Welcome to the 27th edition of the Secjuice Squeeze, a curated selection of interesting security articles and infosec news that you may have missed, lovingly prepared for you every week. We have been away for a few weeks and this edition will be longer than usual. This week's volume compiled by Secjuice writers Sinwindie, Mike Peterson, Prasanna, Hartoyo Wahyu, and Miguel Calles.
How Hackers Use An Ordinary Light Bulb To Spy On Conversations 80 Feet Away
What if a hacker could use an ordinary, dumb, old-fashioned light bulb to spy on your conversations from afar?
A survey of recent iOS kernel exploits
I recently found myself wishing for a single online reference providing a brief summary of the high-level exploit flow of every public iOS kernel exploit in recent years; since no such document existed, I decided to create it here.
Elite CIA unit that developed hacking tools failed to secure its own systems, allowing massive leak, an internal report found
The theft of top-secret computer hacking tools from the CIA in 2016 was the result of a workplace culture in which the agency’s elite computer hackers “prioritized building cyber weapons at the expense of securing their own systems,” according to an internal report prepared for then-director Mike Pompeo as well as his deputy, Gina Haspel, now the director.
'Ripple20' Bugs Plague Enterprise, Industrial & Medical IoT Devices
Researchers discover 19 vulnerabilities in a TCP/IP software library manufacturers have used in connected devices for 20 years.
Masked arsonist might’ve gotten away with it if she hadn’t left Etsy review
Woman who burned two police cars IDed by tattoo and Etsy review of her T-shirt.
Structured analysis techniques and OSINT, with Dr. Martha Whitesmith
Terry Pattar, head of the Janes Intelligence Unit, and Dr. Martha Whitesmith, research fellow at The Department of War Studies, King’s College London discuss whether or not structured analysis techniques provide any clear benefits to intelligence analysts.
Upcoming Events, Webcasts, Conferences, etc.
LASCON 20/20 - Call for Papers and Training
The Best Virtual Cybersecurity Conferences And Events In 2020
The best online cybersecurity events taking place in 2020 are the educational ones in my opinion. With the collapse of physical events and conferences, we’ve seen an absolute surge towards hosting online events; but from what we’ve seen the events that generate the highest attendance are the ones with actionable skills you can actually use in your cyber niche.