sec
Naked Security
- Facebook ordered to stop collecting WhatsApp user data in Germany
- Marissa Mayer declined to reset Yahoo users’ passwords 2 years ago
- Mozilla to take action against WoSign’s woeful cryptographic blunders
- Opera browser starts running traffic through its own “VPN”
Office of Inadequate Security
- Across US, police officers abuse confidential databases
- As we speak, teen social site is leaking millions of plaintext passwords
- AU: Privacy watchdog called after Health Department data breach
- FBI says hackers have made more attempts to breach state voter registration systems
- Hackers attack Royal Cornwall Hospital at Treliske and hold bosses to ransom over stolen information
- Member of Syrian Electronic Army pleads guilty in U.S. court
- UK: Teenager appears in court over TalkTalk cyber-attack
SANS Internet Storm Center, InfoCON: green
- SNMP Pwn3ge, (Wed, Sep 28th)
- ISC Stormcast For Thursday, September 29th 2016 https://isc.sans.edu/podcastdetail.html?id=5187, (Wed, Sep 28th)
Full Disclosure
- Edward Snowden won Glas of Reason - (Glas der Vernunft) Award 2016
- Multiple vulnerabilities found in the Dlink DWR-932B (backdoor, backdoor accounts, weak WPS, RCE ...)
- Symantec Messaging Gateway <= 10.6.1 Directory Traversal
- [REVIVE-SA-2016-002] Revive Adserver - Multiple vulnerabilities
- Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla
- Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla
Dark Reading:
- FBI Probes Bid To Hack Democratic Party Officials' Phones, Sources Say
- Ransomware Rages On
- Russian Hackers Target Citizen Journalists Reporting On Malaysian Airlines Crash
- Improving Security Savvy Of Execs And Board Room
- Improving The Security Conversation For CIOs, CISOs, & Board Members
- Microsoft Launches Cloud-Based Fuzzing
- The Real Reasons Why Users Stink At Passwords
- Hacking The Polls: Where US Voting Processes Fall Short
- More Than Half Of IT Pros Employ Insecure Data Wiping Methods
- 'Beep' Prepared: How Security Economics Can Help The Coyote Catch The Roadrunner
- SWIFT Toughens Customer Security With New Mandatory Rules