Hackin9
[slackware-security] mercurial (SSA:2016-123-01)
 
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

-- Rick Wanner MSISE - rwanner at isc dot sans dot edu - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

Hybrid IT Requires Hybrid Security
PR Newswire (press release)
Consequently, IT and their information security (InfoSec) brethren have the added responsibility to "fit" security technologies and practices into this dynamic morass of IT environments and deployment models. This integration is no easy task, as the ...

and more »
 

iT News

Ask your cloud vendors the tough questions: APRA
iT News
In a speech at the CeBIT Conference in Sydney, Australian Prudential and Regulatory Authority security chief Mikhail Lopushanski urged infosec leaders to ditch discussions when vendors aren't forthcoming. "[APRA] wanted to deploy a tool for agile ...

 
ESA-2016-041: RSA Data Loss Prevention Multiple Vulnerabilities
 

Enlarge

Computer scientists have discovered vulnerabilities in Samsung's Smart Home automation system that allowed them to carry out a host of remote attacks, including digitally picking connected door locks from anywhere in the world.

The attack, one of several proof-of-concept exploits devised by researchers from the University of Michigan, worked against Samsung's SmartThings, one of the leading Internet of Things (IoT) platforms for connecting electronic locks, thermostats, ovens, and security systems in homes. The researchers said the attacks were made possible by two intrinsic design flaws in the SmartThings framework that aren't easily fixed. They went on to say that consumers should think twice before using the system to connect door locks and other security-critical components.

"All of the above attacks expose a household to significant harm—break-ins, theft, misinformation, and vandalism," the researchers wrote in a paper scheduled to be presented later this month at the 2016 IEEE Symposium on Security and Privacy. "The attack vectors are not specific to a particular device and are broadly applicable."

Read 9 remaining paragraphs | Comments

 

Zach Allen over at Fastlyhas published a couple of posts on Lean Threat Intelligence.

Part 1describes a methodology for Threat Intelligence planning and design that can be reused virtuallyanywhere. ">I love how this posts boils Threat">Intelligence down to a business problem to be solved, not a technology to be deployed. Too often we deploy expensive and costly to manage technology products without understanding the specific problem that is to be solved, then the product winds up underutilized or is unsuitable. ">Part 2is more technical. Itgets into the implementationof a Threat Intelligence system using only open source products.

Definitely a good read if you are interested in deploying Threat Intelligence on the cheap.

-- Rick Wanner MSISE - rwanner at isc dot sans dot edu - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

Techworm

Snapdragon 820 deep learning SDK introduced by Qualcomm
Techworm
With Snapdragon 820 being one of the most powerful chipsets that you see present in high-end Android smartphones, Qualcomm has decided to make the SoC even more than effective by launching a new software development kit called the Snapdragon ...

and more »
 
[SECURITY] [DSA 3565-1] botan1.10 security update
 
[SECURITY] [DSA 3564-1] chromium-browser security update
 

There have been numerous reports of a fake update for Chrome for Android. A fake update for Android is not in itself very unusualor interesting, but this particular bit of malware is somewhat more insidious than most. The update, titled Update_chrome.apk requests administrative access to the device and then takes a page out of Zeus and other credential stealing malware and captures banking and personal information. When the user makes a purchase in the Google Play store the malware uses a very realistic looking payment page that captures a screenshot of any credit card information entered and sends it toRussian. The malware prevents its removal. At this point the only way to remove the malware is by returningthe device to factory defaults, causing all user data to be lost.

More information on this malware can be found over at the zScaler website.

This reiterates the usual methodology for software management on these devices. Always get your updates from reputable sources such as Google Play, and if you do need to installupdates from a third party developer you need to validate the update before installation.

-- Rick Wanner MSISE - rwanner at isc dot sans dot edu - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

Ask your cloud vendors the tough questions: APRA
iT News
In a speech at the CeBIT Conference in Sydney, Australian Prudential and Regulatory Authority security chief Mikhail Lopushanski urged infosec leaders to ditch discussions when vendors aren't forthcoming. "[APRA] wanted to deploy a tool for agile ...

 

Techworm

Experience YouTube's material design before its officially launched
Techworm
When Google first announced its new “Material Design” guidelines, users were ecstatic. The new Material Design made Android the best-looking mobile platform compared to other operating systems. Now Google is testing a fantastic new design for the ...

and more »
 

ADA criticized over sending malware-infected USB drives to its own members
Healthcare Dive
The ADA, which serves more than 159,000 members, had circulated the drives as a format to distribute its 2016 manual of CDT dental procedure codes, Healthcare IT News reported. The association said a "small percentage" of ... told Healthcare IT News ...

and more »
 

Techworm

Facebook to add self-destructing message feature to its Messenger App
Techworm
Will it or will it not was not the issue, the issue was when will Facebook Messenger App get the self-destructing messages feature like Snapchat. From the looks of it, the Facebook's standalone Messenger App for iOS will soon get a self-destructing ...

and more »
 

ADA criticized over use of USB drives after malware debacle
Healthcare Dive
The ADA, which serves more than 159,000 members, had circulated the drives as a format to distribute its 2016 manual of CDT dental procedure codes, Healthcare IT News reported. The association said a "small percentage" of ... told Healthcare IT News ...

 
[SECURITY] [DSA 3563-1] poppler security update
 
Exploit-DB Captcha Bypass
 
[SECURITY] [DSA 3562-1] tardiff security update
 
[security bulletin] HPSBGN03547 rev.3 - HPE Helion Eucalyptus Node Controller and other Helion Eucalyptus Components using glibc, Remote Arbitrary Code Execution
 
[slackware-security] ntp (SSA:2016-120-01)
 
[slackware-security] php (SSA:2016-120-02)
 
[slackware-security] subversion (SSA:2016-121-01)
 
Internet Storm Center Infocon Status