Ed Bott's Weekly Wrap: Windows 10 update disappears, Amazon adds 2FA, Lumia fails to SANS ISC SecNewsFeed(cached at November 22, 2015, 11:58 pm)

Pesticides Turn Bumblebees Into Poor Pollinators Slashdotby samzenpus on earth at January 1, 1970, 1:00 am (cached at November 22, 2015, 11:32 pm)

MTorrice writes about a new study that suggests neonicotinoids, one of the most widely used insecticides in the world, turn bumblebees into poor pollinators, leading to lower yields of apples and other plants. Chemical & Engineering News reports: "Neonicotinoid pesticides have been blamed for declines in bee populations worldwide. The chemicals don't kill bees, instead neonicotinoids impair the insects' abilities to learn, navigate, forage for nectar, and reproduce, according to studies published over the past several years. Now, researchers report that bees exposed to the pesticides also become less effective pollinators for crops. The study is the first to demonstrate that neonicotinoids can decrease the quality of a food crop by affecting bee pollination. About 30% of our food comes from crops, including fruits, nuts, seeds, and oils, that depend on insect pollinators, according to Dara A. Stanley of Royal Holloway, University of London, who led the new study. 'Basically,' she says, 'you can't have a balanced diet without insect pollination.'"

Read more of this story at Slashdot.

Mass raids after Paris attacks spark civil rights fears AL JAZEERA ENGLISH (AJE)(cached at November 22, 2015, 11:28 pm)

France's three-month emergency laws could see widespread abuse of civil liberties, rights groups warn.
Argentina exit polls suggest win for opposition's Macri AL JAZEERA ENGLISH (AJE)(cached at November 22, 2015, 11:28 pm)

Conservative candidate looks set to defeat Christina Kirchner's preferred leftist successor in presidential runoff.
Q&A: 'Muslim minorities are first victims of terror' AL JAZEERA ENGLISH (AJE)(cached at November 22, 2015, 11:28 pm)

"Retaliatory" attacks and raids target Muslims in France, says Yasser Louati of the Collective Against Islamophobia.
United Airlines Bug Bounty: An experience in reporting a serious vulnerability (Redd SANS ISC SecNewsFeed(cached at November 22, 2015, 11:28 pm)

OpenDNS Research Used to Predict Threat, (Sun, Nov 22nd) SANS Internet Storm Center, InfoCON: green(cached at November 22, 2015, 10:58 pm)

Two researchers (Dhia Mahjoub Thomas Mathew) have recently presented at BruCON on how they have been using DNS to detect patterns that are typical of exploit kits landing domains. Obviously most of us wont get the amount of DNS queries OpenDNS collects (over 70+ billions per day or 1/2 TB per hour) but the principles they are showing in the presentation are very interesting called Spike Rank or SPRank that leverages DNS traffic below recursive resolvers instead of the well know Domain Reputation. SPRank detects domains showing as a sudden surge or a spike in DNS queries issued from our 65 million worldwide clients towards our resolvers.[1]

Their results so far appear to be very promising because they have been able to detect malware campaigns such as Angler, RIG, and Nuclear exploit kits, in addition to DGAs, fake software, or phishing. Take some time watching their BruCON presentation on YouTube and their recently published post.

Do you mine your DNS data and how successful are you at finding malicious activity?

[1] https://labs.opendns.com/2015/11/19/sprank-and-ip-space-monitoring/
[2] https://www.youtube.com/watch?v=8edBgoHXnwg/

-----------
Guy Bruneau IPSS Inc.
Twitter: GuyBruneau
gbruneau at isc dot sans dot edu

