Infosec Reading List – November 2018

On a monthly basis I will publish my reading recommendations which mainly focus on Information Security and Outdoor Sports – but you will also find other recommendations from time to time.
All InfoSec Reading Lists can be found here.
Best of Twitterverse
InfoSec
- WebExec is a vulnerability in, as the name implies, Cisco’s WebEx client software. – link
- Masscan as a lesson in TCP/IP – link
- The Next Chapter: From the Endpoint to the Cloud – some important changes regarding Qubes OS – link
- Does Facebook even need a CSO? – link
- Zero-Width Characters – Invisibly fingerprinting text – the article contains some interesting links that I recommend to follow and read – this is actually an interesting topic that journalists specifically should be aware of – link
- nomoreransom.org – might be helpful for impacted users – keep in mind: “Unfortunately, in many cases, once the ransomware has been released into your device there is little you can do unless you have a backup or security software in place.” – link
- When China Rules the Web – link
- Singing the Blues: Taking Down an Insider Threat – link
- Out of Pocket: How an ISP Exposed Administrative System Credentials – S3 config failure again – link
- How to build your own motion-activated security camera – instructions for the paranoid hotel users – link
- Supply Chain Security 101: An Expert’s View – “The federal government has been worrying about this kind of problem for decades. In the 70s and 80s, the government was more dominant in the technology industry and didn’t have this massive internationalization of the technology supply chain.” – link
- What’s new in Windows Defender ATP – link