Barr, Jeff. «New Amazon S3 Encryption & Security Features», Amazon Blog. November 6, 2017. aws.amazon.com/blogs/aws/new-amazon-s3-encryption-security-features.
Bellovin, Steven M. Defending Against Sequence Number Attacks. RFC 1948. www.rfc-editor.org/rfc/rfc1948.
Bishop, Bryan. New York Times reporter refutes Tesla’s allegations but «can-not account» for some discrepancies in data. The Verge. Feb 14, 2013. www.theverge.com/2013/2/14/3990106/new-york-times-reporter-refutes-teslas-allegations-but-cannot-account.
Bomey, Nathan. How Chinese military hackers allegedly pulled off the Equifax data breach, stealing data from 145 million Americans. USA Toyda. February 10, 2020. www.usatoday.com/story/tech/2020/02/10/2017-equifax-data-breach-chinese-military-hack/4712788002.
Bours, Ben. How a Dorm Room Minecraft Scam Brought Down the Internet. December 13, 2017. www.wired.com/story/mirai-botnet-minecraft-scam-brought-down-the-internet.
Bratus, Sergey, Trey Darley, Michael Locasto, Meredith L. Patterson, Rebecca «bx» Shapiro, and Anna Shubina. «Beyond Planted Bugs in “Trusting Trust”: The Input-Processing Frontier». IEEE Security & Privacy, vol. 12, no. 1, pp. 83–87, Jan.-Feb. 2014, doi: 10.1109/MSP.2014.1. langsec.org/papers/beyond-bugs-input-frontier.pdf.
Burman, Bryan. How to Choose the Right Parameters for Argon2. Blog post. June 7, 2019. www.twelve21.io/how-to-choose-the-right-parameters-for-argon2.
Burnet, Karla. «Ichthyology: Phishing as a Science». BlackHat Briefings. July 2017. www.blackhat.com/docs/us-17/wednesday/us-17-Burnett-Ichthyology-Phishing-As-A-Science-wp.pdf.
Cambridge Dictionary. Cambridge University Press. dictionary.cambridge.org/dictionary/english/threat, last visited December 31, 2019.
Cassidy, Kevin. Warning: Your Facebook Privacy Settings Have Been Reset. January 7, 2022. www.business2community.com/facebook/warning-your-facebook-privacy-settings-have-been-reset-065965 Business2 Community.
CCC, Chaos Computer Clubs breaks iris recognition system of the Samsung Galaxy S8. May 22, 2017. www.ccc.de/en/updates/2017/iriden.
CERT (Computer Emergency Response Team). UDP-Based Amplification Attacks, Alert (TA14-017A). January, 2014 (Updated December, 2019). www.cisa.gov/uscert/ncas/alerts/TA14-017A.
Checkoway, Stephen, Hovav Shacham, and Eric Rescorla. «Are Text-Only Data Formats Safe? Or, Use This LaTeX Class File to Pwn Your Computer». LEET. 2010.
CNBC. Chinese phone maker Huawei punishes employees for iPhone tweet blunder. January 4, 2019. www.cnbc.com/2019/01/04/chinese-phone-maker-huawei-punishes-employees-for-iphone-tweet-blunder.html.
Coldewey, Devin. Oh, Facebook changed its privacy settings again. Techcrunch. August 4, 2021. techcrunch.com/2021/08/04/oh-facebook-changed-its-privacy-settings-again.
Crosby, Scott A., Dan S. Wallach And Rudolf H. Riedi. Opportunities and Limits of Remote Timing Attacks. ACM Transactions on Information and System Security, Vol. 12, No. 3, Article 17. Pub. date: January 2009. doi.acm.org/10.1145/1455526.1455530. www.cs.rice.edu/~dwallach/pub/crosby-timing2009.pdf.
The CVE Project, CVE-2016-10074. December 27, 2016. cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10074.
Davies, Jim, Droids, Minds and Why We Care, in Langley, Travis, and Carrie Goldman, eds. Star wars psychology: dark side of the mind. Sterling New York. 2015.
