On a monthly basis I will publish my reading recommendations which mainly focus on Information Security and Outdoor Sports – but you will also find other recommendations from time to time.

All InfoSec Reading Lists can be found here.

Best of Twitterverse

InfoSec

• Let’s get fancy with false flags – attribution is hard in the cyber field – don’t get fooled by evidence that isn’t any – link
• Breaking Out of Citrix and other Restricted Desktop Environments – including RDP sessions – nice overview – link
• How My Instagram Hacker Changed My Life – “But by robbing me of my online identity, my hacker had unshuttered a window to life in the country of my birth. “ – link
• 2017 Internet Organised Crime Threat Assessment
  (IOCTA) Report – [pdf] – link
• Equihax: fact enabled wild speculation – The important things are always simple. The simple things are always hard. The easy way is always mined. Murphy’s Laws of Enterprise Information Security – link

Layer 7

• How I hacked hundreds of companies through their helpdesk – logical flaw in several social media & communication pages – link
• How I got $13337 bounty From Google – as mentioned above, the simple things are always hard – link
• Chrome’s Plan to Distrust Symantec Certificates – this happens if you constantly fail to comply with industry standards – especially this list demonstrates the big issue Symantec has – link

IoT (with S for “Security”)

• An RTSP surveillance camera access multitool – link

Mobile Related

• Analysis of the Facebook.app for iOS [v. 87.0] – including FBNativeAppModule_DO_NOT_USE_OR_YOU_WILL_BE_FIRED – link
• Hacking iOS Applications – a detailed testing guide – [pdf] – link

Outdoors

• ‘There Have Always Existed People Who’ve Simply Wanted to be Alone’ – link
• The Art of Adventure Writing – link
• Aidan Haley on How to Become an Adventure Filmmaker – link