Hackin9
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
As the number of employees who telework trends upward—and new kinds of devices are used in telework—the National Institute of Standards and Technology (NIST) is updating its guidance to include the latest technology available to ...
 

Richard Clarke, former White House cybersecurity czar, says the government has always put limits on what it would do to fight terrorism, and the FBI's demands of Apple overstep them. (credit: Aude)

Another former national security official has spoken out forcefully against the FBI's quest to get Apple to write code to unlock the iPhone 5c used by San Bernardino mass shooter Syed Farook. Richard Clarke served as the National Security Council's chief counter-terrorism advisor to three presidents (George H.W. Bush, Bill Clinton, and George W. Bush) before becoming George W. Bush's special advisor on cybersecurity. He told National Public Radio's David Greene today that "encryption and privacy are larger issues than fighting terrorism," taking issue with the FBI's attempts to compel Apple's assistance.

Clarke added that if he was still at the White House, he would have told FBI Director James Comey to "call Ft. Meade, and the NSA would have solved this problem…Every expert I know believes that NSA can crack this phone." But the FBI wasn't seeking that help, he said, because "they just want the precedent."

Clarke explained that the FBI was trying to get the courts to essentially compel speech from Apple with the All Writs Act. "This is a case where the federal government using a 1789 law trying to compel speech. What the FBI is trying to do is make code-writers at Apple, to make them write code that they do not want to write that will make their systems less secure," he said. "Compelling them to write code. And the courts have ruled in the past that computer code is speech."

Read 2 remaining paragraphs | Comments

 

Enlarge

The FBI's legal showdown with Apple over iPhone security has spilled into just about every facet of popular culture, from endless news coverage to Congressional hearings and even to comments from President Obama. On Sunday, it got treatment from comedian John Oliver, whose weekly HBO series Last Week Tonight does a better job than most news shows covering the important news stories of the day.

In an 18-minute segment, Oliver brought the stakes of the fight front and center and explained in some of the most concrete terms yet why—contrary to the repeated claims of the Obama administration—the outcome concerns the security of mobile data everywhere. Not only that, but Oliver kept the whole thing highly entertaining while steering clear of lionizing Apple.

Last Week Tonight with John Oliver: Encryption (HBO)

Think of the government as your dad

Putting to rest the FBI's highly flawed analysis that the debate is about the security of a single iPhone belonging to slain San Bernardino shooter Syed Rizwan Farook, Oliver reminded his audience that law enforcement officers have a whole battery of other seized iPhones they also want unlocked. Compelling Apple engineers to develop a special version of iOS that bypasses safety features built in to Farook's phone, then, is only the beginning. Or as Oliver put it:

Read 6 remaining paragraphs | Comments

 
Yahoo Bug Bounty #37 - Sender Spoofing Vulnerability
 
ChitaSoft (Web-Application) - SQL Injection Vulnerability
 
Chamlio LMS v1.10.2 - (Profile) Persistent Web Vulnerability
 
ESA-2016-012: EMC Documentum xCP ? User Information Disclosure Vulnerability
 
Reflected Cross-Site Scripiting in CuteEditor
 
Re: oss-2016-13: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (powermate driver)
 
Re: oss-2016-17: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes (multiple free) on invalid USB device descriptors (snd-usb-audio driver)
 
Re: oss-2016-18: Multiple Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (ati_remote2 driver)
 
Re: oss-2016-15: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (iowarrior driver)
 
[SECURITY] [DSA 3515-1] graphite2 security update
 
Soundy Background Music XSS Vulnerability
 
[SECURITY] [DSA 3516-1] wireshark security update
 

ating a small group of SSH honeypots (locatedinBelgium, Canada France) and Im of course keeping an eye on it every day. Collected data are sent to DShieldand to my Splunk instance. Asmall reminder:if you">">Cowrie is a wonderful honeypot. Not only, it tracks login attempts and, when the attacker successfully connected,it also simulates a real server with a fake file system and commands. But it can also simulate Direct-TCP requests. This is a nice featureoffered bySSH servers that allowa user to create TCP sessions inside the SSH tunnel. This feature is called Port Forwarding. It is used by many people who need to access a service not directly reachable from their current location. Example: you have a web interface to manage an appliance that is not available but you have a SSH server in the same subnet. Just do this: "> $ ssh -L 8443:192.168.254.10:443 [email protected]">More interesting: To surf the web anonymously, you can use dynamic port forwarding with the -D"> $ ssh -D 8080 [email protected]">Note: This feature is enabled by default in OpenSSH and can be disabled by addingAllowTcpForwarding No">">If its so easy and useful for goodpeople, you can imagine that its even more interesting for attackers that could then hide their IP address.A few days ago, I detected an unusual amount of events generated by some of my honeypots. Regarding my honeypots, there was an huge increase of Direct-TCP">">">A closer look to the Direct-TCP">">">">">Germany came in first place just with two distinct IP addresses.">">">The attackers tried to use the honeypot">"> TCP Ports Hits 80 31431 25 1428 587 383 443 271 465 160 110 30 143 13 1101 4 1102 4 89 1

If we analyze the relations between the honeypots, sources and destinations, we see that some destinations (blue) were targeted bymore than one attacker (green) connected on differenthoneypots">About the web traffic, thetop destinations ">Xavier Mertens
ISC Handler - Freelance Security Consultant
PGP Key

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
[SECURITY] [DSA 3514-1] samba security update
 
WebKitGTK+ Security Advisory WSA-2016-0002
 
DW Question Answer Stored XSS Vulnerability
 
oss-2016-17: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes (multiple free) on invalid USB device descriptors (snd-usb-audio driver)
 
oss-2016-16: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (snd-usb-audio driver)
 
oss-2016-15: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (iowarrior driver)
 
[ANNOUNCE] CVE-2016-0782: ActiveMQ Web Console - Cross-Site Scripting
 
FreeBSD Security Advisory FreeBSD-SA-16:13.bind
 
[ANNOUNCE] CVE-2016-0734: ActiveMQ Web Console - Clickjacking
 
Microsoft Edge CDOMTextNode::get_data type confusion
 
[SECURITY] [DSA 3511-1] bind9 security update
 
[SECURITY] [DSA 3512-1] libotr security update
 
[SE-2012-01] Broken security fix in Oracle Java SE 7/8/9
 
Internet Storm Center Infocon Status