Infosec Reading List - January 2019
On a monthly basis I will publish my reading recommendations which mainly focus on Information Security (InfoSec) and Outdoor Sports. All InfoSec Reading Lists can be found here. Text in italic represent quotes from the original article.
Quotes from the Twitterverse
InfoSec
- Head-to-head evaluation of six password managers - [link]
- Reading ASP secrets for $17,000 - [link]
- Persistent XSS (unvalidated Open Graph embed) at LinkedIn.com - [link]
- Can’t unlock an Android phone? No problem, just take a Skype call: App allows passcode bypass - [link]
- Notes about hacking with drop tools - [link]
- Setback in the outback - [link]
- Inside an Epic Hotel Room Hacking Spree - fascinating story about a hotel hacking guy exploiting a published vulnerabilities in hotel doors in order to steal stuff from guests - we will see and read these kind of stories more often in the upcoming decades simply due to the fact that we connect more and more of our daily life to the Internet or simply “digitize” the processes (as has happened with the hotel room locks in the story above). What has been digitized, can be pwned - [link]
- A Chief Security Concern for Executive Teams - The reality among high-tech firms that make up the top 50 companies in the NASDAQ market was even more striking: Fewer than half listed a CTO in their executive ranks, and I could find only three that featured a person with a security title - [link]
- Windows 10 on Qubes OS 4.0 - [link]
- NSA poster from the 50s and 60s - they contain a very specific sense of humor if you ask me [pdf] - [link]
- Password Tips from a Pen Tester: Are 12-Character Passwords Really Stronger, or Just a Dime a Dozen? - [link]
- North Korean hackers infiltrate Chile’s ATM network after Skype job interview - “the Redbanc employee was asked to download, install, and run a file named ApplicationPDF.exe, a program that would help with the recruitment process and generate a standard application form. … The Redbanc incident is yet another example of how one worker clicking on the wrong link or running the wrong file can result in a major security breach, and how one hacked PC or laptop can lead to an entire network getting compromised.” - [link]
- Day 12: 10 Reasons Why Security Sucks - a lot of good arguments and aspects to consider - [link]
- Hacking Fortnite Accounts - [link]
Outdoor
- Meet a man who has lived alone on an island for 32 years - “Solitude can be stressful for members of technologically advanced societies who have been trained to believe that aloneness is to be avoided,” explains Pete Suedfeld in Loneliness: A Sourcebook of Current Theory, Research and Therapy - [link]
- The Gear That Propelled Colin O’Brady Across Antarctica - [link]
- The Trouble with Social Media in the Outdoors - “If you are an outdoor ‘brand ambassador’, an ‘influencer’ or a ‘professional adventurer’, your outdoor ethos cannot be based on what is appropriate for you alone, or for the lone adventurer persona you present to the world; it needs to be based on what is appropriate for you accompanied by your 300k, or whatever, followers. …All in all, I think rather than getting us closer together, helping us understand each other, social media tends to drive us apart.” - this is an important article describing the issues of our time in regards to follower, brand ambassadors and the final victim of this whole madness: mother nature - [link]
This post is licensed under CC BY 4.0 by the author.