Podcasts

WikiLeaks Dumps 'Erdogan Emails' After Turkey's Failed Coup | WIRED
https://www.wired.com/2016/07/wikileaks-dumps-erdogan-emails-turkeys-fai...

WikiLeaks Put Women in Turkey in Danger, for No Reason
http://www.huffingtonpost.com/zeynep-tufekci/wikileaks-erdogan-emails_b_...

Notorious Hacker 'Phineas Fisher' Says He Hacked The Turkish Government | Motherboard
http://motherboard.vice.com/read/phineas-fisher-turkish-government-hack

ZeroBin
https://zerobin.net/?28625085e55bf0fb#QFl/7wV7jpgLG6aXm3YLzDtFklBTWZtJ3G...

bellingcat - "We've shot four people. Everything's fine." The Turkish Coup through the Eyes of its Plotters - bellingcat
https://www.bellingcat.com/news/mena/2016/07/24/the-turkey-coup-through-...

Snowden Designs a Device to Warn if Your iPhone's Radios Are Snitching | WIRED
https://www.wired.com/2016/07/snowden-designs-device-warn-iphones-radio-...

Edward Snowden on Twitter: "The aversion to sharing #NSA evidence is fear of revealing "sources and methods" of intel collection, but #XKEYSCORE is now publicly known."
https://twitter.com/Snowden/status/757577614873755648

Robert M. Lee on Twitter: "Since my colleagues are afraid to comment - @Snowden this is ridiculous. Also weren't you in T group. Just stop. https://t.co/6Gv5hK7qMi"
https://twitter.com/RobertMLee/status/757715572461219841

Keys to Chimera crypto ransomware allegedly leaked by rival crime gang | Ars Technica
http://arstechnica.com/security/2016/07/keys-to-chimera-crypto-ransomwar...

SentinelOne Offers $1 Million Guarantee To Stop Ransomware
http://www.darkreading.com/vulnerabilities---threats/sentinelone-offers-$1-million-guarantee-to-stop-ransomware/d/d-id/1326363

EFF Files Lawsuit Challenging DMCA's Restrictions Security Researchers | Threatpost | The first stop for security news
https://threatpost.com/eff-files-lawsuit-challenging-dmcas-restrictions-...

Malicious computers caught snooping on Tor-anonymized Dark Web sites | Ars Technica
http://arstechnica.com/security/2016/07/malicious-computers-caught-snoop...

Upcoming Tor Design Battles Hidden Services Snooping | Threatpost | The first stop for security news
https://threatpost.com/upcoming-tor-design-battles-hidden-services-snoop...

NIST Recommends SMS Two-Factor Authentication Deprecation | Threatpost | The first stop for security news
https://threatpost.com/nist-recommends-sms-two-factor-authentication-dep...

How I made LastPass give me all your passwords
https://labs.detectify.com/2016/07/27/how-i-made-lastpass-give-me-all-yo...

Yahoo Ordered to Explain Data Gathering Procedures in Deleted Email Case | Threatpost | The first stop for security news
https://threatpost.com/yahoo-ordered-to-explain-data-gathering-procedure...

Verizon to End Yahoo Survival Fight With $4.8 Billion Deal - Bloomberg
http://www.bloomberg.com/news/articles/2016-07-24/verizon-said-to-announ...

New attack bypasses HTTPS protection on Macs, Windows, and Linux | Ars Technica
http://arstechnica.com/security/2016/07/new-attack-that-cripples-https-c...

Pornhub Hack Earns Researchers $22,000 | Threatpost | The first stop for security news
https://threatpost.com/pornhub-hack-earns-researchers-22000/119450/

Firefox to Block Flash in August, Disable in 2017 | Threatpost | The first stop for security news
https://threatpost.com/firefox-to-block-flash-in-august-disable-in-2017/...

Alan on Twitter: "spend $150 on a fancy pet feeder that doesn't feed your cat when their servers are offline what a great design https://t.co/ZXMiGuWNFE"
https://twitter.com/alanzeino/status/758209842477604864

15 Vulnerabilities in SAP HANA Outlined | Threatpost | The first stop for security news
https://threatpost.com/15-vulnerabilities-in-sap-hana-outlined/119406/

Wikileaks Dismantling of DNC Is Clear Attack by Putin on Clinton | Observer
http://observer.com/2016/07/wikileaks-dismantling-of-dnc-is-clear-attack...

Why Does DNC Hacker 'Guccifer 2.0' Talk Like This? | Motherboard
https://motherboard.vice.com/read/why-does-dnc-hacker-guccifer-20-talk-l...

