# SANS ISC

# threatpost.com

  • DHS Raises Privacy Concerns With Senate Cyber Threat Sharing Bill Mon, 03 Aug 2015 19:03:27 +0000
    A major information-sharing bill that’s in the Senate right now would allow private organizations to share threat data with any government agency, something that the Department of Homeland Security says could have severe privacy implications and cause confusion and inefficiencies inside the federal government. The bill, known as the Cybersecurity Information Sharing Act, would allow […]
  • Thunderstrike 2 OS X Firmware Attack Self-Replicates to Peripherals Mon, 03 Aug 2015 17:51:32 +0000
    At Black Hat, researchers are expected to disclose new firmware attacks that work against OS X and self replicated to Thunderbolt peripherals.
  • EFF, AdBlock and Others Launch New Do Not Track Standard Mon, 03 Aug 2015 15:14:25 +0000
    After years of discussions, disagreements, and digressions, the Do Not Track header is supported by all of the major browsers. But because there’s no real requirement for sites or advertisers to respect it, DNT is not as effective as it could be. Now, the EFF, Disconnect, and several other organizations are publishing a new DNT standard […]
  • Windows 10 Upgrade Spam Carries CTB-Locker Ransomware Mon, 03 Aug 2015 14:24:20 +0000
    Spam messages spoofing Microsoft and promising a free Windows 10 upgrade instead drop the CTB-Locker crypto-ransomware on compromised machines.
  • Unusual Re-Do of US Wassenaar Rules Applauded Fri, 31 Jul 2015 16:56:28 +0000
    The U.S. Commerce Department this week agreed to rewrite the proposed U.S. implementation of the Wassenaar Arrangement, a decision lauded by security experts.
  • Threatpost News Wrap, July 31, 2015 Fri, 31 Jul 2015 15:51:31 +0000
    Dennis Fisher and Mike Mimoso discuss the hacked sniper rifle, the huge Android bug in Stagefright, Samy Kamkar’s OwnStar device, and the joy and pain of next week’s Black Hat conference.
  • FBI Warns of Increase in DDoS Extortion Scams Fri, 31 Jul 2015 15:26:59 +0000
    Online scammers constantly are looking for new ways to reach into the pockets of potential victims, and the FBI says it is seeing an increase in the number of companies being targeted by scammers threatening to launch DDoS attacks if they don’t pay a ransom. The scam is a variation on a theme, the familiar […]
  • Xen Patches VM Escape Flaw Fri, 31 Jul 2015 13:21:27 +0000
    The Xen Project has patched a serious vulnerability that could allow an attacker in a guest virtual machine to escape and gain the ability to run arbitrary code on the host machine. The vulnerability is in the QEMU open source machine emulator that ships as part of the Xen hypervisor. The problem is related to the […]
  • Cisco Fixes DoS Vulnerability in ASR 1000 Routers Thu, 30 Jul 2015 18:55:36 +0000
    Cisco has patched a denial-of-service vulnerability in its ASR 1000 line of routers, a bug that’s caused by an issue with the way the routers handle some fragmented packets. The company said the DoS vulnerability affects all of the ASR 1000 Series Aggregation Services Routers that are running a vulnerable version of the IOS XE […]
  • Writing Advanced OS X Malware an ‘Elegant’ Solution to Improving Detection Thu, 30 Jul 2015 17:56:36 +0000
    OS X security researcher Patrick Wardle is expected at Black Hat to demonstrate how to write advanced Mac malware, including Gatekeeper and Xprotect bypasses, in hopes of raising awareness to the current state of OS malware detection.

# Reddit netsec

# Krebs On Security

  • ‘Like Cutting Off a Limb to Save the Body’ Mon, 03 Aug 2015 04:00:36 +0000
    This author has spent many years chronicling the exploits of black hat spammers who use hacked computers to relay junk email. But I've dedicated comparatively little time delving into ways of email marketers who technically follow U.S. anti-spam laws yet nevertheless engage in spammy practices. The latter is able to ply their trade because there are thousands of Internet hosting companies operating on thin profit margins that are happy to accept spammy but lucrative clients. This is the story of how one hosting company heroically kicked out all of its email marketing customers at great expense and ended up building a stronger, more profitable company in the process.
  • Windows 10 Shares Your Wi-Fi With Contacts Wed, 29 Jul 2015 13:59:51 +0000
    Starting today, Microsoft is offering most Windows 7 and Windows 8 users a free upgrade to the software giant's latest operating system -- Windows 10. But there's a very important security caveat that users should know about before transitioning to the new OS: Unless you opt out, Windows 10 will by default share your Wi-Fi network password with any contacts you may have listed in Outlook and Skype -- and, with an opt-in, your Facebook friends!
  • The Wheels of Justice Turn Slowly Mon, 27 Jul 2015 15:39:43 +0000
    On the evening March 14, 2013, a heavily-armed police force surrounded my home in Annandale, Va., after responding to a phony hostage situation that someone had alerted authorities to at our address. I’ve recently received a notice from the U.S. Justice Department stating that one of the individuals involving in that “swatting” incident had pleaded guilty to a felony conspiracy charge.

