 2017

On a monthly basis I will publish my reading recommendations which mainly focus on Information Security and Outdoor Sports – but you will also find other recommendations from time to time.

All InfoSec Reading Lists can be found here.

Best of Twitterverse






InfoSec

  • Pnyetya: Yet Another Ransomware Outbreaklink
  • If the focus of cybersecurity programs continues to be on designing better technologies to combat the growing menace of cyberattacks, we’ll continue to neglect the most important aspect of security — the person in the middle.link
  • Some interesting aspects of bringing a device into China the secure way – Travel (Linux) laptop setuplink
  • The 5 Stages of Data Breach Grieflink
  • A curated list of amazingly awesome OSINTlink
  • The .io Error – Taking Control of All .io Domains With a Targeted Registration – hijacking (unregistered) nameservers for a TLD can end up very badly in case this is done by adversaries – automatic redirections to drive-by malware servers, phishing websites etc. would be possible. Additionally, it could have a privacy impact on people visiting .io domains. A mitigation could be to make sure that all nameservers in the delegation chain are properly registered – this could be checked automatically on a frequent basis – link
  • Beyond public key encryptionlink
  • Rooting a Printer: From Security Bulletin to Remote Code Executionlink
  • Google’s Elite Hacker SWAT Team vs. Everyonelink

Layer 7

  • One Cloud-based Local File Inclusion = Many Companies affected – that’s the risk in case you use 3rd party software which source code you don’t own – link
  • Red Team Insights on HTTPS Domain Fronting Google Hosts Using Cobalt Strikelink
  • Hunting in the Dark – Blind XXElink
  • Lifting the clouds from cloud investigations – investigating an Office 365 environment based on logfiles – link

IoT (with S for “Security”)

  • Victoria Police cancel hundreds of speeding fines after WannaCry virus attacklink
  • Now your nightlight can notify you of retweets and emails – obviously we have reached that level already – link

Malware/Phishing

  • NonPetya: no evidence it was a “smokescreen”link
  • LeakerLocker: Mobile Ransomware Acts Without Encryption – the interesting part of this malware is that it threatens to share private content with people in the contact list – we have to expect more malware/ransomware like this which threatens to publish private information in the future – link
  • PayBreak – Generically recovering from ransomware including WannaCry/WannaCryptor – the weakness of these kind of approaches is the need to install yet another agent on the endpoints which should act as a preventative measure, similar to an AV – the solution can’t be to install an agent for whatever risk you face – link
  • Can files locked by WannaCry be decrypted: A technical analysislink

Mobile Related

  • Two Ztorg Trojans Removed from Google Play Store Are Definitely Better – on the difficulty of finding malicious code updates of android apps – link
  • Google Play is fighting an uphill battle against Android adwarelink

Outdoors

  • New Conquerors of The Useless — The Role Of Achieving Nothing in a World Obsessed with Doing Everythinglink

MISC

  • Brain Drain: The Mere Presence of One’s Own Smartphone Reduces Available Cognitive Capacity“We all understand the joys of our always-wired world – the connections, the validations, the laughs … the info. … But we are only beginning to get our minds around the costs.” link
  • Ten Steps to Better Public Speakinglink
  • Documents expose how Hollywood promotes war on behalf of the Pentagon, CIA and NSAlink

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s