A Hat Tip to a White Hat | A Collection of Bromides on Infrastructure
https://blogs.bromium.com/2016/06/21/a-hat-tip-to-a-white-hat/

WikiLeaks Dumps 'Erdogan Emails' After Turkey's Failed Coup | WIRED
https://www.wired.com/2016/07/wikileaks-dumps-erdogan-emails-turkeys-fai...

Turkey Blocks WikiLeaks After Dump of Government Emails | Motherboard
http://motherboard.vice.com/read/turkey-erdogan-blocks-wikileaks-after-d...

Ethereum Inventor: We Got 'Very Lucky' In Gamble to Save $56M From Hacker | Motherboard
http://motherboard.vice.com/read/ethereum-56m-hacker-the-dao-vitalik-but...

Clever Tool Shields Your Car From Hacks by Watching Its Internal Clocks | WIRED
https://www.wired.com/2016/07/clever-tool-shields-car-hacks-watching-int...

Big Privacy Ruling Says Feds Can't Grab Data Abroad With a Warrant | WIRED
https://www.wired.com/2016/07/big-privacy-ruling-says-feds-cant-grab-dat...

Baseball exec gets 46 months in prison after guessing rival team's password | Ars Technica
http://arstechnica.com/tech-policy/2016/07/baseball-exec-gets-46-months-...

FDIC was hacked by China, and CIO covered it up | Ars Technica
http://arstechnica.com/security/2016/07/fdic-was-hacked-by-china-and-cio...

Hacker 'Phineas Fisher' Speaks on Camera for the First Time-Through a Puppet | Motherboard
http://motherboard.vice.com/read/hacker-phineas-fisher-hacking-team-puppet

Hacker Claims to Have Sold Leaked Terrorism Watchlist 'World-Check' For $20,000 | Motherboard
http://motherboard.vice.com/read/hacker-leaked-terrorism-watchlist-world...

Two Million Passwords Breached in Ubuntu Hack | Threatpost | The first stop for security news
https://threatpost.com/two-million-passwords-breached-in-ubuntu-hack/119...

'Prominent' Admin of Top ISIS Forum Hacked | Motherboard
http://motherboard.vice.com/read/prominent-admin-of-top-isis-jihadi-foru...

Activists Release Nearly 100 Years of TIME Magazine Issues For Free | Motherboard
http://motherboard.vice.com/read/activists-release-nearly-100-years-of-t...

httpoxy
https://httpoxy.org/

Software flaw puts mobile phones and networks at risk of complete takeover | Ars Technica
http://arstechnica.com/security/2016/07/software-flaw-puts-mobile-phones...

Google Chrome Malware Leads to Sketchy Facebook Likes | Threatpost | The first stop for security news
https://threatpost.com/google-chrome-malware-leads-to-sketchy-facebook-l...

Oracle Fixes 276 Vulnerabilites in July Critical Patch Update | Threatpost | The first stop for security news
https://threatpost.com/oracle-patches-record-276-vulnerabilities-with-ju...

Apple Fixes Vulnerabilities Across OS X, iOS, Safari | Threatpost | The first stop for security news
https://threatpost.com/apple-fixes-vulnerabilities-across-os-x-ios-safar...

Cisco Talos - Talos 2016 0171
http://www.talosintelligence.com/reports/TALOS-2016-0171/

Crypto flaw made it easy for attackers to snoop on Juniper customers | Ars Technica
http://arstechnica.com/security/2016/07/crypto-flaw-made-it-easy-for-att...

Meet The Cyber Mercenaries Selling Spyware To Governments | Motherboard
http://motherboard.vice.com/read/meet-the-cyber-mercenaries-selling-spyw...

Carbanak Gang Tied to Russian Security Firm? - Krebs on Security
http://krebsonsecurity.com/2016/07/carbanak-gang-tied-to-russian-securit...

iOS version of Pok\xe9mon Go is a possible privacy trainwreck [Updated] | Ars Technica
http://arstechnica.com/gaming/2016/07/pokemon-go-on-ios-gets-full-access...

Malicious Pok\xe9mon Go Features Backdoor, RAT | Threatpost | The first stop for security news
https://threatpost.com/malicious-pokemon-go-app-installs-backdoor-on-and...

Chrysler Launches Detroit's First 'Bug Bounty' for Hackers | WIRED
https://www.wired.com/2016/07/chrysler-launches-detroits-first-bug-bount...

