sec

Office of Inadequate Security

• Ca: Prince Edward Island’s Workers Compensation Board reports 47 privacy breaches in 4 years
• Federal judge dismisses indictment against auxiliary cop charged with hacking into NYPD database
• Feds round up 50 suspects in latest ID theft-tax fraud sweep in South Florida
• GA: IT staffer fired in data breach affecting 6 million Georgia voters

Naked Security

• Chipotle’s human resources emails made job applicants phishing bait
• Drone makers put their devices on a geofenced leash
• Facebook finally lets a woman named Isis back into her account
• Forget BadBIOS, here comes BadBarcode…

Full Disclosure

• LinkedIn - Persistent Cross-Site Scripting vulnerability(XSS)
• [CFP] No Big Thing Conference #2 San Francisco, December 5 2015
• Re: LiteCart 1.3.2: Multiple XSS
• Cambium ePMP 1000 - Multiple Vulnerabilities
• Qualsoft Systems - (AddNewsDetails.php) Auth ByPass Vulnerability

SANS Internet Storm Center, InfoCON: green

• When Hunting BeEF, Yara rules., (Fri, Nov 20th)
• ISC StormCast for Friday, November 20th 2015 http://isc.sans.edu/podcastdetail.html?id=4755, (Fri, Nov 20th)