VIDEO: Tiny killer fly caught on camera BBC News | Science/Nature | UK Edition(cached at September 29, 2015, 11:59 pm)

Neuroscientists have recorded the first video footage of a tiny killer fly catching its prey in mid-air.
How tiny killer flies pounce on prey BBC News | Science/Nature | UK Edition(cached at September 29, 2015, 11:59 pm)

Scientists record the first video footage of tiny killer flies catching prey in mid-air, in a study of how the creatures pick their targets.
Science leaders make investment case BBC News | Science/Nature | UK Edition(cached at September 29, 2015, 11:59 pm)

Leading figures in the scientific community argue for a lift in public research spending to boost the British economy.
iOS 9 'Wi-Fi Assist' Could Lead To Huge Wireless Bills Slashdotby Soulskill on ios at January 1, 1970, 1:00 am (cached at September 29, 2015, 11:32 pm)

Dave Knott writes: One of the new features introduced in iOS9 is "Wi-Fi Assist." This enables your phone to automatically switch from Wi-Fi to a cellular connection when the Wi-Fi signal is poor. That's helpful if you're in the middle of watching a video or some other task on the internet that you don't want interrupted by spotty Wi-Fi service. Unfortunately, Wi-Fi Assist is enabled by default, which means that users may exceed their data cap without knowing it because their phone is silently switching their data connection from Wi-Fi to cellular.

Read more of this story at Slashdot.

Late Barcelona fightback stuns Leverkusen AL JAZEERA ENGLISH (AJE)(cached at September 29, 2015, 11:28 pm)

Two goals in two minutes seal holders' win in Champions League; Lewandowki hits hat-trick in Bayern's win.
Breach Tally: HIPAA Omnibus' Impact (InfoRiskToday) SANS ISC SecNewsFeed(cached at September 29, 2015, 11:28 pm)

Tricks for DLL analysis, (Tue, Sep 29th) SANS Internet Storm Center, InfoCON: green(cached at September 29, 2015, 11:28 pm)

Very often I get questions on how to perform analysis on DLL files.

The reason being that it is easier to perform behavioral analysis on executables, either using external sandboxes or a vmware with tools like the ones from the Sysinternals suite.

For DLL, on most of times, you cant just run them, you can use windows applications like rundll32 with right the export, but sometimes it may not work.

At this point if you want something fast to perform some analysis on the DLL you can go for the static analysis, looking for the strings and trying to determine the nature of the malware.

The problem resides on fact that most malware these days are using custom packers, making your job more difficult.

The quick and dirty solution for this would be to force it to memory so it would unpack itself. That would make your job much easier by just using a process dump tool and then check the strings.

Something that I used to do to accomplish it was to use regsvr32 to load the DLL on memory. It will throw an error on most cases, but the DLL will be loaded, until you close the error message.

On that period of time, you can use your preferred dump tool and dump the regsvr32 process, and check the DLL strings.

Another way is to simply inject the DLL into a running process, like explorer.exe for example. This simple python script inspired by the Grey Hat Python book seems to do the job quite well!

Simply run it by passing the PID you want to inject the DLL and the DLL file as parameters and it will work.

For example:

python dll_inject.py 618 badll.dll

-- This will inject the baddll.dll into process ID 618.

To find the process ID you can either use tools like Sysinternals process explorer or Windows Task Manager.

Good luck!

------

Pedro Bueno (pbueno /%%/ isc. sans. org)

Twitter: http://twitter.com/besecure

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Amazon Launches 'Flex,' a Crowdsourced Delivery Service Slashdotby Soulskill on transportation at January 1, 1970, 1:00 am (cached at September 29, 2015, 11:02 pm)

sckirklan writes: Amazon has rolled out a new service called Amazon Flex. It lets people sign up to deliver packages using their mobile phone and their car, earning $18-25/hr while doing so. Think Uber, but for package delivery. Their goal is to fully support one-hour delivery within certain cities. The service is available in Seattle to start, and it'll soon expand to Manhattan, Baltimore, Miami, Dallas, Austin, Chicago, Indianapolis, Atlanta, and Portland. No news on what they think of bicycle couriers, but given their focus on being green, I'd imagine something is in the works.

Read more of this story at Slashdot.

An interesting detail about Control Flow Guard (Reddit) SANS ISC SecNewsFeed(cached at September 29, 2015, 10:58 pm)

iOS 9 finally makes Apple Music enjoyable and worth a listen (Yahoo Security) SANS ISC SecNewsFeed(cached at September 29, 2015, 10:58 pm)

Pwn The Docs: Major vulnerability in Read The Docs (readthedocs.org) and why I hate SANS ISC SecNewsFeed(cached at September 29, 2015, 10:58 pm)

Lessons Learned From The VW Scandal (Forbes) SANS ISC SecNewsFeed(cached at September 29, 2015, 10:58 pm)

Google unveils tablet, Nexus phones (Yahoo Security) SANS ISC SecNewsFeed(cached at September 29, 2015, 10:28 pm)

Unlocking iPhone 6s: What you need use the new iPhone on any carrier you want (Yahoo SANS ISC SecNewsFeed(cached at September 29, 2015, 10:28 pm)

Truecrypt Critical Vulnerability, Patched in Veracrypt, CVE-2015-7358,7359 (Reddit) SANS ISC SecNewsFeed(cached at September 29, 2015, 10:28 pm)