Paint it black: Revisiting the Blackphone and its cloudy future | Ars Technica
http://arstechnica.com/information-technology/2016/07/paint-it-black-rev...

Tor Project, a Digital Privacy Group, Reboots With New Board - The New York Times
http://www.nytimes.com/2016/07/14/technology/tor-project-a-digital-priva...

MIT Anonymity Network Riffle Promises Efficiency, Security | Threatpost | The first stop for security news
https://threatpost.com/mit-anonymity-network-riffle-promises-efficiency-...

Putin signs new anti-terror law in Russia. Edward Snowden is upset. - The Washington Post
https://www.washingtonpost.com/world/europe/putin-signs-law-to-bolster-r...

VPN Company Claims Russian Government Seized Its Servers | Motherboard
http://motherboard.vice.com/read/vpn-company-private-internet-access-cla...

Google Tests New Crypto in Chrome to Fend Off Quantum Attacks | WIRED
https://www.wired.com/2016/07/google-tests-new-crypto-chrome-fend-off-qu...

Now it's easy to see if leaked passwords work on other sites | Ars Technica
http://arstechnica.com/security/2016/07/password-reuse-tool-makes-it-eas...

Florida U boffins think they've defeated all ransomware \u2022 The Register
http://www.theregister.co.uk/2016/07/12/ransomware_defeated/

Nation-backed malware that infected energy firm is 1 of 2016's sneakiest | Ars Technica
http://arstechnica.com/security/2016/07/nation-backed-malware-that-infec...

Criminal Forums Ban Hacker Linked to Myspace, LinkedIn Breaches | Motherboard
http://motherboard.vice.com/read/criminal-forums-ban-hacker-linked-to-my...

Taiwan banks suspend Wincor Nixdorf ATM withdrawals after crooks st...
https://www.finextra.com/newsarticle/29161/taiwan-banks-suspend-wincor-n...

Hacker Finds Bug to Edit or Delete Any Medium Post | Motherboard
http://motherboard.vice.com/read/hacker-finds-bug-to-edit-or-delete-any-...

20-year-old Windows bug lets printers install malware-patch now | Ars Technica
http://arstechnica.com/security/2016/07/20-year-old-windows-bug-lets-pri...

D-Link Wi-Fi Camera Flaw Extends to 120 Products | Threatpost | The first stop for security news
https://threatpost.com/d-link-wi-fi-camera-flaw-extends-to-120-products/...

TP-Link forgets to register domain name, leaves config pages open to hijack | Ars Technica
http://arstechnica.com/security/2016/07/tp-link-forgets-to-register-doma...

July 2016 Adobe Flash Player Patches | Threatpost | The first stop for security news
https://threatpost.com/adobe-patches-52-vulnerabilities-in-flash-player/...

Facebook Messenger End-to-End Encryption Not On By Default | Threatpost | The first stop for security news
https://threatpost.com/facebook-messenger-end-to-end-encryption-not-on-b...

'Secret Conversations:' End-to-End Encryption Comes to Facebook Messenger | WIRED
https://www.wired.com/2016/07/secret-conversations-end-end-encryption-fa...

Kylie Auldist - Sensational - YouTube
https://www.youtube.com/watch?v=MqDDceJleh0

SensePost | Sensepost at blackhat & defcon 2016
https://www.sensepost.com/blog/2016/sensepost-at-blackhat-defcon-2016/

FBI - Statement by FBI Director James B. Comey on the Investigation of Secretary Hillary Clinton's Use of a Personal E-Mail System
https://www.fbi.gov/news/pressrel/press-releases/statement-by-fbi-direct...

Infidelity website Ashley Madison facing FTC probe, CEO apologizes | Reuters
http://www.reuters.com/article/us-ashleymadison-cyber-idUSKCN0ZL09J

Chelsea Manning 'rushed to hospital after trying to take own life' | Americas | News | The Independent
http://www.independent.co.uk/news/world/americas/chelsea-manning-rushed-...

Sorry Privacy Lovers, The Blackphone Is Flirting With Failure - Forbes
http://www.forbes.com/sites/thomasbrewster/2016/07/06/silent-circle-blac...

Researchers Sue the Government Over Computer Hacking Law | WIRED
https://www.wired.com/2016/06/researchers-sue-government-computer-hackin...

Over 100 Snooping Tor Nodes Have Been Spying on Dark Web Sites | Motherboard
http://motherboard.vice.com/read/over-100-snooping-tor-nodes-have-been-s...

