This is the textbook for a course I am doing at the moment. To be honest the book is kind of old and nothing special, but I read it so it gets at least a brief mention here. Overall the book is too dated to be particularly useful, and I find it hard to believe that something better hasn't been published in the intervening 11 years. That said, if I ever need to enumerate NetWare servers (remember those?) I'll know where to look for information!
So I read this paper over the weekend. Naively, its a resonably interesting piece of research around using a generative AI to use descriptions of CVEs from their responsible disclosures to exploit unpatched systems autonomously. Now read that sentence again -- these people prompted Chat GPT4 with CVES which didn't have fixes yet, and had it hacking unpatched systems with an 85% success rate. We're doomed.
A very readable history of the early US hacking scene, including the roots of Def Con and Blackhat security conferences. The book is filled with a cast of characters many of whose names and exploits I recognize -- although I've only met one or two in person. The book is definitely US-centric in it's coverage but an interesting way to spend a summer evening or two. Menn (the author) spends a lot of time working through the moral reasoning that led a group formed out of an interest in how things worked and a sense of community among the socially awkward, to a group that made a profound difference to how we think about responsible disclosure of security vulnerabilities and our obligations as technologists while at the same time trying to be funny (the hackers, not the author). The description of how cDc dragged Microsoft kicking and screaming into taking security for their software seriously is both funny and interesting, as well as the discussion of early attempts at responsible disclosure at a time where software vendors would sue instead of fixing their products. I find the descriptions of the various players "going straight" and acquiring actual jobs in order…
Another technical book, this time because my employer lets me buy random technical books as long as I pinky swear to read them and this one sounded interesting and got good reviews. First off, the book is a bit dated given its from 2011 -- there are lots of references to Ubuntu 10.10 for example and they say to avoid Python 3, which has its historical charm. This is unfortunate given the first section of the book talks about setting up honeypots to collect malware to examine, but Dionaea for example had its last commit in 2021. I am left wondering if there are more modern honey pot systems that people use these days. Secondly the book is definitely a cookbook and that's on me for not noticing this about the book before buying it -- its a series of recipes / scripts that do interesting things with malware. That said, it isn't really teaching a cohesive set of skills, its more of a series of stepping stones along the path you might follow. I think that's an unintended piece of important learning -- books with "cookbook" or "recipes" in their title probably aren't very good as an overview of…
I don't think I've really reviewed a technical book here before, but I read the thing so I guess I should. This book is the certification guide for a "Cisco CyberOps Associate" certification, which is what they now call the CCNA Security qualification. Its a relatively junior certification, qualifying you to be a level one operator in a Security Operations Centre (SOC). I read this book because I took a Cisco NetAcad course for the associated certification in the second half of 2022 (although it has continued to be a thing I plug away at in 2023). That was mainly motivated by a desire to more about a field that is clearly important, but hasn't been core to my personal career. This book is reasonably well written and readable -- I'd read a chapter in the evening after work and its wasn't a huge chore to churn though. I certainly learned things along the way, even if the certification seems to suffer from a desire to have everyone rote learn a lot of acronyms, which seems like a common ailment in the industry (AWS Certified Cloud Practitioner, I'm looking at you). My main critism is of the qualification itself, which…