Can Obama's gun control plan work? AL JAZEERA ENGLISH (AJE)(cached at January 5, 2016, 11:58 pm)

US president issues executive orders to bypass Congress and try to reduce deadly mass shootings.
A History of Innovation and Dysfunction At Los Alamos National Laboratory Slashdotby Soulskill on government at January 1, 1970, 1:00 am (cached at January 5, 2016, 11:32 pm)

In the past, Los Alamos National Laboratory has done some of the United States' most crucial research and development. Lately, the lab has been dealing with accidents and management problems. Reader DougDot directs us to a report from the Santa Fe New Mexican about the questions surrounding LANL's future. Quoting: Federal officials told Congress in December that they will put the LANL contract up for competitive bid for only the second time since the lab opened in 1943. The current LANS contract ends Sept 30, 2017. Identifying what went wrong, and why the lab has proven so difficult to manage, will play an important role for the Department of Energy as it seeks out new managers to run the lab. Investigators say the problems stem from repeated management weaknesses, the kind that were supposed to get fixed when the Department of Energy turned to private industry in 2006 to oversee the lab. It was the first time the federal government had put the lab’s management up for bid, with the idea that a for-profit model, operating under an incentives-based contract, would fix the problems that haunted the nonprofit University of California, which had run the lab since World War II. ... experts, watchdog groups and former lab employees point to an array of problems, from a clash of cultures between the regimented and profit-driven Bechtel and the languorous, research-oriented university; to incentives that may have induced contractors to put a premium on meeting deadlines despite safety risks; to a mix of shoddy accountability and micromanagement on the part of the federal government.

Read more of this story at Slashdot.

Emotional Obama unveils plan to cut gun violence AL JAZEERA ENGLISH (AJE)(cached at January 5, 2016, 11:28 pm)

With tears in his eyes, US president vows the powerful gun lobby will not 'hold America hostage'.
Consumers' security fears are curtailing IoT sales: Report (SC Magazine) SANS ISC SecNewsFeed(cached at January 5, 2016, 11:27 pm)

PayPal investigates account compromised twice in one day (SC Magazine) SANS ISC SecNewsFeed(cached at January 5, 2016, 11:27 pm)

Exploit Vendor Zerodium Puts $100,000 Bounty On Flash's New Security Feature Slashdotby Soulskill on money at January 1, 1970, 1:00 am (cached at January 5, 2016, 11:01 pm)

An anonymous reader writes: Zerodium, the company that buys zero-day bugs from security researchers and then sells them forward to government intelligence agencies, has put out a new bounty, this one on Adobe's Flash Player. The exploit vendor is offering $100,000 to the first researcher that finds a similar zero-day bug, capable of avoiding Flash's newly-released isolated heap memory protection feature. Previously, Zerodium offered $1 million to a security researcher for a zero-day bug in Apple's iOS 9 operating system.

Read more of this story at Slashdot.

Fears grow over escalation of Saudi-Iran row AL JAZEERA ENGLISH (AJE)(cached at January 5, 2016, 10:58 pm)

Riyadh's severing of diplomatic ties with Tehran raises concerns of further regional conflict and economic instability.
India admits security gaps in deadly air base attack AL JAZEERA ENGLISH (AJE)(cached at January 5, 2016, 10:58 pm)

PM Modi calls for "firm and immediate action" against those responsible for attack blamed on Pakistani assailants.
Freezing weather hits central and eastern Europe AL JAZEERA ENGLISH (AJE)(cached at January 5, 2016, 10:58 pm)

Europe receives copious amount of snowfall that has resulted in temperatures dipping below zero in many countries.
Under-attack Linode resets passwords after logins leak onto web (The Register) SANS ISC SecNewsFeed(cached at January 5, 2016, 10:57 pm)

Latvian man spared more U.S. prison time over Gozi computer virus (Yahoo Security) SANS ISC SecNewsFeed(cached at January 5, 2016, 10:57 pm)

Cloud host Linode resets user passwords after suspected hack (ZDNet) SANS ISC SecNewsFeed(cached at January 5, 2016, 10:27 pm)

Latvian who co-wrote worldwide computer virus can go home (Yahoo Security) SANS ISC SecNewsFeed(cached at January 5, 2016, 10:27 pm)

What are you Concerned the Most in 2016?, (Tue, Jan 5th) SANS Internet Storm Center, InfoCON: green(cached at January 5, 2016, 10:27 pm)

There are quite a few predictions out there for 2016, obviously some appear more interesting than others. I picked three that I could have an impact on what we do:

1- Cybersecurity Skill Shortage

I dont think this one is really that new since it has been on the radar for some time now. Depending who you ask and where you live, most predictions estimate up to several hundred of thousand positions will remain unfilled by the end of 2016.

2- Growing Number of Devices on the Internet

According to Gartner [1], they predict there will be up to 6.8 billion device in use in 2016 a whopping 30% increase from last year. That is a lot of devices to support, maintain and protect. This might have the biggest impact for those of us working in cybersecurity. Do you see your workload increase this year?

3- Cybercrime continue to Thrive

With traditional network, you have control of both the entry and exit point of the network, however, when the data move into the cloud, this type of control is lost. As more data move to the cloud, the task to protect and control the data based on organization boundaries is no longer possible. What could be worst, cyber criminals use the resources you pay for to attack other organization (i.e. looks like the attack comes from your organization). According to a McAfee, More than 70% think cybersecurity threats to their organization are escalating.[2]

What are you the most concerned with this coming year?


[1] http://www.gartner.com/newsroom/id/3165317
[2] http://www.mcafee.com/ca/resources/reports/rp-threats-predictions-2016.pdf

-----------
Guy Bruneau IPSS Inc.
Twitter: GuyBruneau
gbruneau at isc dot sans dot edu

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
A New, App-Based Format For Novels Slashdotby Soulskill on books at January 1, 1970, 1:00 am (cached at January 5, 2016, 10:01 pm)

HughPickens.com writes: The Guardian reports that Julian Fellowes, creator of Downton Abbey, plans to release his new novel, a historical drama set in London during the 1840s, in installments via an app. It's a tradition that dates back to Charles Dickens, but utilizes modern technology. Each of Belgravia's 11 chapters will be delivered on a weekly basis, and will come with multimedia extras including music, character portraits, family trees and an audio book version. "To marry the traditions of the Victorian novel to modern technology, allowing the reader, or listener, an involvement with the characters and the background of the story and the world in which it takes place, that would not have been possible until now, and yet to preserve within that the strongest traditions of storytelling, seems to me a marvelous goal and a real adventure," says Fellowes. Publisher Jamie Raab says the format appealed to her precisely because of Fellowes's television background and his ability to keep audiences engaged in a story over months and even years. "I've always been intrigued by the idea of publishing a novel in short episodic bites. He gets how to keep the story paced so that you're caught up in the current episode, then you're left with a cliffhanger."

Read more of this story at Slashdot.