Secjuice Squeeze Volume 27
Welcome to the Secjuice Squeeze, a curated selection of interesting infosec articles and news that you may have missed, now with upcoming events!
Welcome to the 27th edition of the Secjuice Squeeze, a curated selection of interesting security articles and infosec news that you may have missed, lovingly prepared for you every week. We have been away for a few weeks and this edition will be longer than usual. This week's volume compiled by Secjuice writers Sinwindie, Mike Peterson, Prasanna, Hartoyo Wahyu, and Miguel Calles.
Articles
How Hackers Use An Ordinary Light Bulb To Spy On Conversations 80 Feet Away
What if a hacker could use an ordinary, dumb, old-fashioned light bulb to spy on your conversations from afar?
Source: forbes.com
Curator: Sinwindie
A survey of recent iOS kernel exploits
I recently found myself wishing for a single online reference providing a brief summary of the high-level exploit flow of every public iOS kernel exploit in recent years; since no such document existed, I decided to create it here.
Source: googleprojectzero.blogspot.com
Curator: Prasanna
Elite CIA unit that developed hacking tools failed to secure its own systems, allowing massive leak, an internal report found
The theft of top-secret computer hacking tools from the CIA in 2016 was the result of a workplace culture in which the agency’s elite computer hackers “prioritized building cyber weapons at the expense of securing their own systems,” according to an internal report prepared for then-director Mike Pompeo as well as his deputy, Gina Haspel, now the director.
Source: washingtonpost.com
Curator: Mike Peterson
'Ripple20' Bugs Plague Enterprise, Industrial & Medical IoT Devices
Researchers discover 19 vulnerabilities in a TCP/IP software library manufacturers have used in connected devices for 20 years.
Source: darkreading.com
Curator: Prasanna
Masked arsonist might’ve gotten away with it if she hadn’t left Etsy review
Woman who burned two police cars IDed by tattoo and Etsy review of her T-shirt.
Source: arstechnica.com
Curator: Sinwindie
Structured analysis techniques and OSINT, with Dr. Martha Whitesmith
Terry Pattar, head of the Janes Intelligence Unit, and Dr. Martha Whitesmith, research fellow at The Department of War Studies, King’s College London discuss whether or not structured analysis techniques provide any clear benefits to intelligence analysts.
Source: janes.com
Curator: Sinwindie
Upcoming Events, Webcasts, Conferences, etc.
LASCON 20/20 - Call for Papers and Training
When: Now thru June 30, 2020
Source: lascon.org
Curator: Miguel Calles
The Best Virtual Cybersecurity Conferences And Events In 2020
The best online cybersecurity events taking place in 2020 are the educational ones in my opinion. With the collapse of physical events and conferences, we’ve seen an absolute surge towards hosting online events; but from what we’ve seen the events that generate the highest attendance are the ones with actionable skills you can actually use in your cyber niche.
Source: infosec-conferences.com
Curator: Hartoyo Wahyu
SANS@MIC - The 14 Absolute Truths of Security
When: July 06, 2020 at 8:30 PM EDT (2020-07-07 00:30:00 UTC)
Location: Online
Source: sans.org
Curator: Miguel Calles
OWASP Virtual AppSec Days Summer of Security
When: July 28-29, 2020 (12:00pm to 4:00pm EDT/1800pm to 2200pm CET)
Location: Online
Source: appsecdays.org
Curator: Hartoyo Wahyu
Ai4 2020
When: September 1-2, 2020
Location: MGM Grand, Las Vegas
Cost: $595 (early registration)
Source: ai4.io
Curator: Miguel Calles
Open Source Digital Forensics Conference
When: October 20-22, 2020
Location: Herndon, VA
Cost: $0-$350 + $499 optional training
Source: osdfcon.org
Curator: Hartoyo Wahyu
LASCON 20/20
When: October 29-30, 2020
Location: Austin, TX
Cost: $199 (early registration)
Source: lascon.org
Curator: Miguel Calles