Infosec Reading List – September 2021

Hiking the White Desert - Egypt

On a monthly basis I will publish my reading recommendations which mainly focus on Information Security and Outdoor Sports.

All InfoSec Reading Lists can be found here.

Best of Twitterverse





InfoSec

  • NSO Group iMessage Zero-Click Exploit Captured in the Wildlink
  • A Complete Guide to Tagging for Personal Knowledge Management – helpful article in case you are interested in personal knowledge management – link
  • Juniper Breach Mystery Starts to Clear With New Details on Hackers and U.S. Role – another example why it’s impossible to create one backdoor that only the “good” can use – link
  • “Secret” Agent Exposes Azure Customers To Unauthorized Code Execution“When users enable any of these popular services, OMI is silently installed on their Virtual Machine, running at the highest privileges possible. This happens without customers’ explicit consent or knowledge.” – what comes to my mind reading this is the old topic of transparency in the cloud: how much transparency do you as customers have and how much do you actually need? we talked about this misalignment already one decade ago, here“With a single packet, an attacker can become root on a remote machine by simply removing the authentication header.”link
  • Allow arbitrary URLs, expect arbitrary code executionlink

Outdoor

  • Views you have to see to believe: 9 must-do hikes in Switzerland – some of those I already did, like the Rigi, Aletsch and parts of the Haute Routelink

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s