These Maps Show What the Dark Web Looks Like | Motherboard
http://motherboard.vice.com/read/these-maps-show-what-the-dark-web-looks...

After hiatus, in-the-wild Mac backdoors are suddenly back | Ars Technica
http://arstechnica.com/security/2016/07/after-hiatus-in-the-wild-mac-bac...

How a Hacker Is Gaming the Media to Extort His Victims | Motherboard
http://motherboard.vice.com/read/how-a-hacker-is-gaming-the-media-to-ext...

Scope of ThinkPwn UEFI Zero Day Expands | Threatpost | The first stop for security news
https://threatpost.com/scope-of-thinkpwn-uefi-zero-day-expands/119027/

HummingBad Android Malware Connected to YiSpecter iOS Attacks | Threatpost | The first stop for security news
https://threatpost.com/chinese-ad-firm-raking-in-300k-a-month-through-ad...

Android's full-disk encryption just got much weaker-here's why | Ars Technica
http://arstechnica.com/security/2016/07/androids-full-disk-encryption-ju...

Most Post-Intrusion Cyber Attacks Involve Everyday Admin Tools | Threatpost | The first stop for security news
https://threatpost.com/most-post-intrusion-cyber-attacks-involve-everyda...

SSD Advisory - Wget Arbitrary Commands Execution - SecuriTeam Blogs
https://blogs.securiteam.com/index.php/archives/2701

DOJ Deploys Highly-Questionable Legal Arguments In Attempt To Save FBI's Hacking Warrants | Techdirt
https://www.techdirt.com/articles/20160503/17463334339/doj-deploys-highl...

Another Court Finds FBI's NIT Warrants To Be Invalid, But Credits Agents' 'Good Faith' To Deny Suppression | Techdirt
https://www.techdirt.com/articles/20160523/09060034525/another-court-fin...

U.S. court rules that FBI can hack into a computer without a warrant | PCWorld
http://www.pcworld.com/article/3088354/security/us-court-rules-that-fbi-...

Senetas
http://www.senetas.com/

If you only read one item from this week's notes, make it this excellent write up from Matt Levine on the DAO fiasco:
http://www.bloomberg.com/view/articles/2016-06-17/blockchain-company-s-s...

Hackers invade Dems' servers, steal entire Trump opposition file | Ars Technica
http://arstechnica.com/security/2016/06/hackers-invade-dems-servers-stea...

"Guccifer" leak of DNC Trump research has a Russian's fingerprints on it | Ars Technica
http://arstechnica.com/security/2016/06/guccifer-leak-of-dnc-trump-resea...

A Chaotic Whodunnit Follows the DNC's Trump Research Hack | WIRED
https://www.wired.com/2016/06/chaotic-whodunnit-follows-dncs-trump-resea...

Hack Brief: Russia's Breach of the DNC Is About More Than Trump's Dirt | WIRED
https://www.wired.com/2016/06/hack-brief-russias-breach-dnc-trumps-dirt/

EXCLUSIVE: Brexit '2nd Referendum Petition' A 4 Chan Prank: BBC Report It As Real | Heat Street
https://heatst.com/uk/exclusive-brexit-2nd-referendum-petition-a-4-chan-...

Bitcoin rival Ethereum fights for its survival after $50 million heist | Ars Technica
http://arstechnica.com/security/2016/06/bitcoin-rival-ethereum-fights-fo...

Anti-Surveillance Measure Quashed: Orlando Massacre Cited as Reason | Threatpost | The first stop for security news
https://threatpost.com/anti-surveillance-measure-quashed-orlando-massacr...

Senate Narrowly Rejects Controversial FBI Surveillance Expansion-For Now
https://theintercept.com/2016/06/22/senate-narrowly-rejects-controversia...

Bangladesh unlikely to extend FireEye contract for heist probe | Reuters
http://www.reuters.com/article/us-cyber-heist-bangladesh-idUSKCN0Z81U6

Ukrainian bank cyber-heist: Hackers take off with $10m
http://www.ibtimes.co.uk/ukrainian-bank-cyber-heist-hackers-compromise-s...

Authorities Arrest an IT Worker From the Panama Papers Law Firm | WIRED
https://www.wired.com/2016/06/worker-panama-papers-law-firm-arrested/

800-pound Comodo tries to trademark upstart rival's "Let's Encrypt" name | Ars Technica
http://arstechnica.com/tech-policy/2016/06/800-pound-comodo-tries-to-tra...

