Infosec Reading List – August 2018
On a monthly basis I will publish my reading recommendations which mainly focus on Information Security and Outdoor Sports – but you will also find other recommendations from time to time.
All InfoSec Reading Lists can be found here.
Best of Twitterverse
- Who Wasn’t Responsible for Olympic Destroyer? – “The threat actor responsible for the attack has purposefully included evidence to frustrate analysts and lead researchers to false attribution flags.” – one of the reasons why attribution is so complicated and so dangerous – good article showing the possibilities you have as an investigator and the difficulties – “Attribution is hard. Rarely do analysts reach the level of evidence that would lead to a conviction in a courtroom.” – word! – link
- How Apple store all your email metadata for years on their servers – collect it all – all of it! – link
- Why you need a better handle on the WhatsApp, Signal and Telegram apps – interesting perspective on the perception of people – “Second, 50 percent of the study’s participants said they believed SMS text messages and landline phone calls were just as secure, or even more secure, than an encrypted message.” – don’t blame the people – blame our industry which still does a bad job in terms of communication and awareness – link
- A Look Into Signal’s Encrypted Profiles – Can this feature get abused for OSINT discovery? – one of the reasons to choose Signal over WhatsApp – link
- Remote Code Execution on a Facebook server – link
- The dark side of XSS and hacking into Password Vault – no, not only used for pop-ups – link
- Smartphone security risk compared to “having a ghost user on your phone” – fresh research on Android ecosystem – “Also shown in the video, and possibly more worrisome, is the ability of AT commands to bypass the lock screen” – “By sending one command, despite there being a password enabled, you could just skip straight to the home screen. It was quite shocking because this was all done with little text commands we were sending through a USB cable.” – link
- View Private Instagram Photos – link
- Remote Mac Exploitation Via Custom URL Schemes – “Applications can “advertise” that they handle various documents or file types – The OS will automatically register those “document handlers” as soon as the app hits the disk” – a clever abuse of what was meant to make things easier for the enduser now ends up in a big threat called Windshift APT – link
- CLI: improved – link
- FakesApp: A Vulnerability in WhatsApp – link