Legal experts and rights groups argue Trump's call to 'terminate' programme after Tuesday's attack is an 'overreaction'.

These days, when I receive a suspect PDF document, it's rare that it contains malicious code, but it will rather be a phishing or other social engineering attack. Such PDFs often contain URLs that can be clicked.

URLs can be include in PDF documents using the /URI name. I recently updated my pdfid.py tool to report /URI names too:

In this screenshot, you can also see the use of a plugin (-p plugin_triage). The purpose of this plugin is to help less experienced malware analyst to triage PDF documents, by assigning a score and providing instructions.

With my pdf-parser.py tool, we can extract the URLs like this:

 

Didier Stevens
Microsoft MVP Consumer Security
blog.DidierStevens.com DidierStevensLabs.com

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

An anonymous reader quotes The Hill: A prominent attorney for cybersecurity issues has this advice to the unnamed Twitter worker said to have pulled the plug on President Trump's Twitter account: "Don't say anything and get a lawyer." Tor Ekeland told The Hill that while the facts of the case are still unclear and the primary law used to prosecute hackers is murky and unevenly applied, there is a reasonable chance the Twitter worker violated the Computer Fraud and Abuse Act...widely considered to be, as Ekeland explained it, "a mess." Various courts around the country have come up with seemingly contradictory rulings on what unauthorized access actually means. Ekeland said the Ninth Circuit, covering the state of California, has itself issued rulings at odds with itself that would have an impact on the Trump Twitter account fiasco as a potential case. The Ninth Circuit ruled that employees do not violate the law if they exceed their workplace computer policies. It has also ruled that employees who have been told they do not have permission to access a system cannot legally access it. Depending on which ruling a court leans on the hardest, a current Twitter employee without permission to shutter accounts may have violated the law by nixing Trump's account. Ekeland points out that just $5,000 worth of damage could carry a 10-year prison sentence. Friday the New York Times also reported that the worker responsible wasn't even a Twitter employee, but a hired contractor, adding that "nearly every" major tech company uses contractors for non-technical positions, including Google, Apple, and Facebook.

Read more of this story at Slashdot.

Saad Hariri steps down as prime minister on November 4, potentially plunging the country into a fresh political crisis.

Meteb bin Abdullah, National Guard head, and Adel Fakeih, economy minister, sacked in continuing changes in the kingdom.

An anonymous reader writes: Gawker's assets are now up for sale, and Page Six reports that they could be sold to a Hollywood movie studio which is "seriously interested" in adapting the site's stories into movies or TV shows -- and is also looking into filming the story of Gawker itself. Another interested buyer is described as a "group of hard-core Gawker fans" who are currently performing their own due diligence. But the bankruptcy manager for Gawker "has not ruled out the possibility" of selling the site to Peter Thiel. Also up for sale are "potential legal claims" Gawker may have against Peter Thiel, according to the Wall Street Journal.

Read more of this story at Slashdot.

Localization support for DateTime.pm

Law adopted by parliament raises fear it could be used to undermine freedom of speech in Hong and Macau as well.

The UN says more than 10 million people around the world do not have a country they legally belong to.

Long-time Slashdot reader doom writes: Over a two year period, a third of the IPv4 address space have experienced some sort of DoS attack, though the researchers who've ascertained this suspect this is an underestimate. This is from a story at Science Daily reporting on a study recently presented in London at the Internet Measurement Conference. "As might be expected, more than a quarter of the targeted addresses in the study came in the United States, the nation with the most internet addresses in the world. Japan, with the third most internet addresses, ranks anywhere from 14th to 25th for the number of DoS attacks, indicating a relatively safe nation for DoS attacks..." The study itself states, "On average, on a single day, about 3% of all Web sites were involved in attacks (i.e., by being hosted on targeted IP addresses)." "Put another way," said the report's principal investigator, "during this recent two-year period under study, the internet was targeted by nearly 30,000 attacks per day."

Read more of this story at Slashdot.

Rebels say they launched Burkan 2-H missile from the Yemeni border towards the Saudi capital Riyadh.

From the indictments of ex-Trump aides to the president's double standards on attacks, Al Jazeera highlights the key events the White House faced this week.

Long-time Slashdot reader Freshly Exhumed quotes Ars Technica: A federal appeals court has now partially ruled in favor of the SCO Group, breathing new life into a lawsuit and a company (now bankrupt and nearly dead) that has been suing IBM for nearly 15 years. Last year, U.S. District Judge David Nuffer had ruled against SCO (whose original name was Santa Cruz Operation) in two summary judgment orders, and the court refused to allow SCO to amend its initial complaint against IBM. SCO soon appealed. On Monday, the 10th US Circuit Court of Appeals found that SCO's claims of misappropriation could go forward while also upholding Judge Nuffer's other two orders. Here's Slashdot's first story about the trial more than 14 years ago, and a nice timeline from 2012 of the next nine years of legal drama.

Read more of this story at Slashdot.

Temporarily change the value of a variable.