sec
Naked Security
- Are Snap(chat)’s Spectacles the new Google Glass?
- College student arrested for allegedly hacking system to change grades
- Girls’ fashion hangout site leaking millions of plaintext passwords
- Mamba ransomware strikes at your whole disk, not just your files
Office of Inadequate Security
- Alberta Hospital Edmonton notifying 1,300 of snooping employee
- Ex-Verizon worker accused of selling customer phone records
- Federal judge cuts Darkode computer hacker a break
- NY: 488 affected by data breach in Mastic Beach
- Two more hacks with ransom demands, but is anyone paying? Part 1.
- Two more hacks with ransom demands, but is anyone paying? Part 2.
- UK man charged under Computer Misuse Act over US crime
SANS Internet Storm Center, InfoCON: green
- Back in Time Memory Forensics, (Tue, Sep 27th)
- ISC Stormcast For Wednesday, September 28th 2016 https://isc.sans.edu/podcastdetail.html?id=5185, (Wed, Sep 28th)
- Rig Exploit Kit from the Afraidgate Campaign, (Wed, Sep 28th)
Full Disclosure
- Recon Europe 2017 Call For Papers - January 27 - 29, 2017 - Brussels, Belgium
- Call for Papers 0x7E0 hack4 in Berlin
- Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day )
- Welcome Faraday 2.1! Collaborative Penetration Test & Vulnerability Management Platform
- Re: XSS Wordpress W3 Total Cache <= 0.9.4.1
- IE11 is not following CORS specification for local files
- Vulnerability Note VU#667480 - AVer EH6108H+ hybrid DVR contains multiple vulnerabilities
- Re: XSS Wordpress W3 Total Cache <= 0.9.4.1
- skype installer dll hijacking vulnerability - CVE-2016-5720
- [Adobe Flash] local-with-filesystem sandbox bypass via navigateToURL() and UI redressing
- Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day )
- Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day )
Dark Reading:
- Yahoo Breach: US Senator Seeks SEC Role In Probe
- Yahoo Sued By User Over 2014 Hacking
- 25 Emerging Security Vendors To Watch
- Yahoo Confirms August Data Dump Issue Unrelated To Breach Of 500 Million Users
- Mobile Fraud Changes Outlook for Multifactor Authentication
- 5 Best Practices For Winning the IoT Security Arms Race
- Clinton, Trump Debate 'Twenty-First Century War' Of Cyberattacks
- Sharing Cybersecurity Threat Intelligence Is The Only Way We Win