ForeScout Raises $76 Million at $1 Billion Valuation (SecurityWeek) SANS ISC SecNewsFeed(cached at January 21, 2016, 11:57 pm)

Nivdort trojan found in new Facebook phishing attack (SC Magazine) SANS ISC SecNewsFeed(cached at January 21, 2016, 11:57 pm)

Document: U.S. gov't OKs exploiting certain zero-days during investigations (SC Maga SANS ISC SecNewsFeed(cached at January 21, 2016, 11:57 pm)

Five Things New State Privacy Bills Could Teach Congress (WIRED) SANS ISC SecNewsFeed(cached at January 21, 2016, 11:57 pm)

Kaspersky detects surge in 'Asacub' mobile banking trojan attacks (SC Magazine) SANS ISC SecNewsFeed(cached at January 21, 2016, 11:27 pm)

An Ancient, Brutal Massacre May Be the Earliest Evidence of War Slashdotby timothy on earth at January 1, 1970, 1:00 am (cached at January 21, 2016, 11:03 pm)

HughPickens.com writes: Violence has always been part of human behavior, but the origins of war are hotly debated. Some experts see it as deeply rooted in evolution, pointing to violent confrontations among groups of chimpanzees as clues to an ancestral predilection while others emphasize the influence of complex and hierarchical human societies, and agricultural surpluses to be raided. Now James Gorman writes in the NY Times that scientists have discovered a site in Africa dated about 10,000 years ago where a group of hunter-gatherers attacked and slaughtered another, leaving the dead with crushed skulls, embedded arrow or spear points, and other devastating wound. It's not clear that anyone was spared at the Nataruk massacre. Of the 27 individuals found, eight were male and eight female, with five adults of unknown gender. The site also contained the partial remains of six children. Twelve of the skeletons were in a relatively complete state, and ten of those showed very clear evidence that they had met a violent end. In the paper, the researchers describe "extreme blunt-force trauma to crania and cheekbones, broken hands, knees and ribs, arrow lesions to the neck, and stone projectile tips lodged in the skull and thorax of two men." Four of them, including a late-term pregnant woman, appear to have had their hands bound. "These human remains record the intentional killing of a small band of foragers with no deliberate burial, and provide unique evidence that warfare was part of the repertoire of inter-group relations among some prehistoric hunter-gatherers," says Dr Marta Mirazon. The killers carried weapons they wouldn't have used for hunting and fishing, including clubs of various sizes and a combination of close-proximity weapons like knives and distance weapons, including the arrow projectiles she calls a hallmark of inter-group conflict. " This suggests premeditation and planning," says Mirazon Lahr. Other, isolated examples of period violence have previously been found in the area, and those featured projectiles crafted of obsidian, which is rare in the area but also seen in the Nataruk wounds. This suggests that the attackers may have been from another area, and that multiple attacks were likely a feature of life at the time. "This implies that the resources the people of Nataruk had at the time were valuable and worth fighting for, whether it was water, dried meat or fish, gathered nuts or indeed women and children. This shows that two of the conditions associated with warfare among settled societies—control of territory and resources—were probably the same for these hunter-gatherers, and that we have underestimated their role in prehistory."

Read more of this story at Slashdot.

Several killed in police raid on Cairo apartment AL JAZEERA ENGLISH (AJE)(cached at January 21, 2016, 10:57 pm)

Ministry of Interior says three policemen and one civilian killed at an apartment near the famed Pyramids.
AMX backdoors US gov's comms system with Batman-inspired surveillance mode (The Regi SANS ISC SecNewsFeed(cached at January 21, 2016, 10:57 pm)

GCHQ spies quashed this phone encryption because it was too good against snoopers (T SANS ISC SecNewsFeed(cached at January 21, 2016, 10:57 pm)

Symantec reseller caught using Norton name in tech support scam (SC Magazine) SANS ISC SecNewsFeed(cached at January 21, 2016, 10:57 pm)

Developers Frustrated with GitHub Prod For Changes In Bug Reports, Transparency Slashdotby timothy on opensource at January 1, 1970, 1:00 am (cached at January 21, 2016, 10:33 pm)

DeveloperTech reports that a group of GitHub developers have posted an open letter, with nearly 1300 signatures, expressing dissatisfaction with GitHub's processes and policies, and in particular the site's level of transparency. A slice of the letter: "Those of us who run some of the most popular projects on GitHub feel completely ignored by you. We’ve gone through the only support channel that you have given us either to receive an empty response or even no response at all," he wrote. "We have no visibility into what has happened with our requests, or whether GitHub is working on them. Since our own work is usually done in the open and everyone has input into the process, it seems strange for us to be in the dark about one of our most important project dependencies."

Read more of this story at Slashdot.

Clashes amid spreading Tunisia unemployment protests AL JAZEERA ENGLISH (AJE)(cached at January 21, 2016, 10:27 pm)

Several reports of suicide attempts as protests spread to cities across Tunisia amid anger over unemployment.
TeslaCrypt Flaw Allows Free File Decryption (SecurityWeek) SANS ISC SecNewsFeed(cached at January 21, 2016, 10:27 pm)

Scanning for Fortinet ssh backdoor, (Thu, Jan 21st) SANS Internet Storm Center, InfoCON: green(cached at January 21, 2016, 10:27 pm)

On 11 Jan, a Python script was posted on the full-disclosure mailing list that took advantage of a hardcoded ssh password in some older versions of various products from Fortinet (see complete list in Ref [1] below). Looking at our collected ssh data, weve seen an increase in scanning for those devices in the days since the revelation of the vulnerability. Nearly all of this scanning has come from two IPs in China (124.160.116.194 and 183.131.19.18). So if you haven" />

References:

[1]http://www.fortiguard.com/advisory/multiple-products-ssh-undocumented-login-vulnerability

---------------
Jim Clausing, GIAC GSE #26
jclausing --at-- isc [dot] sans (dot) edu

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Sparrow-0.0.16 search.cpan.orgby melezhik at January 1, 1970, 1:00 am (cached at January 21, 2016, 10:02 pm)

Sparrow - outthentic tests manager