sec
Naked Security
- CCTV that lets the crooks watch you, not the other way around…
- Phisher arrested for stealing Bitcoins from dark web users
- Twitter bot baits bullies into meaningless and futile arguments
Office of Inadequate Security
- Alerted by law enforcement: Vera Bradley discloses payment card security breach
- Amazon Denies Data Breach Rumors but Resets User Passwords Just in Case
- Concentrix: Tax credits firm in ‘data protection breach’
- Connecticut Hacker Created Darknet Phishing Sites To Steal Bitcoins
SANS Internet Storm Center, InfoCON: green
Full Disclosure
- [SYSS-2016-074] Logitech Wireless Presenter R400 - Insufficient Verification of Data Authenticity (CWE-345), Keystroke Injection Vulnerability
- [SYSS-2016-075] Targus Multimedia Presentation Remote - Insufficient Verification of Data Authenticity (CWE-345), Mouse Spoofing Attack
- New OpenSSL double-free and invalid free vulnerabilities in X509 parsing
Dark Reading:
- Certifying Software: Why We're Not There Yet
- Political Positions On Cybersecurity Matter To Millennials
- Attack Uses Image Steganography For Stealthy Malware Ops On Instagram
- G7 Nations Plan To Team Up To Tackle Financial Cybercrime
- Attackers Exploit Weak IoT Security
- Russia, Russia, Russia: What Clinton Or Trump Can Do About Nation-State Hacking Gone Wild
- Executable Files, Old Exploit Kits Top Most Effective Attack Methods
- US-CERT Cautions Against Phishing Scams In Aftermath Of Hurricane Matthew