IRS Re-Enables 'Get Transcript' Feature - Krebs on Security
http://krebsonsecurity.com/2016/06/irs-re-enables-get-transcript-feature/

Rise of Darknet Stokes Fear of The Insider - Krebs on Security
http://krebsonsecurity.com/2016/06/rise-of-darknet-stokes-fear-of-the-in...

Citing Attack, GoToMyPC Resets All Passwords - Krebs on Security
http://krebsonsecurity.com/2016/06/citing-attack-gotomypc-resets-all-pas...

Thousands of Hacked Government and Corporate Servers Selling for $6 on Black Market | WIRED
https://www.wired.com/2016/06/xdedic-server-trading-forum-kaspersky/

655,000 Healthcare Records Being Sold on Dark Web | Threatpost | The first stop for security news
https://threatpost.com/655000-healthcare-records-being-sold-on-dark-web/...

Large botnet of CCTV devices knock the snot out of jewelry website | Ars Technica
http://arstechnica.com/security/2016/06/large-botnet-of-cctv-devices-kno...

Report: FBI Doing Poor Job Securing 411 Million Facial Recognition Photos | Threatpost | The first stop for security news
https://threatpost.com/report-fbi-doing-poor-job-securing-411-million-fa...

iOS 10 beta still encrypts user data, but not the kernel | Ars Technica
http://arstechnica.com/apple/2016/06/ios-10-beta-still-encrypts-user-dat...

"Godless" apps, some found in Google Play, can root 90% of Android phones | Ars Technica
http://arstechnica.com/security/2016/06/godless-apps-some-found-in-googl...

$90K Windows Zero Day Gets a Price Cut | Threatpost | The first stop for security news
https://threatpost.com/90k-windows-zero-day-gets-a-price-cut/118594/

Patched BadTunnel Windows Bug Has 'Extensive' Impact | Threatpost | The first stop for security news
https://threatpost.com/patched-badtunnel-windows-bug-has-extensive-impac...

High-severity bugs in 25 Symantec/Norton products imperil millions | Ars Technica
http://arstechnica.com/security/2016/06/25-symantec-products-open-to-wor...

Apple Patches AirPort Remote Code Execution Flaw | Threatpost | The first stop for security news
https://threatpost.com/apple-patches-airport-remote-code-execution-flaw/...

A Bug in Chrome Makes It Easy to Pirate Movies | WIRED
https://www.wired.com/2016/06/bug-chrome-makes-easy-pirate-movies/

7 Ways the Cops Will Bust You on the Dark Web | Motherboard
http://motherboard.vice.com/read/7-ways-the-cops-will-bust-you-on-the-da...

Trail of bits stuff, including links to new open source dev tools:
----------------------------------------------------------------------------

Trail of Bits | Home
https://www.trailofbits.com/

Trail of Bits | Products
https://www.trailofbits.com/products/#mast

Tidas \xb7 GitHub
https://github.com/tidas

GitHub - trailofbits/SecureEnclaveCrypto: Crypto with the Secure Enclave
https://github.com/trailofbits/SecureEnclaveCrypto

Jacob Appelbaum Has Allegedly Engaged in Sexual Misconduct for Over a Decade
http://gizmodo.com/jacob-appelbaum-has-allegedly-engaged-in-sexual-misco...

Eyewitnesses Recount Tor Developer Jacob Appelbaum's Unwanted Sexual Advances
http://gizmodo.com/eyewitnesses-recount-tor-developer-jacob-appelbaum-s-...

He said, they said - hypatia dot ca
https://hypatia.ca/2016/06/07/he-said-they-said/

Jacob Appelbaum
http://jacobappelbaum.net/

Jacob Appelbaum allegedly intimidated victims into silence and anonymity | The Daily Dot
http://www.dailydot.com/politics/jacob-appelbaum-tor-project-suspension-...

What Jake Appelbaum did to me - Medium
https://medium.com/@nickf4rr/hi-im-nick-farr-nickf4rr-35c32f13da4d#.eqfi...

Tor Developer Jacob Appelbaum Resigns Amid Sex Abuse Claims | WIRED
https://www.wired.com/2016/06/tor-developer-jacob-appelbaum-resigns-amid...

Jacob Appelbaum allegedly intimidated victims into silence and anonymity | The Daily Dot
http://www.dailydot.com/politics/jacob-appelbaum-tor-project-suspension-...

