Infosec Reading List - May 2017
On a monthly basis I will publish my reading recommendations which mainly focus on Information Security (InfoSec) and Outdoor Sports. All InfoSec Reading Lists can be found here. Text in italic represent quotes from the original article.
Quotes from the Twitterverse
InfoSec
- Make Confide great again? No, we cannot - [link]
- How Much Your Org Reaction to a Tweet Says? - It’s all about asset management - [link]
- Password Magic Numbers - 28 character password on Win machines - read here why - [link]
- Lessons Learned in Detection Engineering - [link]
- PoC GTFO - [pdf] - [link]
- Setting the Record Straight: containers vs. Zones vs. Jails vs. VMs - [link]
- How Long Does It Take to Crack Your Password? - baseline explanation around the topic of password complexity - [link]
- Penetration Testing Tools Cheat Sheet - [link]
- Securing Browsers Through Isolation Versus Mitigation - on the difference of Edge vs Chrome in regards to approaching a secure browser - [link]
- How my car insurance exposed my position - - [link]
- Google Bug Bounty - The 5k Error Page - [link]
- Finding an arbitrary file upload vulnerability in a filesharing script - Repeat once again: never trust client data - [link]
- Web Bluetooth API Privacy - this sounds spooky but obviously is the way forward to connect browser environments to the surrounding IoT environment - what could possibly go wrong? - “Can we realistically assume that users in general will know the distinction between pairing a local smartphone/kettle/beacon with a local laptop, and pairing a smartphone/kettle/beacon/toothbrush with a remote site?” - [link] - [link]
- Cybercrime on the high seas: the new threat facing billionaire superyacht owners - [link]
- Radio Controlled Pacemakers Are Easily Hacked - [link]
- Bad malware, worse reporting - Ross Anderson on the hype around the Wannacry malware - [link]
- Patching is Hard - some thoughts from Steven Bellovin - [link]
- Op-ed: It’s time for Google to take responsibility for Android’s security updates - On the responsibility of patching android devices - [link]
- Android Encryption Demystified - [link]
Outdoor
This post is licensed under
CC BY 4.0
by the author.