sec

Naked Security

• Billboard hacker faces 12 years in jail for broadcasting porn
• BuzzFeed latest high-profile victim of OurMine hackers
• From Russia with grudge: hackers accused of trying to sway US election
• Hacked Olympians’ doping docs may have been doctored post-theft
• Odin ransomware takes over from Zepto and Locky

Office of Inadequate Security

• Ex-Arkansas hospital orderly sentenced for identity theft
• Feds rehire contractor linked to massive OPM data breach
• NY: Corinth pharmacist used customer ID to steal opioid

SANS Internet Storm Center, InfoCON: green

• Checking my honeypot day, (Thu, Oct 6th)
• What is happening on 2323/TCP?, (Fri, Oct 7th)
• ISC Stormcast For Friday, October 7th 2016 https://isc.sans.edu/podcastdetail.html?id=5199, (Fri, Oct 7th)
• To report any scams/malware related to Hurricane Matthew, use our contact form: https://isc.sans.edu/contact.html, (Fri, Oct 7th)

Full Disclosure

• RealEstate CMS 3.00.50 - Cross Site Scripting Vulnerability
• [KIS-2016-12] Magento <= 1.9.2.2 (RSS Feed) Information Disclosure Vulnerability
• NEW VMSA-2016-0015 - VMware Horizon View updates address directory traversal vulnerability

Dark Reading:

• Incident Response A Challenge For 98% Of InfoSec Pros
• Partners In The Battle Against Cyberthreats
• Arizona Official Says Hack Of Voter Data Came Via 'Employee' Email
• Two Teenagers Arrested For Alleged Cyberattack-For-Hire Services
• Why It's Always Cyber Hunting Season (& What To Do About It)/a/d-id/1327115)
• Security Industry Takes Steps To Close Gender Gap
• NSA Director Not Opposed To Splitting Cyber Command From Agency
• Attackers Can Use Legit Webcam Sessions To Spy On Mac Users, Researcher Warns
• PwC Study Finds Greater Trust In Cloud, More Security Spend