Infosec Reading List - May 2025

On a monthly basis I will publish my reading recommendations which mainly focus on Information Security (InfoSec) and Outdoor Sports. All InfoSec Reading Lists can be found here. Text in italic represent quotes from the original article.

InfoSec

• Getting things done in large tech companies - [link]
• 38C3 - From Pegasus to Predator - The evolution of Commercial Spyware on iOS - [video] - great overview of commercial spyware for iOS and potential forensic methods available - TLDR: collect forensic evidence frequently + reboot your device often - [link]
• ‘The cloud’ is not just servers. ‘Going to the cloud’ could also mean locking into a forever sub-contractor - The cloud provider is now not just your subcontractor, you are effectively in business together. Except that the cloud provider can set the rates and conditions under which this partnership proceeds - very true given the latest discussion around global hyperscalers and their power - [link]
• DragonForce Ransomware Cartel attacks on UK high street retailers: walking in the front door - While organisations are away at RSA thinking about quantum AI cyber mega threats — the harsh reality is most organisations do not have the foundations in place to do be worrying about those kind of things. - yes! - How are the threat actor being so successful? The threat actor here is working as an employee — while not being an employee. - [link]
• Extortion and Ransomware Trends January-March 2025 - [link]
• How Riot Games is fighting the war against video game hackers - [link]
• AI is getting “creepy good” at geo-guessing - [link]
• M&S bosses under fire after ‘damaging and embarrassing’ cyberattack - Now The Times can reveal that the hackers, thought to be from the Scattered Spider group, penetrated the retailer’s IT systems through a contractor. - The hackers were able to work undetected in the systems for around 52 hours before the alarm was raised, insiders said, before emergency response teams defended M&S over a five-day “attack phase”. - This week, the company told its 9.4 million active customers their personal data had been stolen, leading experts to warn of a “great scam opportunity”. - … she had been getting daily spam phone calls since the hack. - this attack creates quite some impact - [link]
• NSO Group must pay more than $167 million in damages to WhatsApp for spyware campaign - huge and important - [link]
• The Chromium Security Paradox - [link]
• Top Tier Target - What It Takes to Defend a Cybersecurity Company from Today’s Adversaries - [link]
• Incidents impacting retailers – recommendations from the NCSC - [link]
• Mozilla is shutting down read-it-later app Pocket - what a pity - I was a top 5% user of pocket a few years ago before I moved to a selfhosted version - the product was great and did what it was built for - [link]
• The Elite Microsoft Unit Constantly Working to Thwart Hackers - [link]
• A coherent European/non-US cloud strategy: building railroads for the cloud economy - [link]
• By Default, Signal Doesn’t Recall - [link]
• Starting a Security Program from Scratch (or re-starting) - [link]
• Cloud Overview - [link]