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
20 Years of GIMP Slashdotby samzenpus on gimp at January 1, 1970, 1:00 am (cached at November 22, 2015, 10:02 pm)

jones_supa writes: Back in 1995, University of California students Peter Mattis and Kimball Spencer were members of the eXperimental Computing Facility, a Berkeley campus organization. In June of that year, the two hinted at their intentions to write a free graphical image manipulation program as a means of giving back to the free software community. On November 21st, 20 years ago today, Peter Mattis announced the availability of the "General Image Manipulation Program" on Usenet (later "GNU Image Manipulation Program"). Over the years, GIMP amassed a huge amount of new features designed for all kinds of users and practical applications: general image editing, retouching and color grading, digital painting, graphic design, science imaging, and so on. To celebrate the 20th anniversary, there is an update of the current stable branch of GIMP. The newly released version 2.8.16 features support for layer groups in OpenRaster files, fixes for layer groups support in PSD, various user interface improvements, OSX build system fixes, translation updates, and more.

Read more of this story at Slashdot.

Locale-CLDR-Transformations-v0.28.3-TRIAL search.cpan.orgby John Imrie at January 1, 1970, 1:00 am (cached at November 22, 2015, 10:02 pm)

Locale::CLDR - Data Package ( )
Pandoc-Elements-0.09 search.cpan.orgby Jakob Voß at January 1, 1970, 1:00 am (cached at November 22, 2015, 10:02 pm)

create and process Pandoc documents
Dist-Zilla-PluginBundle-Author-Plicease-1.89 search.cpan.orgby ⟦Graham Ollis⟧ at January 1, 1970, 1:00 am (cached at November 22, 2015, 10:02 pm)

Dist::Zilla plugin bundle used by Plicease
Devel-Trepan-0.72 search.cpan.orgby Rocky Bernstein at January 1, 1970, 1:00 am (cached at November 22, 2015, 10:02 pm)

Modular Perl Debugger (akin to Ruby "Trepanning" Debuggers).
Config-Model-2.075 search.cpan.orgby Dominique Dumont at January 1, 1970, 1:00 am (cached at November 22, 2015, 10:02 pm)

Create tools to validate, migrate and edit configuration files
Toxic sludge reaches Atlantic after Brazil dams burst AL JAZEERA ENGLISH (AJE)(cached at November 22, 2015, 9:28 pm)

Officals says thousands of hectares of land and water affected by one of country's worst environmental disasters ever.
George Lucas: "I'm Done With Star Wars" Slashdotby samzenpus on starwars at January 1, 1970, 1:00 am (cached at November 22, 2015, 9:02 pm)

HughPickens.com writes: Entertainment Weekly reports that George Lucas has compared his retirement from Star Wars to a break-up – a mutual one, maybe, but one that nonetheless comes with hard feelings and although Lucas came up with story treatments for a new trilogy, those materials, to put it bluntly, were discarded. "They decided they didn't want to use those stories, they decided they were gonna go do their own thing," says Lucas. "They weren't that keen to have me involved anyway. But at the same time, I said if I get in there I'm just going to cause trouble. Because they're not going to do what I want them to do. And I don't have the control to do that anymore. All I would do is muck everything up. So I said, 'Okay, I will go my way, and I'll let them go their way.'" Lucas says he was going to tell a story about the grandchildren of figures from the original trilogy. "The issue was, ultimately, they looked at the stories and they said, 'We want to make something for the fans,'" says Lucas. "So, I said, all I want to do is tell a story of what happened – it started here and went there. It's all about generations, and issues of fathers and sons and grandfathers. It's a family soap opera." Although the team behind The Force Awakens acknowledges they're taking the story in a different direction from what Lucas intended, they maintain affection for his original creations and the man himself. "Before I showed up, it was already something that Disney had decided they wanted to go a different way with," says J. J. Abrams. "But the spirit of what he wrote, both in those pages and prior, is everything that this movie is built upon." Some fans question why there was no "Based on" credit for Lucas in the poster for The Force Awakens. "I don't know why it isn't on the poster, but it's a valid point. I'm sure that that will be a credit in the film," says Abrams. "We are standing on the shoulders of Episodes I through VI."

Read more of this story at Slashdot.