Statement | The Tor Blog
https://blog.torproject.org/blog/statement

TwitLonger - When you talk too much for Twitter
http://www.twitlonger.com/show/n_1soorlp

No internet for Singapore public servants - BBC News
http://www.bbc.com/news/world-asia-36476422

TeamViewer confirms number of abused user accounts is "significant" | Ars Technica
http://arstechnica.com/security/2016/06/teamviewer-says-theres-no-eviden...

Mark Zuckerberg's Twitter, Pinterest accounts compromised | Ars Technica
http://arstechnica.com/security/2016/06/mark-zuckerberg-twitter-pinteres...

FTC's chief technologist gets her mobile phone number hijacked by ID thief | Ars Technica
http://arstechnica.com/tech-policy/2016/06/ftcs-chief-technologist-gets-...

University pays almost $16,000 to recover crucial data held hostage | Ars Technica
http://arstechnica.com/security/2016/06/university-pays-almost-16000-to-...

100M Credentials From 'Russian Facebook' VK.com For Sale | Threatpost | The first stop for security news
https://threatpost.com/100m-russian-facebook-credentials-for-sale/118483/

\u200bOne of the World's Largest Botnets Has Vanished | Motherboard
http://motherboard.vice.com/read/one-of-the-worlds-largest-botnets-has-v...

The Troubling Metadata Sharing Program That Was Just Revealed in the UK | Motherboard
http://motherboard.vice.com/read/gchq-gives-uk-police-access-to-metadata...

It Takes Mere Minutes to Make a Fake, Potentially Malicious Facebook Ad | Motherboard
http://motherboard.vice.com/read/it-takes-mere-minutes-to-make-a-fake-po...

There's a Stuxnet Copycat, and We Have No Idea Where It Came From | Motherboard
http://motherboard.vice.com/read/theres-a-stuxnet-copycat-and-we-have-no...

ISIS worries that fake Android apps are spying on its ranks
http://www.engadget.com/2016/06/05/isis-worries-about-fake-android-apps/

IT Admin Faces Felony for Deleting Files Under Flawed Hacking Law | WIRED
https://www.wired.com/2016/06/admin-faces-felony-deleting-files-flawed-h...

WordPress plugin with 10,000+ installations being exploited in the wild | Ars Technica
http://arstechnica.com/security/2016/06/10000-wordpress-sites-imperilled...

New Angler Exploits Bypass EMET Mitigations | Threatpost | The first stop for security news
https://threatpost.com/new-angler-exploits-bypass-emet-mitigations/118485/

NTP Patches Flaws That Enable DDoS | Threatpost | The first stop for security news
https://threatpost.com/ntp-patches-flaws-that-enable-ddos/118470/

June 2016 Android Security Bulletin | Threatpost | The first stop for security news
https://threatpost.com/latest-android-security-bulletin-heavy-on-critica...

Lenovo Tells Users to Uninstall Vulnerable Updater | Threatpost | The first stop for security news
https://threatpost.com/lenovo-tells-users-to-uninstall-vulnerable-update...

Uber Pays Researcher $10K for Login Bypass Exploit | Threatpost | The first stop for security news
https://threatpost.com/uber-pays-researcher-10k-for-login-bypass-exploit...

Facebook Messenger Vulnerability Patched | Threatpost | The first stop for security news
https://threatpost.com/facebook-messenger-vulnerability-patched/118511/

Chrome Defaults to HTML5 over Adobe Flash Starting in Q4 | Threatpost | The first stop for security news
https://threatpost.com/chrome-defaults-to-html5-over-adobe-flash-startin...

Google Set to Kill SSLv3, RC4 in SMTP, Gmail in June | Threatpost | The first stop for security news
https://threatpost.com/google-set-to-kill-sslv3-and-rc4-in-smtp-gmail-in...

Tavis Ormandy on Twitter: "Kernel memory corruption in Symantec/Norton antivirus, CVE-2016-2208 (more patches soon). https://t.co/Sqhm0a48Fp https://t.co/F22xDIelSU"
https://twitter.com/taviso/status/732365178872856577

Patrick Gray on Twitter: "Inspecting malicious code in the kernel? That's like the bomb squad bringing a suspicious package into a kindergarten to open it. CC @taviso"
https://twitter.com/riskybusiness/status/732374512449277952

TeslaCrypt shuts down and Releases Master Decryption Key
http://www.bleepingcomputer.com/news/security/teslacrypt-shuts-down-and-...

The Intercept
https://theintercept.com/snowden-sidtoday/

2011 7 27 Culture Shock NSA From the Perspective of Summer Interns
https://www.documentcloud.org/documents/2830624-2011-7-27-Culture-Shock-...

