It’s been a while since I’ve posted a digest, and it seems I’ve angered the security gods.
A lot has been going on with “the cybers,” and I’ve got a lot of stories to share. So hopefully this post will be a suitable cyber-oblation. 🙂
Also, for our visitors, I’ll try and be better about spelling-out and linking to definitions of the alphabet-soup that is this industry.
- Internet of Things Distributed Denial of Service attacks (IoT DDoS)
- https://krebsonsecurity.com/2016/12/researchers-find-fresh-fodder-for-iot-attack-cannons/
- https://krebsonsecurity.com/2016/11/akamai-on-the-record-krebsonsecurity-attack/
- https://krebsonsecurity.com/2016/11/new-mirai-worm-knocks-900k-germans-offline/
- http://www.theregister.co.uk/2016/12/08/talktalk_routers_may_be_botnet_imperva_says/
- https://www.pwnieexpress.com/blog/iot-questions-house-energy-commerce-cybersecurity
- https://www.pwnieexpress.com/blog/congress-iot-security
- http://thehackernews.com/2016/12/ddos-attack-game.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29
- http://thehackernews.com/2016/12/ddos-attack-game.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29
- Ransomware
- Threat actor activities
- More on threat actors: https://www.recordedfuture.com/threat-actor-types/
- Some companies make a business out of tracking this: https://www.surfwatchlabs.com/threat-categories
- Avalanche
- APT28 (Advanced Persistent Threat)
- Kapustkiy
- Bug bounties
- https://krebsonsecurity.com/2016/11/dod-opens-mil-to-legal-hacking-within-limits/
- http://motherboard.vice.com/read/hacker-finds-a-way-to-break-into-any-yahoo-mail-inbox-gets-10000
- http://thehackernews.com/2016/12/hack-yahoo-email.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29
- http://www.theregister.co.uk/2016/12/09/yahoo_mail_bug_bounty/
- http://thehackernews.com/2016/11/google-pixel-phone-hacked.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29
- OpenVPN security audit http://www.theregister.co.uk/2016/12/08/openvpn_to_get_security_audit/
- Boston police surveillance
- https://privacysos.org/blog/boston-police-pledge-transparency-spying-refuse-provide-public-info/
- https://privacysos.org/blog/aclu-testimony-proposed-boston-police-social-media-surveillance-program/
- https://privacysos.org/blog/boston-police-department-plans-buy-1-4m-social-media-spying-tool/
- https://privacysos.org/blog/massachusetts-tech-leaders-tell-congress-stop-mass-hacking/
- FBI surveillance (Rule 41)
- https://noglobalwarrants.org/images/proposed-amendment-rule-41.pdf
- http://thehackernews.com/2016/11/fbi-rule-41-hacking.html
- https://privacysos.org/blog/privacy-group-sues-fbi-biometric-sharing-agreement-pentagon/
- http://arstechnica.com/security/2016/11/tor-releases-urgent-update-for-firefox-0day-thats-under-active-attack/
- https://lists.torproject.org/pipermail/tor-talk/2016-November/042639.html
- http://arstechnica.com/security/2016/11/firefox-0day-used-against-tor-users-almost-identical-to-one-fbi-used-in-2013/
- http://thehackernews.com/2016/11/fbi-hacker.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29
- http://thehackernews.com/2016/11/fbi-rule-41-hacking.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29
- 2016 election hacking
- https://www.schneier.com/blog/archives/2016/12/auditing_electi.html
- https://www.schneier.com/blog/archives/2016/11/hacking_and_the.html
- https://www.schneier.com/blog/archives/2016/11/election_securi.html
- http://thehackernews.com/2016/12/russian-hacker-us-election.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29
- https://www.washingtonpost.com/world/national-security/obama-orders-review-of-russian-hacking-during-presidential-campaign/2016/12/09/31d6b300-be2a-11e6-94ac-3d324840106c_story.html?hpid=hp_rhp-top-table-main_russiahack-745p%3Ahomepage%2Fstory&utm_term=.2cf2ac7e8052
- https://theintercept.com/2016/12/10/anonymous-leaks-to-the-washpost-about-the-cias-russia-beliefs-are-no-substitute-for-evidence/
- http://www.theregister.co.uk/2016/12/09/obama_russian_election_hacking_investigation/
- Notable vulnerabilities
- Netgear — http://thehackernews.com/2016/12/netgear-router-hacking.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29
- http://securityaffairs.co/wordpress/54262/iot/netgear-r7000-and-r6400-hack.html
- http://thehackernews.com/2016/12/linux-kernel-local-root-exploit.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29
- http://thehackernews.com/2016/12/redstar-north-korea.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29
- http://thehackernews.com/2016/11/iphone-hacking.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29
- http://thehackernews.com/2016/11/hack-google-account.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29
- http://www.theregister.co.uk/2016/12/06/2fa_missed_warning/
- Kaspersky secure OS
- Barret Brown
Jason Callaway 