Infosec Reading List - July 2022
On a monthly basis I will publish my reading recommendations which mainly focus on Information Security (InfoSec) and Outdoor Sports. All InfoSec Reading Lists can be found here. Text in italic represent quotes from the original article.
Quotes from the Twitterverse
InfoSec
- Career Advice and Professional Development - [link]
- No, You Haven’t Forgotten Everything - [link]
- How much does access to corporate infrastructure cost? - [link]
- I’ve locked myself out of my digital life - [link]
- Apple expands industry-leading commitment to protect users from highly targeted mercenary spyware - [link]
- The 10 Best Books on Productivity - [link]
- 0-days sold by Austrian firm used to hack Windows users, Microsoft says - [link]
- How mercenary hackers sway litigation battles - “Hacking is the easiest way to get results,” - [link]
- Knowing Your Place: The Implications Of GPS Spoofing And Jamming - [link]
- The hard truth about ransomware: we aren’t prepared, it’s a battle with new rules, and it hasn’t near reached peak impact. - this is an article from 2021, but still pretty much actual - “While these are and will remain very real problems, the reality is ransomware has become an operational materialized risk to entire communities — it isn’t a risk, it’s a reality in the early stages of playing out.“ - interesting perspective, basically a risk where the probability is 100% - „Security foundations, such as ensuring already purchased tools are actually implemented and maintained, are by far the most valuable steps any organization can take - but a trillion dollar security industry making noise is rarely about doing this.“ - this is sad but it’s true, too much money is spent before thinking how to actually operationalize it for gaining value-add and reducing risk - „To give an example, one ransomware group receiving a $40m payment for attacking a cybersecurity insurance company gives the attackers more budget to launch cyberattack than most medium to large organizations have to defend against attacks in total.“ - this is indeed a problem since we end up in a spiral that is hard to break: with more money, the bad guys can arm up in order to do more harm which leads to more money to invest etc. - „Customers have a responsibility to vet what they’re buying, and make operationalizing it a key buying factor (“how many people do I really need to run this?”).“ so true, still so much missing in the industry - „ If you want to be a security leader, it isn’t just about being a $10 billion company; it’s about leading.“ - problem: leading in our world is pretty often related to being successful and increase the profits - leading is considered to be a means to an end - [link]
Outdoor
- How to survive in the Thai jungle with nothing but bamboo (and an ex-soldier) - [link]
- The Science of Solo Time in the Wilderness - “The soul is such a compact and complex experience, which has so many different layers to it, that I have not come across one theory that could comprehend all the mechanisms of solitude in nature in a simple way.” - [link]
This post is licensed under CC BY 4.0 by the author.