sec
Naked Security
- Anonymous hacker charged with #opJustina DDoS attacks on hospitals
- Dyn DDoS – what can we do right now to help prevent the next attack?
- Jester defaces website but the Russian Government isn’t laughing
- Mirai, Mirai, on the wall – through the looking glass of the attack on Dyn
- Monday review – the hot 25 stories of the week
- Russian indicted over LinkedIn and Dropbox mega-breaches
- Apple iOS users taste Android anxiety with nasty CoreGraphics image flaw
- DirtyCOW Linux hole works on Android too – “root at will”
- How hackers broke into John Podesta, DNC Gmail accounts
Office of Inadequate Security
- Abundance of stolen healthcare records on dark web is causing a price collapse
- AU: Lawyers duped by paramedic injury fraud
- Help Us Tell Telly That They Have Exposed 8M Subscribers!
- IES users’ data leaked due to ‘inadequate’ security measures: PDPC
- Medical marijuana patients’ personal information found in trash pile
- Privacy+Security Forum this week in D.C.!
- SG: Fined for leaking 8,000 people’s personal data
- Two jailed for illegally trading student information
SANS Internet Storm Center, InfoCON: green
- Infocon: green
- A few Mirai Updates: MIPS, PPC version; a bit less scanning, (Mon, Oct 24th)
- ISC Stormcast For Tuesday, October 25th 2016 https://isc.sans.edu/podcastdetail.html?id=5223, (Tue, Oct 25th)
- Another Day, Another Spam..., (Tue, Oct 25th)
- ISC Stormcast For Wednesday, October 26th 2016 https://isc.sans.edu/podcastdetail.html?id=5225, (Wed, Oct 26th)
Full Disclosure
- Security Vulnerability : Cisco web site CSRF in change password lead to full account take over
- Apple macOS 10.12.1/iOS 10 SecureTransport SSL handshake OCSP MiTM and DoS
- APPLE-SA-2016-10-24-1 iOS 10.1
- APPLE-SA-2016-10-24-2 macOS Sierra 10.12.1
- APPLE-SA-2016-10-24-3 Safari 10.0.1
- APPLE-SA-2016-10-24-4 tvOS 10.0.1
- APPLE-SA-2016-10-24-5 watchOS 3.1
- daloRADIUS 0.9-9 - Multiple vulnerabilities leading to arbitrary shell execution
- AST-2016-007: UPDATE
Dark Reading:
- New Kovter Trojan Variant Spreading Via Targeted Email Campaign
- Black Hat Europe 2016: Introducing 'RegTech:' Cloud-based Tools For Regulatory Compliance
- Black Hat Europe 2016 S: How Artificial Intelligence Will Liberate Security
- CloudFanta Malware Targets Victims Via Cloud Storage App
- 5 Tips For Preventing IoT Hacks
- 7 Scary Ransomware Families
- Blockchain & The Battle To Secure Digital Identities
- Deleting Email's Original Sin: An Historical Perspective
- Microsoft's New Patch Tuesday Model Comes With Benefits And Risks
- Growing Fear Of IP Theft Hits Power, Auto, Industrial Sectors Hardest
- US Officials: Russian Hackers Could Spread Online Rumors Of Voter Fraud
- Warning: Healthcare Data Under Attack
- Vendor Security Alliance To Improve Cybersecurity Of Third-Party Providers
- New Financial System Analysis & Resilience Center Formed
- NHTSA Issues Cybersecurity Best Practices For Automakers
- 'Root' & The New Age Of IoT-Based DDoS Attacks
- St. Jude Implant Case: Expert Validates Muddy Waters Claim