Welcome to today's edition of Security Longreads.
With a wealth of security reading available, the Security Longreads weekly e-mail is designed to highlight particularly interesting longer reads. Our "Security Reads" covers topics related to Information Security while our "Other Reads" are topics that have nothing to do with security but could be of interest to readers of JaySchulman.com.

Did someone forward this to you? Sign up at securitylongreads.com.
Happy Friday!

We start with hacking subtitles.  Beware of SQLi movies.

Why is cybersecurity so hard?

GDPR, AppSec, Ransomware. 

All IT Jobs are CyberSecurity Jobs...

And finally, investing in people like you invest in money.

Have a good weekend,


Hacked in Translation - from Subtitles to Complete Takeover | Check Point Blog

Check Point researchers revealed a new attack vector which threatens millions of users worldwide – attack by subtitles. By crafting malicious subtitle files, which are then downloaded by a victim’s media player, attackers can take complete control over any type of device via vulnerabilities found in many popular streaming platforms, including VLC, Kodi (XBMC), Popcorn-Time …

Read More
Security Reads
  • It’s not just a technical problem
  • The rules of cyberspace are different from the physical world’s
  • Cybersecurity law, policy, and practice are not yet fully developed

On May 25, 2018, the General Data Protection Regulation (GDPR) will go into effect. Is your company prepared? Columnist Todd Ruback explains how to start taking action.

This article explains a methodology of what to look and where to look in an application when performing the vulnerability analysis for web applications.

It’s hard to identify attackers, and even harder to punish them.

Breach, Hacks And Attacks
Credential-Stuffing Threat Intensifies Amid Password Reuse

Employees who reuse logins on multiple websites drive the impact of third-party breaches as hackers use credential stuffing to compromise more accounts.

Read More
Prevent ransomeware attack, but How ? This is a very important question. Our computers and mobiles are not safe. They can be attacked anytime.
The agreement, which includes the District of Columbia, ends an investigation into how hackers obtained information about tens of millions of people in 2013.
Security Careers
WannaCry is a good example of how increasing cybersecurity can be relatively simple—thwarting it was as simple as keeping Windows up-to-date. On the other hand, it used a sophisticated exploit lifted from a hack of National Security Agency tools that allowed it to spread directly from one computer to another, infecting systems in companies that might have been prepared for other kinds of attacks. 
Overall Career

Make investments and monitor their performance.

Jay's Security Longreads · One37 Security LLC · Oak Park 60302 · United States of America