Saturday, October 19, 2019
The CyberWire Podcast

Clickfraud and third-parties (both SDKs and stores). Trojanized TOR browser steals from Russian users. WiFi bugs. Sketchy jailbreak. Big Tech on free speech. Cooperation against terrorism.

Clickfraud arrives via a third-party SDK, and the app developers who used it say they didn’t know nuthin’. Maybe they didn’t. A Trojanized TOR browser warns its bro’s that, whoa, you’re out of date and the police might see...

Podcast: Insider Attacks May Soon Cost Less Than Malware-based Equivalent

At what point will infiltrating companies via the "insider threat model" become less costly and difficult than using malware? Threatpost discusses with a SolarWind expert.
Security Weekly

Container Flow – ESW #157

This week, In our first segment, we talk Enterprise News, discussing how Okta is launching offerings for threat detection and remediation, Tenable extends Lumin to all platform customers, Signal Sciences announces integration with Pivotal Container Service, and how Thoma...

Weekly Update 161

NDC Sydney; Removing the Padlock Icon from Chrome; Hack to the Future; Project Svalbard is Still in Progress; Sponsored by Varonis https://www.troyhunt.com/weekly-update-161/
SANS ISC

ISC StormCast for Friday, October 18th 2019

Phishing E-Mail Spoofing SPF Protected Domain https://isc.sans.edu/forums/diary/Phishing+email+spoofing+SPFenabled+domain/25426/Purchased Domain Arrives with
The CyberWire Podcast

Cozy Bear never really left. Iran denies it suffered a US cyberattack. Malicious WAV files. Darknet dragnet hauls in child exploitation ring. Graboid infests Docker hosts.

Cozy Bear isn’t back--Cozy Bear never really left at all. Iran says the Americans are dreaming: there was no cyberattack in retaliation for Iran’s implausibly deniable missile strikes on Saudi oil fields last month. Malicious audio files are dropping...

S2 Ep13.5 All about social media: Growing up online, parent advice and social shaming

In light of National Cybersecurity Awareness Month, we're giving you a special splinter episode all about social media. Harry McMullin shares insights into what it was like growing up with social media from as early as ten, Mark Stockley...
OWASP Podcast

Code Rush, DevOps and Google: Software in the Fast Line

Shortly after watching the documentary, Code Rush, I met with Tara Hernandez, the hockey stick carrying lead of the Netscape project that was being documented. We sat down at the Jenkins World Conference in San Francisco to talk about...

2019-037-Lee Holmes, Powershell logging, and why there’s an ‘execution bypass’

Derbycon9 talk - PowerShell Security Looking Back from the Inside - https://www.youtube.com/watch?v=DYWPtt7qszY&list=PLNhlcxQZJSm_ZDJBksg97I5q1XsdQcyN5&index=27&t=0s   Encarta - https://en.wikipedia.org/wiki/Encarta   Scott Hanselman’s twitter thread about Encarta: https://twitter.com/shanselman/status/1158780839464849409   Congrats on the black badge :)   I like that you bring up...
SANS ISC

ISC StormCast for Thursday, October 17th 2019

Oracle CPU https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.htmlJackson-Databind Vulnerablity https://github.com/FasterXML/jackson-databind/issues/2387VMWare Cloud Foundation and VMware Harbor
Smashing Security

150: Liverpool WAGs, Facebook politics, and a selfie stalker

Footballers' wives go to war over Instagram leaks, it turns out fake news is fine on Facebook (just so long as it's in a political ad), and things take a horrific turn in Japan, as a stalker uses a...
The CyberWire Podcast

Cyber retaliation for a kinetic attack, again. Industrial espionage from China. Botnet does sextortion. Typosquatting the other candidate. A poor approach to reputation management.

The US may have retaliated in cyberspace for Iran’s strikes against Saudi oil fields. China’s new C919 airliner seems to have benefited greatly from industrial espionage. An old botnet learns new tricks. Typosquatting as an election influence trick. A...
Security Weekly

The Nirvana Case – BSW #147

This week, it's our quarterly security money segment! In the first segment, we'll review the Security Weekly 25 index! In our second segment, we'll share the results of our Security Weekly 25 Index Survey, which we completed earlier this...
OWASP Podcast

The Unicorn Project w/ Gene Kim

Edwards Deming went to post-war Japan in the late 1940s to help with the census. While there, he built relationships with some of the main manufacturers in the region, helping them understand the value of building quality into a...

Podcast: Departing Employees Could Mean Departing Data

Threatpost talks to Digital Guardian's Tim Bandos about the top insider threats that enterprises are facing today.
Security Now

SN 736: CheckM8

This week's storiesA sobering reminder about supply chain attacksFacebook's stance on end-to-end encryption raises official protestsUNIX's Co-Creator Ken Thompson's BSD UNIX Password Has Finally Been CrackedJapanese stalker finds idol using reflections in her eyesAmericans and Digital KnowledgeOpenPGP being built...
SANS ISC

ISC StormCast for Wednesday, October 16th 2019

Adobe Updates https://helpx.adobe.com/security.htmlSymantec BSOD https://support.symantec.com/us/en/article.TECH256643.htmlOSX/Shlayer Bypasses Gatekeeper/XProtect https://blog.confiant.com/osx-shlayer-new-shurprise-unveiling-osx-tarmac-f965a32de887Fake iOS Jailbreak
The CyberWire Podcast

Ransomware hits US, French companies. ISPs as combat support arms. Lawful intercept gone rogue? Lazarus Group is back and in GitHub. China’s security laws and security risks.

Ransomware hits companies in France and the US. A Finnish energy company sustains a suspicious IT incident. Turkey jams social media as it rolls tanks against the Kurds. Pegasus spyware said to be in use against Moroccan activists. Silent...
DtSR Podcast

DtSR Episode 366 – D I Why and How

Welcome Down the Security Rabbithole, to the DtSR Podcast. This week, Zac Rosenbauer joins us to talk about what it's like to be "the IT guy" who also has to be vigilant of security in a fast-paced startup...based on...

S2 Ep 13 – Weird Android zero day and other tech fails

This week producer Alice Duckett steps in to host the show with Sophos experts Mark Stockley and Greg Iddon. They discuss Twitter's two-factor authentication faux pas, the risks of copy and pasting code from Stack Overflow and an Android zero-day...
The Register

Deus ex hackina: It took just 10 minutes to find data-divulging demons corrupting Pope’s Click to Pray eRosary app

Vatican coders exorcise API gremlins but, we must confess, they missed little monster.... Exclusive  The technology behind the Catholic Church’s latest innovation, an electronic rosary, is so insecure, it can be trivially hacked to siphon off worshipers' personal information.…
SC Magazine

Trojanized Russian-language Tor browser lets attacks steal from users’ e-wallets

Researchers have discovered a trojanized version of a Tor private browser that targets Russian-speaking dark web marketplace visitors and lets cybercriminals steal from their e-wallet transactions. The developers behind the malicious browser have so far stolen at least $40,000 in...
SC Magazine

UC Browser potentially endangers 500 million users

The popular Android browser UC Browser was found to break several Google mobile app rules possibly placing up to 500 million of its users at risk. UC Browser, which is available from the Google Play store, was found by Zscaler ThreatLabZ...
ZDNet

US stopped using floppy disks to manage nuclear weapons arsenal

US Air Force switches to secure solid-state-based solution to replace antiquated floppy disks in SACCS nuclear weapons management system.
Bruce Schneier

Friday Squid Blogging: Six-Foot-Long Mass of Squid Eggs Found on Great Barrier Reef

It's likely the diamondback squid. There's a video. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.