Cybersecurity Reading List - Week of 2025-03-24

The thaw continues here in DomainTools Intelligence’s (DTI) satellite office outside Boston, and so does the cyber. Typhoon APT news arrives almost as fast as genAI “content” and we are still trying to decide which is more malicious. The undocumented tools in ESP32 chips are worrying. The Wizoogle deal is back on, Cloudflare continues to Cloudflare, and Patch Tuesday this month required an extra twelve hours on the clock. Luckily, Redmond now controls all clocks, so they just plugged the extra hours in. 

It’s Copilot O’Clock. Let’s dive in!

Recommended Cybersecurity Podcasts

To Catch A Thief: China’s Rise to Cyber Supremacy – Brand new on the podcast scene, cyber journo Nicole Perlroth documents Chinese government-related attacks, surveillance, positioning, and more. Episode one also includes Dmitri Alperovitch, who’s very much worth listening to on topics like this. Two episodes up so far, produced by security firm Rubrik.

Data Skeptic – Criminal Networks – Network science as applied to law enforcement and criminal interventions. Really neat episode; worth noting it’s theory-heavy but brings interesting applications into view. PhD Candidate Justin Wang Ngai Yeung looks like one to watch.

Must-Read Cybersecurity Articles and Blog Posts

Trend Micro – Windows Shortcut Exploit Abused as Zero-Day in Widespread APT Campaigns

Veriti – OpenAI Under Attack: CVE-2024-27564 Actively Exploited in the Wild – “Attackers are actively targeting OpenAI, exploiting CVE-2024-27564, a Server-Side Request Forgery (SSRF) vulnerability in OpenAI’s ChatGPT infrastructure. Veriti’s latest research reveals that this vulnerability, despite being classified as medium severity, has already been weaponized in real world attacks.” – It’s a good thing we’ve plumbed AI into everything as fast as possible, huh?

SpyCloud – Cybercrime Wins in 2024: Major Takedowns & Arrests – Never forget to celebrate the wins. 

Quarkslab – Beyond the Hook: A Technical Deep Dive into Modern Phishing Methodologies – Not a fan of phishing tests, but this is an excellent breakdown of email phishing techniques and worth reading for all n-teamers, blue, purple, red, and otherwise.

DataBreachToday – UK Official Says Russian Disinfo Blocked in 2024 Election 

Cisco Talos – Unmasking New Persistent Attacks on Japan

Infoblox – Work Hard, Pay Harder – Recruitment scams aren’t new, but this is a great joyride through scammer infrastructure all beginning with a one-word WhatsApp message.

RiskyBiz – China says Taiwan’s military is behind PoisonIvy APT – Catalin Cimpanu provides not only a breakdown of the announcement, but some critical context related to this and similar past announcements from the Chinese government, including the increasing lockstep coordination between Chinese public and private sector report releases.

DomainTools Investigations (DTI) – Domain Registrars Powering Russian Disinformation: A Deep Dive into Tactics and Trends – It may seem corny, but confronting disinformation and its enablers makes me fiercely proud to be part of DTI.

Latest Cybersecurity Research Papers, Reports, and Books

SpyCloud – 2025 Identity Exposure Report: Breaking Down the Identity Threat Landscape – “SpyCloud’s total collection of recaptured data grew 22% in the past year, from 43.7 billion to 53.3 billion distinct identity records – representing a growing underground economy that thrives on compromised accounts and exposed credentials.” – Hard to wrap your head around those numbers. Harder to do so without getting nihilistic.

Essential Cybersecurity Tools and Resources Tools and Other Resources

EFF – Meet Rayhunter: A New Open Source Tool from EFF to Detect Cellular Spying – Anecdotally, I took a train from Boston down to DC and back up last week with a Rayhunter running. The results were… interesting. Not conclusive, as Rayhunter’s brand new and there are many false-positive scenarios, but definitely interesting.

LayerOne – Call for Papers – open until April 12. 

DEF CON – Theme Drop: Access Everywhere – “This year we’re thinking about how to make information and services available to everyone. Available wherever you are, whoever you are, and usable no matter how you need to connect… Less walled gardens, more sunlight.”

Epieos – “The ultimate OSINT tool for email and phone reverse lookup” – Neat tool getting some good word-of-mouth lately.