Delaitre, Aurelien M., Bertrand C. Stivalet, Paul E. Black, Vadim Okun, Terry S. Cohen, and Athos Ribeiro. «Sate v report: Ten years of static analysis tool expo-sitions». NIST SP 500–326 (2018). www.nist.gov/publications/sate-v-report-ten-years-static-analysis-tool-expositions.
Director of National Intelligence, Cyber Threat Framework. Visited October 9, 2022. www.dni.gov/index.php/cyber-threat-framework and A Common Cyber Threat Framework: A Foundation for Communication. March 13, 2017. www.dni.gov/files/ODNI/documents/features/A_Common_Cyber_Threat_Framework_Overview.pdf.
Dorkly. The Death Star Architect Speaks Out. August 28, 2015. www.youtube.com/watch?v=agcRwGDKulw.
Ducklin, Paul. Serious Security: Rowhammer is back, but now it’s called SMASH, Sophos NakedSecurity blog. April 19, 2021. nakedsecurity.sophos.com/2021/04/19/serious-security-rowhammer-is-back-but-now-its-called-smash.
Eating your own dogfood. Wikipedia. en.wikipedia.org/w/index.php?title=Eating_your_own_dog_food&oldid=945744836, last visited March 23, 2020.
Eckersley, Peter. A Primer on Information Theory and Privacy. January 26, 2010. www.eff.org/deeplinks/2010/01/primer-information-theory-and-privacy.
Emmons, Tom. Largest Ever Recorded Packet Per Second-Based DDoS Attack Mitigated by Akamai. The Akamai blog. June 25, 2020. blogs.akamai.com/2020/06/largest-ever-recorded-packet-per-secondbased-ddos-attack-mitigated-by-akamai.html.
eSecurityPlanet Staff. «Virus Alert: Bugbear-B Spreading Rapidly Via Email». June 05, 2003. www.internetnews.com/ent-news/article.php/2217561/Virus+Alert+BugbearB+Spreading+Rapidly+Via+Email.htm.
Faou, Matthieu. Supply-chain attack on cryptocurrency exchange gate.io. ESET We Live Security blog. November 6, 2018. www.welivesecurity.com/2018/11/06/supply-chain-attack-cryptocurrency-exchange-gate-io.
Feldman, Vitaly. «Does learning require memorization? A short tale about a long tail». Proceedings of the 52nd Annual ACM SIGACT Symposium on Theory of Computing. 2020. (arXiv:1906.05271).
Ferran, Lee. Ex-NSA Chief: «We Kill People Based on Metadata». ABC News. May 12, 2014. abcnews.go.com/blogs/headlines/2014/05/ex-nsa-chief-we-kill-people-based-on-metadata.
Fisher, Max. «Here’s the e-mail trick Petraeus and Broadwell used to communicate». The Washington Post. November 12, 2012. www.washingtonpost.com/news/worldviews/wp/2012/11/12/heres-the-e-mail-trick-petraeus-and-broadwell-used-to-communicate.
Fish. Tweets sent August 31, 2022. twitter.com/LazyFishBarrel/sta tus/1565146682819350528?s=20&t=aEBqJhFNm71qrnQeOCOMYA, twitter.com/LazyFishBarrel/status/1565146349347037189?s=20&t=aEBqJhFNm71qrnQeOCOMYA, twitter.com/LazyFishBarrel/status/1560026636925521924?s=20&t=aEBq JhFNm71qrnQeOCOMYA.
Fleishman, Glenn. Privacy problems on the Web: Even your device’s battery life can be used to track you. Macworld. August 28, 2016. www.macworld.com/article/228548/privacy-problems-on-the-web-even-your-devices-battery-life-can-be-used-to-track-you.html.
Fitzl, Csaba. «Exploiting directory permissions on macOS». March 18, 2020. theevilbit.github.io/posts/exploiting_directory_permissions_on_macos.
