# SANS ISC

# Reddit netsec

# Krebs On Security

# Bruce Schneier's blog

  • The Costs of NSA Surveillance Tue, 29 Jul 2014 12:10:52 -0500
    New America Foundation has a new paper on the costs of NSA surveillance: economic costs to US business, costs to US foreign policy, and costs to security. News article....
  • Conference on Deception Tue, 29 Jul 2014 06:29:39 -0500
    There was a conference on deception earlier this month. Sophie Van Der Zee has a summary of the sessions....
  • Russia Paying for a Tor Break Mon, 28 Jul 2014 06:06:49 -0500
    Russia has put out a tender on its official government procurement website for anyone who can identify Tor users. The reward of $114,000 seems pretty cheap for this capability. And we now get to debate whether 1) Russia cannot currently deaonymize Tor users, or 2) Russia can, and this is a ruse to make us think they can't....
  • Friday Squid Blogging: Build a Squid Fri, 25 Jul 2014 16:04:07 -0500
    An interactive animation from the Museum of New Zealand Te Papa Tongarewa. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....
  • Building a Legal Botnet in the Cloud Fri, 25 Jul 2014 10:33:15 -0500
    Two researchers have built a botnet using free anonymous accounts. They only collected 1,000 accounts, but there's no reason this can't scale to much larger numbers....
  • Security Vulnerability in the Tails OS Wed, 23 Jul 2014 11:58:21 -0500
    I'd like more information on this....
  • Securing the Nest Thermostat Tue, 22 Jul 2014 10:06:30 -0500
    A group of hackers are using a vulnerability in the Nest thermostat to secure it against Nest's remote data collection....
  • Fingerprinting Computers By Making Them Draw Images Mon, 21 Jul 2014 15:34:50 -0500
    Here's a new way to identify individual computers over the Internet. The page instructs the browser to draw an image. Because each computer draws the image slightly differently, this can be used to uniquely identify each computer. This is a big deal, because there's no way to block this right now. Article. Hacker News thread. EDITED TO ADD (7/22): This...
  • Friday Squid Blogging: Squid Dissection Fri, 18 Jul 2014 16:35:30 -0500
    A six-hour video of a giant squid dissection from Auckland University of Technology. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....
  • NASDAQ Hack Fri, 18 Jul 2014 11:26:24 -0500
    Long article on a sophisticated hacking of the NASDAQ stock exchange....

# WIRED Threat Level

  • Why the Security of USB Is Fundamentally Broken Thu, 31 Jul 2014 07:00:16 GMT
    Computer users pass around USB sticks like silicon business cards. Although we know they often carry malware infections, we depend on antivirus scans and the occasional reformatting to keep our thumbdrives from becoming the carrier for the next digital epidemic. But the security problems with USB devices run deeper than you think: Their risk isn’t […]






  • Personal Privacy Is Only One of the Costs of NSA Surveillance Tue, 29 Jul 2014 10:30:30 GMT
    There is no doubt the integrity of our communications and the privacy of our online activities have been the biggest casualty of the NSA’s unfettered surveillance of our digital lives. But the ongoing revelations of government eavesdropping have had a profound impact on the economy, the security of the internet and the credibility of the […]






  • Your iPhone Can Finally Make Free, Encrypted Calls Tue, 29 Jul 2014 05:30:58 GMT
    If you’re making a phone call with your iPhone, you used to have two options: Accept the notion that any wiretapper, hacker or spook can listen in on your conversations, or pay for pricey voice encryption software. As of today there’s a third option: The open source software group known as Open Whisper Systems has announced […]
  • The App I Used to Break Into My Neighbor’s Home Fri, 25 Jul 2014 10:30:32 GMT
    Leave your ring of cut-brass secrets unattended on your desk at work, at a bar table while you buy another round, or in a hotel room, and any stranger---or friend---can upload your keys to their online collection.






  • How Hackers Hid a Money-Mining Botnet in the Clouds of Amazon and Others Thu, 24 Jul 2014 10:30:57 GMT
    Hackers have long used malware to enslave armies of unwitting PCs, but security researchers Rob Ragan and Oscar Salazar had a different thought: Why steal computing resources from innocent victims when there’s so much free processing power out there for the taking? At the Black Hat conference in Las Vegas next month Ragan and Salazar […]






  • How Thieves Can Hack and Disable Your Home Alarm System Wed, 23 Jul 2014 10:30:05 GMT
    When it comes to the security of the Internet of Things, a lot of the attention has focused on the dangers of the connected toaster, fridge and thermostat. But a more insidious security threat lies with devices that aren’t even on the internet: wireless home alarms. Two researchers say that top-selling home alarm setups can […]






  • Hackers Could Take Control of Your Car. This Device Can Stop Them Tue, 22 Jul 2014 10:30:41 GMT
    David Schwen | Wheel: Getty Hackers Charlie Miller and Chris Valasek have proven more clearly than anyone in the world how vulnerable cars are to digital attack. Now they’re proposing the first step towards a solution. Last year the two Darpa-funded security researchers spent months cracking into a Ford Escape and a Toyota Prius, terrifying […]






  • A Convicted Hacker and an Internet Icon Join Forces to Thwart NSA Spying Fri, 18 Jul 2014 15:22:20 GMT
    A new project called Dark Mail brings together two high-profile privacy advocates to take on the leakiest of all information: that pernicious metadata.






  • Here’s How Easy It Could Be for Hackers to Control Your Hotel Room Thu, 17 Jul 2014 10:30:24 GMT
    Shenzhen is the Silicon Valley of mainland China. Situated about 50 minutes north of Hong Kong, the modern city is home to the Shenzhen Stock Exchange and numerous high-tech giants and startups. So naturally, the city’s five-star hotels regularly host wealthy moguls in their luxury rooms. Last year, one of those hotels also hosted a […]






  • Swedish Court to Julian Assange: You’re Not Going Anywhere Wed, 16 Jul 2014 17:09:16 GMT
    The Swedish court that first issued the warrant for Julian Assange upheld its legality today.






# exploit-db.com

# Securiteam