This idea was inspired by one of Tim Ferriss email lists called 'Five-bullet Fridays' where he composes a simple list of what he's enjoying or pondering.

Similarly, I felt the best way to convey my thoughts is by having a posting process for finance, penetration testing, and anything useful or casually relaxing I find.


Weekly Wrap-Up

Technical Projects - Finished building the Capture-The-Flag server for SecTalks Melbourne

Books I'm reading

  • Spam Nation - Brian Krebs (re)
  • The Rules of Work (re)
  • Your money or your life (re)

Podcasts and Audiobooks

  • The Tao of Seneca: Letters from a Stoic Master - Tim Ferris
  • Hack The Entrepreneur - Jon Nastor
  • Defensive Security link

Music i'm relaxing to

  • Ludovico Einaudi - Una Mattina link

Cool startups i'm looking into

  • PleenQ - Making every item in images online clickable (I am working on some really cool security analysis in this area at the moment, stay tuned!)

Movies I've enjoyed - The Big Short: Great look into how the way people think leading up to the GFC. Two friends made their millions by always betting on what people were scared of most "the worst thing that could happen," and others like them simply took the time to analyse the possible future.

Articles i'm reading

Hacking Competitions I participated in - Sharif University CTF link


Random Ramblings

The Malware Museum A cool little gem I found the other day! Collection of viruses/malware from the '80s and '90s run in a sandboxed environment for viewing their sometimes cool-but-evil graphics, displays and sounds. Part of archive.org

Know your IPv6 - I mentioned the big short - in the economic world it can be hard (and very profitable) to predict the future, however close analysis can reveal certain marks or flags which can hint to a certain direction. In Information Technology/Networking, we're already gaining traction towards IPv6 and associated technologies. Our current address pool is running out, and some areas of technology have already made the shift (largely playing a part is the Internet of Things.)

Becuase people rely so heavily upon IP addresses, and understanding them for that matter, now is really the time to properly get to know IPv6. People will come to you as a resource later on if you're known for your knowledge in the area. Here are some great resources for the topic!
Google IPv6 Explanation
Official World IPv6 Launch

Automated Transfer System (ATS) - An interesting, although relatively mature technology used by malware to conduct bank fraud. Just to give those an idea what they are facing and how they themselves cannot detect thousands of $$$ being siphoned out of their account. Infographic

  1. A user visits a regular website that is infected with malware
  2. The malware waits for the user to log into their bank account
  3. On login, the malware transfers money out of their account
  4. The malware then malforms the user's web page to look like the account is within full standing
  5. Calculations are made each transfer in/out and the malware continues to modify the on-screen amount to hide the theft

This is similar to hitting right click on this word, hitting inspect element and changing it to whatever you want. In the same way, the malware alters the true value in which the user cannot see, so detection of the theft is delayed.

That's it for another week; hopefully you find something interesting or of value to your work!