Forshaw, James. «VirtualBox: Windows Process DLL Signature Bypass EoP» bug, filed. May 11, 2017. bugs.chromium.org/p/project-zero/issues/detail?id=1257.
Fussell, Sidney. The Microphones That May Be Hidden in Your Home. «The Atlantic», February 23, 2019. www.theatlantic.com/technology/ archive/2019/02/googles-home-security-devices-had-hidden-microphones/583387.
GAO. SolarWinds Cyberattack Demands Significant Federal and Private-Sector Response (infographic). April 22, 2021. www.gao.gov/blog/solarwinds-cyberattack-demands-significant-federal-and-private-sector-response-infographic.
Gatlan, Sergiu. «Microsoft starts blocking Office macros by default, once again». Bleeping Computer. July 21, 2022. www.bleepingcomputer.com/news/microsoft/microsoft-starts-blocking-office-macros-by-default-once-again.
Galicia, Albert Puigsech. 7a69Adv#22-UNIX unzip keep setuid and setgid files. February 28, 2005. marc.info/?l=bugtraq&m=110960796331943&w=2. (Also, CVE-2005-0602).
Golunski, Dawid. SwiftMailer < 5.4.5-DEV-Remote Code Execution, Exploit-DB, 2016a-12-28. www.exploit-db.com/exploits/40972, legal hackers.com/advisories/SwiftMailer-Exploit-Remote-Code-Exec-CVE-2016-10074-Vuln.html.
Goodin, Dan. Backdoor built in to widely used tax app seeded last week’s NotPetya outbreak. Ars Technica. July 5, 2017. arstechnica.com/information-technology/2017/07/heavily-armed-police-raid-company-that-seeded-last-weeks-notpetya-outbreak.
Google. «Google 2-step verification». www.google.com/landing/2step/ #tab=how-it-protects. Visited Jan 21, 2019.
Golunski, Dawid. «PHPMailier Remote Code Execution’ Advisory». December 25, 2016. legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html.
Golunski, Dawid. «Swift Mailer Exploit Remote Code Exec». December 30, 2016. legalhackers.com/advisories/SwiftMailer-Exploit-Remote-Code-Exec-CVE-2016-10074-Vuln.html.
Golunski, Dawid. «Pwnscriptum». undated, legalhackers.com/exploits/CVE-2016-10033/10045/10034/10074/PwnScriptum_RCE_ exploit.py (archive/.1 is the headers), last visited February 19, 2017.
Grassi, Paul A., et al. Digital Identity Guidelines Authentication and Lifecycle Management. NIST Special Publication 800-63B. March, 2020. doi.org/10.6028/NIST.SP.800-63b.
Greenberg, Andy. The Full Story of the Stunning RSA Hack Can Finally Be Told. Wired. May 20, 2021. www.wired.com/story/the-full-story-of-the-stunning-rsa-hack-can-finally-be-told.
Gwern. «The Neural Net Tank Urban Legend. www.gwern.net/Tanks. Version of August 14, 2019.
Hafiz, Munawar, Ralph Johnson, Raja Afandi. The Security Architecture of qmail. In Proceedings PloP. 2004. www.researchgate.net/publication/ 240925283_The_Security_Architecture_of_qmail.
Hale, Coda. «A Lesson In Timing Attacks (or, Don’t use MessageDigest.isEquals. August 13, 2009. codahale.com/a-lesson-in-timing-attacks.
Hamburg, Mike, Paul Kocher, Mark E. Marson. ANALYSIS OF INTEL’S IVY BRIDGE DIGITAL RANDOM NUMBER GENERATOR. Cryptography Research White Paper. March 2012. web.archive.org/web/2014 1230024150/www.cryptography.com/public/pdf/Intel_TRNG_Report_20120312.pdf.
Harari, Noah, Yuval. Sapiens: A Brief History of Humankind. Harper. 2015.
Harris, Bob. «Terminal srm command no longer works» (Forum answer). September 20, 2016. discussions.apple.com/thread/7675060?start=0