Infosec Reading List – May 2022
On a monthly basis I will publish my reading recommendations which mainly focus on Information Security and Outdoor Sports.
All InfoSec Reading Lists can be found here.
Quotes from the Twitterverse
- Follina — a Microsoft Office code execution vulnerability – link
- PDF Malware Is Not Yet Dead – link
- Password policy guidance – link
- Google: Predator spyware infected Android devices using zero-days – link
- Researchers devise iPhone malware that runs even when device is turned off – “The findings have limited real-world value since infections required a jailbroken iPhone, which in itself is a difficult task, particularly in an adversarial setting.” – link
- NSA Swears It Won’t Allow Backdoors in New Encryption Standards 😉 – ““There are no backdoors,” Rob Joyce, the NSA’s director of cybersecurity told the news outlet.” – link
- American Phone-Tracking Firm Demo’d Surveillance Powers by Spying on CIA and NSA – “To prove that the technology worked, Clark pointed A6’s powers inward, spying on the National Security Agency and CIA, using their own cellphones against them.” – “In addition to location, A6 claimed that it has built a library of over 2 billion email addresses and other personal details that people share when signing up for smartphone apps that can be used to identify who the GPS ping belongs to.” – link
- Automated OS testing on physical laptops – link
- UNC3524: Eye Spy on Your Email – link
- Remote Code Execution via VirusTotal Platform – link
- Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code – link
- I Lived the #VanLife. It Wasn’t Pretty. – link