# SANS ISC

# threatpost.com

# Reddit netsec

# Krebs On Security

  • Did the Clinton Email Server Have an Internet-Based Printer? Thu, 26 May 2016 21:50:55 +0000
    The Associated Press today points to a remarkable footnote in a recent State Department inspector general report on the Hillary Clinton email scandal: The mail was managed from the vanity domain “clintonemail.com.” But here’s a potentially more explosive finding: A review of the historic domain registration records for that domain indicates that whoever built the private email […]
  • Skimmers Found at Walmart: A Closer Look Wed, 25 May 2016 14:58:45 +0000
    Recent local news stories about credit card skimmers found in self-checkout lanes at some Walmart locations reminds me of a criminal sales pitch I saw recently for overlay skimmers made specifically for the very same card terminals.
  • Noodles & Company Probes Breach Claims Thu, 19 May 2016 11:20:24 +0000
    Noodles & Company [NASDAQ: NDLS], a fast-casual restaurant chain with more than 400 stores in 31 U.S. states, says it has hired outside investigators to probe reports of a credit card breach at some locations.

# Bruce Schneier's blog

  • Hacking Gesture-Based Security Thu, 12 May 2016 05:31:34 -0500
    Interesting research: Abdul Serwadda, Vir V. Phoha, Zibo Wang, Rajesh Kumar, and Diksha Shukla, "Robotic Robbery on the Touch Screen," ACM Transactions on Information and System Security, May 2016. Abstract: Despite the tremendous amount of research fronting the use of touch gestures as a mechanism of continuous authentication on smart phones, very little research has been conducted to evaluate how...
  • FTC Investigating Android Patching Practices Wed, 11 May 2016 14:37:37 -0500
    It's a known truth that most Android vulnerabilities don't get patched. It's not Google's fault. They release the patches, but the phone carriers don't push them down to their smartphone users. Now the Federal Communications Commission and the Federal Trade Commission are investigating, sending letters to major carriers and device makers. I think this is a good thing. This is...
  • New Credit Card Scam Wed, 11 May 2016 06:34:50 -0500
    A criminal ring was arrested in Malaysia for credit card fraud: They would visit the online shopping websites and purchase all their items using phony credit card details while the debugging app was activated. The app would fetch the transaction data from the bank to the online shopping website, and trick the website into believing that the transaction was approved,...
  • Children of Spies Tue, 10 May 2016 06:15:43 -0500
    Fascinating story of Tim and Alex Foley, the children of Russian spies Donald Heathfield and Tracey Foley....
  • Economist Detained for Doing Math on an Airplane Mon, 09 May 2016 13:15:02 -0500
    An economics professor was detained when he was spotted doing math on an airplane: On Thursday evening, a 40-year-old man ­-- with dark, curly hair, olive skin and an exotic foreign accent --­ boarded a plane. It was a regional jet making a short, uneventful hop from Philadelphia to nearby Syracuse. Or so dozens of unsuspecting passengers thought. The curly-haired...
  • NIST Starts Planning for Post-Quantum Cryptography Mon, 09 May 2016 06:19:22 -0500
    Last year, the NSA announced its plans for transitioning to cryptography that is resistant to a quantum computer. Now, it's NIST's turn. Its just-released report talks about the importance of algorithm agility and quantum resistance. Sometime soon, it's going to have a competition for quantum-resistant public-key algorithms: Creating those newer, safer algorithms is the longer-term goal, Moody says. A key...
  • Friday Squid Blogging: Firefly Squid in the News Fri, 06 May 2016 16:11:56 -0500
    It's a good time to see firefly squid in Japan. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....
  • Dilbert on Electronic Voting Machines Fri, 06 May 2016 14:10:23 -0500
    Accurate (the cartoon, not the machines)....
  • White House Report on Big Data Discrimination Fri, 06 May 2016 06:12:29 -0500
    The White House has released a report on big-data discrimination. From the blog post: Using case studies on credit lending, employment, higher education, and criminal justice, the report we are releasing today illustrates how big data techniques can be used to detect bias and prevent discrimination. It also demonstrates the risks involved, particularly how technologies can deliberately or inadvertently perpetuate,...
  • Own a Pair of Clipper Chips Thu, 05 May 2016 06:31:32 -0500
    The AT&T TSD was an early 1990s telephone encryption device. It was digital. Voice quality was okay. And it was the device that contained the infamous Clipper Chip, the U.S. government's first attempt to put a back door into everyone's communications. Marcus Ranum is selling a pair on eBay. He has the description wrong, though. The TSD-3600-E is the model...

# WIRED Threat Level

# exploit-db.com

# Securiteam