Infosec Reading List – January 2021

Flora on La Reunion

On a monthly basis I will publish my reading recommendations which mainly focus on Information Security and Outdoor Sports.

All InfoSec Reading Lists can be found here.

Best of Twitterverse






InfoSec

  • Nintendo Conducted Invasive Surveillance Operation Against Homebrew Hackerlink
  • SAD DNS Explainedlink
  • Ubiquiti says customer data may have been accessed in data breach – I still struggle to understand why we need online, cloud-based accounts for local WIFI hardware – do we really need to put everything on the Internet simply because we can? – link
  • My current setup with ArchLinuxARM/DanctNIX mobilelink
  • Dozens of journalists’ iPhones hacked with NSO ‘zero-click’ spyware, says Citizen Lab“… that exploited a now-fixed vulnerability in Apple’s iMessage. The attack invisibly compromised the devices without having to trick the victims into opening a malicious link.”link
  • Default Credentials Cheat Sheetlink
  • Qubes Network viewer – nice try based on qvm-ls output via dom0 – see discussion here and source code here
  • Security Leadership: Moving On“In Security and leadership roles in general, there will always be more work to be done. It’s not a sprint, or a marathon, or a 100-mile endurance race.”link
  • New campaign targeting security researcherslinklink link
  • Most Tools Failed to Detect the SolarWinds Malware. Those That Did Failed Too – there is a lot of truth in this article and I’m sure that the security industry sales machinery won’t like it but we need to get over it to do better next time – “APTs, as they are known in the trade, are all over the marketing campaigns of every major cybersecurity vendor. And yet, apparently, the actors behind the SolarWinds hack easily evaded them all.” – “What finally led to the discovery of the intruder at FireEye was not any detection system but some good old fashioned detective work by a system administrator who investigated a failed attempt to add a device for multifactor authentication.”link

Outdoor

  • None

One Comment on “Infosec Reading List – January 2021

  1. Pingback: Infosec Reading List – April 2021 | Dominik Birk

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s