Infosec Reading List - December 2020
On a monthly basis I will publish my reading recommendations which mainly focus on Information Security (InfoSec) and Outdoor Sports. All InfoSec Reading Lists can be found here. Text in italic represent quotes from the original article.
Quotes from the Twitterverse
InfoSec
- Ok Google: please publish your DKIM secret keys - “Solving this problem requires only a small additional element: Google needs to publish the secret key portion of its keypairs once they’ve been rotated out of service. They should post this secret key in an easily-accessible public location so that anyone can use it to forge alleged historical emails from any Google user. The public availability of Google’s signing key would make any new email leak cryptographically deniable. Since any stranger would have been able to forge a DKIM signatures, DKIM signatures become largely worthless as evidence of authenticity.” – I have my strong doubts that Google will do so and I can also imagine that there are some kind of legal challenges associated with it - [link]
- Ransomware-as-a-service: The pandemic within a pandemic - “While incidents continue to come to light, there is a lot the cybersecurity industry doesn’t know: the volume of attacks, average cost of remediation and organizations who choose to stay silent once an attack has occurred.” - [link]
- Hunting for Malicious Packages on PyPI - great article, great writeup and clear way of addressing the issue, really enjoyed it – “I still don’t like that it’s possible to run arbitary commands on a user’s system just by them pip installing a package.” - [link]
- Qubes Survey: The Results - [link]
- Don’t Put It on the Internet: Tesla Backup Gateway Edition - “In this edition, we address Tesla Backup Gateways and identify some key areas where Tesla could improve security and privacy to help customers protect themselves.” - [link]
- Important steps for customers to protect themselves from recent nation-state cyberattacks - [link]
- Why Soft Skills Are Key to Success in Tech – And How to Develop Them - very much applicable to infosec! – “You need to be able to communicate what the problem is, what the solution you’re recommending is, and why it’s necessary in terms your audience can understand.” – doing effective infosec work in multinational corporations isn’t relying on tech only – your tech skills will not leave a longterm impact in case you don’t communicate them properly - [link]
- Solarwinds - the core topic in December 2020 – here are the articles I read – attribution is complicated, let’s just keep that in mind - [link] - [link] - [link] - [link] - [link] - [link]
- Russia’s SolarWinds Attack - “And since this Russian operation isn’t at all targeted, the entire world is at risk — and not just from Russia. Many countries carry out these sorts of operations, none more extensively than the US.” – “The reason is that, by international norms, Russia did nothing wrong. This is the normal state of affairs. Countries spy on each other all the time. There are no rules or even norms, and it’s basically “buyer beware.”” – “If anything, the US’s prioritization of offense over defense makes us less safe.” - [link]
- Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers - “Evidence suggests that as early as October 2019, these attackers have been testing their ability to insert code by adding empty classes.” – “All these inspections are carried out to avoid exposing the malicious functionality to unwanted environments, such as test networks or machines belonging to SolarWinds.” - [link]
- Best of 2020: Signal App Crypto Cracked, Claims Cellebrite - bad marketing if you ask me, and yes, there is an official answer from Signal - [link] - [link]
- A Watch, a Virtual Machine, and Broken Abstractions - [link]
- An exploration of the cybercrime ecosystem around Shodan - [link]
- China Used Stolen Data to Expose CIA Operatives in Africa and Europe - “Today, the data-driven nature of everyday life creates vast clusters of information that can be snatched in a single move and then potentially used by Beijing to fuel everything from targeting individual American intelligence officers to bolstering Chinese state-backed businesses.” – this is not limited to US vs China - it affects all nations and people - [link]
Outdoor
- Under the Open Skies - [link]
This post is licensed under CC BY 4.0 by the author.