Hackin9

It's "precrime" meets "thoughtcrime." China is using its substantial surveillance apparatus as the basis for a "unified information environment" that will allow authorities to profile individual citizens based upon their online behaviors, financial transactions, where they go, and who they see. The authorities are watching for deviations from the norm that might indicate someone is involved in suspicious activity. And they're doing it with a hand from technology pioneered in the US.

As Defense One's Patrick Tucker reports, the Chinese government is leveraging "predictive policing" capabilities that have been used by US law enforcement, and it has funded research into machine learning and other artificial intelligence technologies to identify human faces in surveillance video. The Chinese government has also used this technology to create a "Situation-Aware Public Security Evaluation (SAPE) platform" that predicts "security events" based on surveillance data, which includes anything from actual terrorist attacks to large gatherings of people.

The Chinese government has plenty of data to feed into such systems. China invested heavily in building its surveillance capabilities in major cities over the past five years, with spending on "domestic security and stability" surpassing China's defense budget—and turning the country into the biggest market for security technology. And in December, China's government gained a new tool in surveillance: anti-terrorism laws giving the government even more surveillance powers, and requiring any technology companies doing business in China to provide assistance in that surveillance.

Read 3 remaining paragraphs | Comments

 
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

Adobe has released updates for Acrobat and Acrobat Reader versionsto address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.

According to Adobe, there are three CVEs fixed in these updates. CVE-2016-1007 and CVE-2016-1009refer tomemory corruption issues that could permit code execution. " target="_blank">http://www.adobe.com/devnet-docs/acrobatetk/tools/ReleaseNotes/11/11.0.15.html#elevenzerozerofifteen

ner MSISE - rwanner at isc dot sans dot edu - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

https://isc.sans.edu/mspatchdays.html?viewday=2016-03-08

--
Alex Stanford - GIAC GWEB GSEC,
Research Operations Manager,
SANS Internet Storm Center
/in/alexstanford

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

-- Rick Wanner MSISE - rwanner at isc dot sans dot edu - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Re: Apple iOS v9.2.1 - Multiple PassCode Bypass Vulnerabilities (App Store Link, Buy Tones Link & Weather Channel Link)
 
[slackware-security] php (SSA:2016-067-01)
 
Internet Storm Center Infocon Status