# Bruce Schneier's blog

  • Vulnerabilities in Brink's Smart Safe Mon, 03 Aug 2015 13:27:45 -0500
    Brink's sells an Internet-enabled smart safe called the CompuSafe Galileo. Despite being sold as a more secure safe, it's wildly insecure: Vulnerabilities found in CompuSafe Galileo safes, smart safes made by the ever-reliable Brinks company that are used by retailers, restaurants, and convenience stores, would allow a rogue employee or anyone else with physical access to them to command their...
  • Help with Mailing List Hosting Mon, 03 Aug 2015 05:58:48 -0500
    I could use some help with finding a host for my monthly newsletter, Crypto-Gram. My old setup just wasn't reliable enough. I had a move planned, but that fell through when the new host's bounce processing system turned out to be buggy and they admitted the problem might never be fixed. Clearly I need something a lot more serious. My...
  • John Mueller on the Overblown ISIS Threat Mon, 03 Aug 2015 05:31:52 -0500
    John Mueller has a good essay on how the ISIS threat is overblown....
  • Friday Squid Blogging: Russian Sailors Video Colossal Squid Fri, 31 Jul 2015 16:17:16 -0500
    It tried to steal their catch. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....
  • Schneier Speaking Schedule Fri, 31 Jul 2015 14:21:55 -0500
    I'm speaking at an Infoedge event at Bali Hai Golf Club in Las Vegas, at 5 pm on August 5, 2015. I'm speaking at Def Con 23 on Friday, August 7, 2015. I'm speaking -- remotely via Skype -- at LinuxCon in Seattle on August 18, 2015. I'm speaking at CloudSec in Singapore on August 25, 2015. I'm speaking at...
  • HAMMERTOSS: New Russian Malware Fri, 31 Jul 2015 11:12:44 -0500
    FireEye has a detailed report of a sophisticated piece of Russian malware: HAMMERTOSS. It uses some clever techniques to hide: The Hammertoss backdoor malware looks for a different Twitter handle each day -- automatically prompted by a list generated by the tool -- to get its instructions. If the handle it's looking for is not registered that day, it merely...
  • Backdoors Won't Solve Comey's Going Dark Problem Fri, 31 Jul 2015 06:08:22 -0500
    At the Aspen Security Forum two weeks ago, James Comey (and others) explicitly talked about the "going dark" problem, describing the specific scenario they are concerned about. Maybe others have heard the scenario before, but it was a first for me. It centers around ISIL operatives abroad and ISIL-inspired terrorists here in the US. The FBI knows who the Americans...
  • Comparing the Security Practices of Experts and Non-Experts Thu, 30 Jul 2015 14:21:18 -0500
    New paper: "'...no one can hack my mind': Comparing Expert and Non-Expert Security Practices," by Iulia Ion, Rob Reeder, and Sunny Consolvo. Abstract: The state of advice given to people today on how to stay safe online has plenty of room for improvement. Too many things are asked of them, which may be unrealistic, time consuming, or not really worth...
  • The NSA, Metadata, and the Failure of Stopping 9/11 Thu, 30 Jul 2015 06:13:40 -0500
    It's common wisdom that the NSA was unable to intercept phone calls from Khalid al-Mihdhar in San Diego to Bin Ladin in Yemen because of legal restrictions. This has been used to justify the NSA's massive phone metadata collection programs. James Bamford argues that there were no legal restrictions, and that the NSA screwed up....
  • Fugitive Located by Spotify Wed, 29 Jul 2015 13:43:42 -0500
    The latest in identification by data: Webber said a tipster had spotted recent activity from Nunn on the Spotify streaming service and alerted law enforcement. He scoured the Internet for other evidence of Nunn and Barr's movements, eventually filling out 12 search warrants for records at different technology companies. Those searches led him to an IP address that traced Nunn...

# WIRED Threat Level

# exploit-db.com

# Securiteam