We Only Sing About it Once in Every 20 Years inessential.comat January 1, 1970, 9:00 am (cached at November 9, 2015, 11:59 pm)

The other day, my friend — who’s enjoying being a hermit lately, and asked not to be named — expressed a wish to know more pop songs. I said I could come up with a list of 12 worth knowing.

It isn’t the list. It’s a list.

Every one of these can still give me chills (in the best way). In no particular order:

Under the Milky Way by the Church.

A Pair of Brown Eyes by the Pogues.

Spanish Bombs by the Clash.

Brimful of Asha by Cornershop. “Asha” means hope, and the reference to “45” is a reference to pop songs. I once did a talk that used this song — it was about how apps are the new pop songs. (Imagine the call-out at the end, but with The Iconfactory, Panic, Omni, Tapbots, and so on.) Sometimes I think this is my favorite song of all songs ever.

Here Comes Your Man by the Pixies. Bonus points: Gigantic and Monkey Gone to Heaven.

Just Like Heaven by the Cure.

Fade Into You by Mazzy Star.

Love Will Tear Us Apart by Joy Division.

What’s the Matter Here by 10,000 Maniacs. I’m in tears by “Oh these cold, and rude, things that you do…”

See How We Are by X.

Sweet Jane by the Velvet Underground. Bonus points: Cowboy Junkies cover. “Everyone who had a heart — they wouldn’t turn ’round and break it. Everyone who played a part — they wouldn’t turn ’round and hate it.”

Ceremony by New Order.

All of these except for Ceremony are great for one guitar and singer (or singers). They could all be modern folk songs.

I include Ceremony anyway because it’s a miracle.

Ford vows to protect data, seeks car owner permission to share (SC Magazine) SANS ISC SecNewsFeed(cached at November 9, 2015, 11:58 pm)

Seven House Democrats travel to China to talk cybersecurity (SC Magazine) SANS ISC SecNewsFeed(cached at November 9, 2015, 11:58 pm)

Judge Orders NSA Bulk Collection Halted Weeks Early (SecurityWeek) SANS ISC SecNewsFeed(cached at November 9, 2015, 11:58 pm)

What Happened To Passenger Hovercraft? Slashdotby samzenpus on transportation at January 1, 1970, 1:00 am (cached at November 9, 2015, 11:32 pm)

An anonymous reader writes: Although much has been written about hoverboards lately, hovercraft have largely faded from public imagination, BBC News reports. The Bond-esque 1960's sensation proved too noisy to roam inland rivers regularly, while too small to compete at sea with a new generation of conventional mega ferries and high speed car-carrying catamarans. Military aside, only a 10-minute english route and a sino-russian river border crossing keep hopes air-cushioned nowadays, while civilian operators wait for electric propulsion to become practical, aiming to reduce airplane-like noise levels and excessive fuel costs with new technology.

Read more of this story at Slashdot.

Oz insurer offers Basis breathing-bangle-for-your-data swap (The Register) SANS ISC SecNewsFeed(cached at November 9, 2015, 11:28 pm)

Speeding Up Your CRM Performance (IT Toolbox Blogs) SANS ISC SecNewsFeed(cached at November 9, 2015, 11:28 pm)

Baidu Data Research Reveals China's Ghost Cities Slashdotby samzenpus on china at January 1, 1970, 1:00 am (cached at November 9, 2015, 11:02 pm)

An anonymous reader writes: Chinese web services giant, Baidu, has embarked on a new study in which it uses location information from users' mobile devices, as well as mapping and building data, to identify areas with high volumes of construction with relatively low population densities — known as 'ghost cities.' The researchers, in the published findings Ghost Cities: Analysis Based on Positioning Data in China, were able to discount areas which experienced high levels of tourism which skew the figures in peak seasons. The Baidu Big Data team discovered 50 ghost cities, although only 20 of these were revealed in the report to avoid potential harm to the real estate market in these areas.

Read more of this story at Slashdot.

'Twice-baked' model for Moon origin BBC News | Science/Nature | UK Edition(cached at November 9, 2015, 10:58 pm)

A new model of the Moon's formation suggests it developed in two stages, leading to inner and outer layers with different compositions.
A setback for India’s prime minister? AL JAZEERA ENGLISH (AJE)(cached at November 9, 2015, 10:58 pm)

Narendra Modi and the BJP suffer a humiliating election defeat in Bihar state.
Windows accelerates SHA-1 deprecation (SC Magazine) SANS ISC SecNewsFeed(cached at November 9, 2015, 10:58 pm)

Discovering Java Deserialization Issues - Burp Extension (Reddit) SANS ISC SecNewsFeed(cached at November 9, 2015, 10:58 pm)

Zero days propagation on the web (Reddit) SANS ISC SecNewsFeed(cached at November 9, 2015, 10:58 pm)

State Fines Hospital, EMC After Breach (InfoRiskToday) SANS ISC SecNewsFeed(cached at November 9, 2015, 10:58 pm)

Protecting Users and Enterprises from the Mobile Malware Threat, (Mon, Nov 9th) SANS Internet Storm Center, InfoCON: green(cached at November 9, 2015, 10:57 pm)

With recent news of mobile malicious adware that roots smartphones, attention is again being paid to mobile security and the malware threat that is posed to it. While mobile ransomware is also a pervasive and growing threat, there are mobile RATs (such as JSocket and OmniRAT) that are also able to take full remote control of mobile devices. Some of the functionality of those tolls includes the ability to use the microphone to listen in on victims and to view whatever is in front of the camera while the unsuspected victims goes about their day.

Its important to realize that mobile malware, in essence, is just a question of apps. Even in the adware rooting apps above, it all still begins with installing an application which means there are some defined ways users and enterprises can protect themselves. The other danger is that most of the time, these devices are on the cellular network so they operate outside all of the network protective technologies an enterprise has to detect, if not prevent, compromise. Here is a quick list of what users and enterprises can do.

For users:

For enterprises:

What else would you add to this list?

--
John Bambenek
bambenek\at\ gmail /dot/ com
Fidelis Cybersecurity

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.