The curious case of Besa Mafia | All Things VICE
https://allthingsvice.com/2016/05/14/the-curious-case-of-besa-mafia/

Hitting on the Aussies - the Besa Mafia files | All Things VICE
https://allthingsvice.com/2016/05/15/hitting-on-the-aussies-the-besa-maf...

Breach of Nulled.io crime forum could cause a world of pain for members | Ars Technica
http://arstechnica.com/security/2016/05/breach-of-nulled-io-crime-forum-...

Tumblr Requires Password Reset | Threatpost | The first stop for security news
https://threatpost.com/tumblr-accounts-must-reset-passwords/118084/

That time a patient's heart procedure was interrupted by a virus scan | Ars Technica
http://arstechnica.com/security/2016/05/faulty-av-scan-disrupts-patients...

Hacker fans give Mr. Robot website free security checkup | Ars Technica
http://arstechnica.com/security/2016/05/hacker-fans-give-mr-robot-websit...

That Insane, $81M Bangladesh Bank Heist? Here's What We Know | WIRED
https://www.wired.com/2016/05/insane-81m-bangladesh-bank-heist-heres-know/

SWIFT Warns of Second Bank Attack via PDF Malware | Threatpost | The first stop for security news
https://threatpost.com/swift-warns-of-second-bank-attack-via-pdf-malware...

U.S. banks scrutinize SWIFT security after hacks: reports | Reuters
http://www.reuters.com/article/us-cyber-heist-swift-banks-idUSKCN0Y82HW

Exclusive: UK banks ordered to review cyber security after SWIFT heist | Reuters
http://www.reuters.com/article/us-cyber-heist-bankofengland-idUSKCN0Y92KR

Judge Changes Mind, Says FBI Doesn't Have to Reveal Tor Browser Hack | Motherboard
http://motherboard.vice.com/read/judge-changes-mind-says-fbi-doesnt-have...

Motion Filed Asking FBI To Disclose Tor Browser Zero Day | Threatpost | The first stop for security news
https://threatpost.com/motion-filed-asking-fbi-to-disclose-tor-browser-z...

Academics Make Theoretical Breakthrough in Random Number Generation | Threatpost | The first stop for security news
https://threatpost.com/academics-make-theoretical-breakthrough-in-random...

Gaping Security Hole in Android Platform Grows Larger, Researchers Claim | Threatpost | The first stop for security news
https://threatpost.com/scope-of-gaping-android-security-hole-grows/118161/

Banking Trojan Outwits Google Play Malware Scanner | Threatpost | The first stop for security news
https://threatpost.com/banking-trojan-outwits-google-verify-apps-scanner...

Malware-Laced Porn Apps Behind Wave of Android Lockscreen Attacks | Threatpost | The first stop for security news
https://threatpost.com/malware-laced-porn-apps-behind-wave-of-android-lo...

Don't Use Allo | Motherboard
http://motherboard.vice.com/read/dont-use-google-allo

John McAfee Apparently Tried to Trick Reporters Into Thinking He Hacked WhatsApp
http://gizmodo.com/john-mcafee-apparently-tried-to-trick-reporters-into-...

Adobe Emergency Update Patches Flash Zero Day | Threatpost | The first stop for security news
https://threatpost.com/emergency-flash-update-patches-public-zero-day/11...

Major Remote SSH Security Issue in CoreOS Linux Alpha, Subset of Users Affected
https://coreos.com/blog/alpha-security-incident-subset-of-users-affected...

The Bank Job
https://boris.in/blog/2016/the-bank-job/

Stewart Baker - Wikipedia, the free encyclopedia
https://en.wikipedia.org/wiki/Stewart_Baker

RSS Feed
http://www.steptoe.com/feed-Cyberlaw.rss

France votes to penalize companies for refusing to decrypt devices, messages | Ars Technica
http://arstechnica.com/tech-policy/2016/03/france-votes-to-penalise-comp...

complementing_avaya_fabric_connect_with_senetas_encryption_dn7794.pdf
https://www.avaya.com/usa/documents/complementing_avaya_fabric_connect_w...

UPDATE: When these notes were first posted the link to the php bugs discussed wasn't in them. Here it is:

https://github.com/dyntopia/exploits

--

$1B Bangladesh heist: Officials say SWIFT technicians left bank vulnerable | Ars Technica
http://arstechnica.com/security/2016/05/1b-bangladesh-heist-officials-sa...

