Infosec Reading List – September 2018
On a monthly basis I will publish my reading recommendations which mainly focus on Information Security and Outdoor Sports – but you will also find other recommendations from time to time.
All InfoSec Reading Lists can be found here.
Best of Twitterverse
- How I Hacked BlackHat 2018 – the title could be misleading and sounds like clickbait but it is indeed a facepalm moment – link
- Attacking Wireshark – isolation is the key – then you can even let it run as root 😀 – link
- Why I’m done with Chrome – outcome of the forced login policy for Chrome – link
- Was the Efail disclosure horribly screwed up? – You need to simultaneously (a) make sure every vendor has as much advance notice as possible, so they can patch their software. But at the same time (b) you need to avoid telling literally anyone, because nothing on the Internet stays secret – this pretty much hits the nail if you ask me – link
- Machine Learning Confronts the Elephant in the Room – Most neural networks lack this ability to go backward. It’s a hard trait to engineer. One advantage of feed-forward networks is that they’re relatively straightforward to train process an image through these six layers and get an answer – link
- The Effectiveness of Publicly Shaming Bad Security – on the topic of “constructive” shaming, in case something like this exists – link
- LM, NTLM, Net-NTLMv2, oh my! – A Pentester’s Guide to Windows Hashes – link
- Between You, Me, and Google: Problems With Gmail’s “Confidential Mode” – link
- No, Panera Bread Doesn’t Take Security Seriously – what could make things easier for all involved parties is the usage of security.txt – link
- Google’s top fraud fighter explains why it’s risky to brag about owning bitcoin – link