[« 2016/12/19] [today] [2016/12/21 »] [« previous 15]
Holiday release of nmap 7.40 with 12 new NSE scripts and more. Download at https:/ SANS Internet Storm Center, InfoCON: green(cached at December 20, 2016, 11:30 pm)

--

John Bambenek

bambenek \at\ gmail /dot/ com

Fidelis Cybersecurity

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
What are your 2017 infosec predictions?, (Tue, Dec 20th) SANS Internet Storm Center, InfoCON: green(cached at December 20, 2016, 11:30 pm)

Its that time of year again where the technical press starts running security prediction stories for the upcoming year. I know Ive done a few interviews on it already and sure other handlers have as well. As things wind down for the year, what are your thoughts for what we can expect next year? Have we hit peak ransomware? Is election hacking a phase, or will it spread to the upcoming European elections? To what end? What will be the next big DDoS target that Mirai takes on?

Comment below and let us know what youre thinking will be the next big thing.

--
John Bambenek
bambenek \at\ gmail /dot/ com
Fidelis Cybersecurity

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
VMWare releases security advisory for remote root vulnerability - VMSA-2016-0024 - SANS Internet Storm Center, InfoCON: green(cached at December 20, 2016, 11:30 pm)

--

John Bambenek

bambenek \at\ gmail /dot/ com

Fidelis Cybersecurity

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
AT&T Is Adding a Spam Filter For Phone Calls Slashdotby BeauHD on att at January 1, 1970, 1:00 am (cached at December 20, 2016, 11:04 pm)

An anonymous reader quotes a report from The Verge: Today, ATT introduced a new service for automated blocking of fraud or spam calls. Dubbed ATT Call Protect, the system identifies specific numbers believed to be sources of fraud, and will either deliver those calls with a warning or block them outright. Users can whitelist specific numbers, although temporary blocks require downloading a separate Call Protect app. The feature is only available on postpaid iOS and Android devices, and can be activated through the MyATT system. Phone companies have allowed for manual number blocking for years, and third-party apps like Whitepages and Privacystar use larger databases of untrustworthy numbers to preemptively block calls from the outside. But ATT's new system would build in those warnings at the network level, and give operators more comprehensive data when assembling suspected numbers. More broadly, marketing calls are subject to the national Do Not Call registry. Specific instances of fraud can still be reported through carriers or directly to police.

Read more of this story at Slashdot.

Governors Recommend Aligning State Privacy Laws with HIPAA (InfoRiskToday) SANS ISC SecNewsFeed(cached at December 20, 2016, 11:00 pm)

T-Mobile has widespread problems with fraudulent sales, report claims (Yahoo Securit SANS ISC SecNewsFeed(cached at December 20, 2016, 11:00 pm)

This Free App Can Protect You From Ransomware (Forbes) SANS ISC SecNewsFeed(cached at December 20, 2016, 11:00 pm)

Russian Hackers Stole $5 Million Per Day From Advertisers With Bots and Fake Website Slashdotby BeauHD on advertising at January 1, 1970, 1:00 am (cached at December 20, 2016, 10:34 pm)

Russian hackers have used fake websites and bots to steal millions of dollars from advertisers. According to researchers, the fraud has siphoned more than $180 million from the online ad industry. CNNMoney reports: Dubbed "Methbot," it is a new twist in an increasingly complex world of online crime, according to White Ops, the cybersecurity firm that discovered the operation. Methbot, so nicknamed because the fake browser refers to itself as the "methbrowser," operates as a sham intermediary advertising ring: Companies would pay millions to run expensive video ads. Then they would deliver those ads to what appeared to be major websites. In reality, criminals had created more than 250,000 counterfeit web pages no real person was visiting. White Ops first spotted the criminal operation in October, and it is making up to $5 million per day -- by generating up to 300 million fake "video impressions" daily. According to White Ops, criminals acquired massive blocks of IP addresses -- 500,000 of them -- from two of the world's five major internet registries. Then they configured them so that they appeared to be located all over the United States. They built custom software so that computers (at those legitimate data centers) acted like real people viewing those ads. These "people" even appeared to have Facebook accounts (they didn't), so that premium ads were served. Hackers fooled ad fraud blockers because they figured out how to build software that mimicked a real person who only surfed during the daytime -- using the Google Chrome web browser on a Macbook laptop.

Read more of this story at Slashdot.

Tesla still has a Model S quality control problem (Yahoo Security) SANS ISC SecNewsFeed(cached at December 20, 2016, 10:30 pm)

Report: Russian cybergang scored millions in fake-ad scam (Yahoo Security) SANS ISC SecNewsFeed(cached at December 20, 2016, 10:30 pm)

Tesla still has a Model S quality control problem (Yahoo Security) SANS ISC SecNewsFeed(cached at December 20, 2016, 10:30 pm)

France Becomes First Federal Postal Service To Use Drones To Deliver Mail Slashdotby BeauHD on transportation at January 1, 1970, 1:00 am (cached at December 20, 2016, 10:04 pm)

An anonymous reader quotes a report from Motherboard: The French postal service is beginning an experimental drone delivery program to deliver parcels on a nine mile route once a week. After the program gets approval from the French aviation regulatory authority, the federal postal service will be the first to ever use drone delivery on a regular route. The drones used in the French postal service experiment have the capacity to fly up to 12 miles carrying about two pounds maximum, going around 19 miles per hour. They are also equipped with parachutes for safe emergency landing in case something disrupts the flight. The eventual goal is to reach rural or mountainous regions that are otherwise difficult and expensive to get to using cars. The drone mail delivery program has been a project of the DPDgroup, Europe's second largest international parcel delivery network, operating as a subsidiary under the French national postal service. The DPDgroup had been working on this program with Atechsys, a French drone company, since 2014 in the south of France. "The first commercial line represents a new step in the program," DPDgroup said in a press release. With the testing phase now over, the experimentation phase is all set to begin. Currently, those participating in the experiment to receive parcels are non-residential, including over ten tech companies. The done routes stretch over the southeastern region of Provence, going between Saint-Maximin-La-Sainte-Beaume and Pourrieres.

Read more of this story at Slashdot.

Crypt-Perl-0.031 search.cpan.orgby Felipe Gasper at January 1, 1970, 1:00 am (cached at December 20, 2016, 10:03 pm)

Cryptography in pure Perl
Crypt-Perl-0.031 search.cpan.orgby Felipe Gasper at January 1, 1970, 1:00 am (cached at December 20, 2016, 10:03 pm)

Cryptography in pure Perl
Module-CoreList-5.20161220 search.cpan.orgby Chris Williams at January 1, 1970, 1:00 am (cached at December 20, 2016, 10:03 pm)

what modules shipped with versions of perl
[« 2016/12/19] [today] [2016/12/21 »] [« previous 15]