Infosec Reading List – May 2022

On a monthly basis I will publish my reading recommendations which mainly focus on Information Security and Outdoor Sports.

All InfoSec Reading Lists can be found here.

Quotes from the Twitterverse

Infosec

  • Follina — a Microsoft Office code execution vulnerabilitylink
  • PDF Malware Is Not Yet Deadlink
  • Password policy guidance link
  • Google: Predator spyware infected Android devices using zero-dayslink
  • Researchers devise iPhone malware that runs even when device is turned off “The findings have limited real-world value since infections required a jailbroken iPhone, which in itself is a difficult task, particularly in an adversarial setting.”link
  • NSA Swears It Won’t Allow Backdoors in New Encryption Standards 😉““There are no backdoors,” Rob Joyce, the NSA’s director of cybersecurity told the news outlet.”link
  • American Phone-Tracking Firm Demo’d Surveillance Powers by Spying on CIA and NSA“To prove that the technology worked, Clark pointed A6’s powers inward, spying on the National Security Agency and CIA, using their own cellphones against them.” – “In addition to location, A6 claimed that it has built a library of over 2 billion email addresses and other personal details that people share when signing up for smartphone apps that can be used to identify who the GPS ping belongs to.”link
  • Automated OS testing on physical laptopslink
  • UNC3524: Eye Spy on Your Emaillink
  • Remote Code Execution via VirusTotal Platformlink
  • Leaked Chats Show LAPSUS$ Stole T-Mobile Source Codelink

Outdoor

  • I Lived the #VanLife. It Wasn’t Pretty.link

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s