You Don't See This Often: Simultaneous FBI, DHS, and DoD Cyber Espionage Alerts | Motherboard
http://motherboard.vice.com/read/rare-simultaneous-fbi-dhs-and-dod-cyber...

Yahoo Releases Second Wave Unsealed FISA Documents | Threatpost | The first stop for security news
https://threatpost.com/yahoo-releases-second-wave-of-unsealed-fisc-docum...

Twitter Denies Intelligence Community Fire Hose Access Via Dataminr | Threatpost | The first stop for security news
https://threatpost.com/twitter-turns-off-fire-hose-for-intelligence-comm...

How a security pro's ill-advised hack of a Florida elections site backfired | Ars Technica
http://arstechnica.com/security/2016/05/how-a-security-pros-ill-advised-...

PwnedList Shutdown Unrelated to Parameter Tampering Vulnerability | Threatpost | The first stop for security news
https://threatpost.com/pwnedlist-shutdown-unrelated-to-recent-vulnerabil...

Another Day, Another Hack: Passwords and Sexual Desires for Dating Site 'Fling' | Motherboard
http://motherboard.vice.com/read/another-day-another-hack-passwords-and-...

Another Day, Another Hack: Is Your Fisting Site Updating Its Forum Software? | Motherboard
http://motherboard.vice.com/read/rosebuttboard-ip-board

No more get-out-of-jail-free card for CryptXXX ransomware victims | Ars Technica
http://arstechnica.com/security/2016/05/no-more-get-out-of-jail-free-car...

Someone Replaced Notorious 'Locky' Ransomware With a Dud File | Motherboard
http://motherboard.vice.com/read/someone-replaced-notorious-locky-ransom...

Microsoft and Adobe warn of separate zero-day vulnerabilities under attack | Ars Technica
http://arstechnica.com/security/2016/05/beware-of-in-the-wild-0day-attac...

New Windows 10 build kills controversial password-sharing Wi-Fi Sense | ExtremeTech
http://www.extremetech.com/computing/228259-new-windows-10-build-kills-c...

New Security Flaw Found in Lenovo Solution Center Software | Threatpost | The first stop for security news
https://threatpost.com/new-security-flaw-found-in-lenovo-solution-center...

Tavis Ormandy on Twitter: "Many remote stack overflows in Symantec Endpoint. No big deal, because /GS is the default since 2005, right? Hahaha. https://t.co/ac40M0Ki90"
https://twitter.com/taviso/status/730249521247068162

Critical Qualcomm security bug leaves many phones open to attack | Ars Technica
http://arstechnica.com/security/2016/05/5-year-old-android-vulnerability...

Chinese ARM vendor left developer backdoor in kernel for Android, "Pi" devices | Ars Technica
http://arstechnica.com/security/2016/05/chinese-arm-vendor-left-develope...

Viking Horde Malware Co-Ops Android Devices for Ad Fraud | Threatpost | The first stop for security news
https://threatpost.com/viking-horde-malware-co-ops-android-devices-for-a...

SS7 Attack Circumvents WhatsApp and Telegram Encryption
http://news.softpedia.com/news/ss7-attack-leaves-whatsapp-and-telegram-e...

Feds probe mobile phone industry over the sad state of security updates | Ars Technica
http://arstechnica.com/security/2016/05/feds-probe-mobile-industrys-secu...

Security researcher Stefan Esser releases iPhone & iPad jailbreak detection tool in iOS App Store | 9to5Mac
http://9to5mac.com/2016/05/10/security-research-stefan-esser-releases-ip...

Microsoft Security Intelligence Report: Top Takeaways | Threatpost | The first stop for security news
https://threatpost.com/old-exploits-die-hard-says-microsoft-report/117918/

Attackers Targeting Critical SAP Flaw Since 2013 | Threatpost | The first stop for security news
https://threatpost.com/attackers-targeting-critical-sap-flaw-since-2013/...

Facebook Capture The Flag Platform Open Source | Threatpost | The first stop for security news
https://threatpost.com/facebook-makes-its-ctf-platform-freely-available/...

Snowden's Surveillance Leaks Made People Less Likely to Read About Surveillance | Motherboard
http://motherboard.vice.com/read/snowdens-surveillance-leaks-made-people...

lcamtuf's blog: Clearing up some misconceptions around the "ImageTragick" bug
https://lcamtuf.blogspot.com.br/2016/05/clearing-up-some-misconceptions-...

.:: Phrack Magazine ::.
http://www.phrack.org/issues/69/1.html

Untitled
https://threatbutt.com/press/Threatbutt-DZIR-2016.pdf