Risky Business Podcast

Sony Pictures hackers release list of stolen corporate files | Ars Technica
http://arstechnica.com/security/2014/11/sony-pictures-hackers-release-li...

'Hacked by #GOP': staff at Sony Pictures resort to paper and pen after hack shuts computer system
http://www.watoday.com.au/it-pro/security-it/hacked-by-gop-staff-at-sony...

I used to work for Sony Pictures. My friend still works there and sent me this. It's on every computer all over Sony Pictures nationwide. : hacking
https://www.reddit.com/r/hacking/comments/2n9zhv/i_used_to_work_for_sony...

Syrian Electronic Army claims hack of news sites, including CBC - Technology & Science - CBC News
http://www.cbc.ca/news/technology/syrian-electronic-army-claims-hack-of-...

Researchers Uncover Government Spy Tool Used to Hack Telecoms and Belgian Cryptographer | WIRED
http://www.wired.com/2014/11/mysteries-of-the-malware-regin/

Regin Cyberespionage Malware Platform Targets GSM Networks | Threatpost | The first stop for security news
http://threatpost.com/regin-cyberespionage-platform-also-spies-on-gsm-ne...

Oops: After Threatening Hacker With 440 Years, Prosecutors Settle for a Misdemeanor | WIRED
http://www.wired.com/2014/11/from-440-years-to-misdemeanor/

Freya Newman escapes conviction for leaking Frances Abbott scholarship details
http://www.smh.com.au/nsw/freya-newman-escapes-conviction-for-leaking-fr...

Laughing Hacker Who Hit Sony, FBI Now Seeks Legal Lols - Businessweek
http://www.businessweek.com/news/2014-11-26/lulzsec-hacker-out-of-jail-w...

Icelandic hacker says guilty of stealing money from Wikileaks | Reuters
http://www.reuters.com/article/2014/11/26/iceland-wikileaks-idUSL6N0TG4U...

Apple, Google encryption 'not helping' criminal investigation: AFP | ZDNet
http://www.zdnet.com/au/apple-google-encryption-not-helping-criminal-inv...

ATO bitcoin treatment could see business move offshore | ZDNet
http://www.zdnet.com/ato-bitcoin-treatment-could-see-business-move-offsh...

Home Depot Breach Cost Company $43 Million in Third Quarter | Threatpost | The first stop for security news
http://threatpost.com/home-depot-breach-cost-company-43-million-in-third...

Home Depot hit with "at least 44 civil lawsuits" due to data breach | Ars Technica
http://arstechnica.com/tech-policy/2014/11/home-depot-hit-with-at-least-...

Craigslist Back Online Following DNS Hijack | Threatpost | The first stop for security news
http://threatpost.com/craigslist-back-online-following-dns-hijack/109559

New Google Security Dashboard Manages Device Activity | Threatpost | The first stop for security news
http://threatpost.com/new-google-security-dashboard-manages-device-activ...

Using a password manager on Android? It may be wide open to sniffing attacks | Ars Technica
http://arstechnica.com/security/2014/11/using-a-password-manager-on-andr...

Skimmer Innovation: 'Wiretapping' ATMs - Krebs on Security
http://krebsonsecurity.com/2014/11/skimmer-innovation-wiretapping-atms/

Siemens issues emergency SCADA patch \u2022 The Register
http://www.theregister.co.uk/2014/11/27/siemens_issues_emergency_scada_p...

Siemens Patches WinCC Vulnerabilities Likely Being Exploited | Threatpost | The first stop for security news
http://threatpost.com/siemens-patches-wincc-vulnerabilities-likely-being...

Four-year-old comment security bug affects 86 percent of WordPress sites | Ars Technica
http://arstechnica.com/security/2014/11/four-year-old-comment-security-b...

Adobe Releases Emergency Flash Player Patch | Threatpost | The first stop for security news
http://threatpost.com/adobe-releases-emergency-flash-player-patch/109623

Adobe Reader sandbox popped says Google researcher \u2022 The Register
http://www.theregister.co.uk/2014/11/27/adobe_reader_sandbox_popped/

Privacy bods Detekt FinFisher dressed as bookmark manager \u2022 The Register
http://www.theregister.co.uk/2014/11/26/privacy_bods_detekt_finisher_dre...

Resist Surveillance
https://resistsurveillance.org/intentions.html

Augie March - A Dog Starved (official video) - YouTube
https://www.youtube.com/watch?v=DCE0zKxgyKI

Critical NSA Reform Bill Fails in the Senate | WIRED
http://www.wired.com/2014/11/usa-freedom-act-fails-in-senate/

Beefed up iPhone crypto will lead to a child dying, DOJ warned Apple execs | Ars Technica
http://arstechnica.com/tech-policy/2014/11/beefed-up-iphone-crypto-will-...

U.S. Gov Insists It Doesn't Stockpile Zero-Day Exploits to Hack Enemies | WIRED
http://www.wired.com/2014/11/michael-daniel-no-zero-day-stockpile/

EFF, Others Plan to Make Encrypting the Web Easier in 2015 | Threatpost | The first stop for security news
http://threatpost.com/eff-others-plan-to-make-encrypting-the-web-easier-...

Whatsapp Just Switched on End-to-End Encryption for Hundreds of Millions of Users | WIRED
http://www.wired.com/2014/11/whatsapp-encrypted-messaging/

IAB Urges Designers to Make Encryption the Default | Threatpost | The first stop for security news
http://threatpost.com/iab-urges-designers-to-make-encryption-the-default...

Paper: NetFlow Data De-Anonymizes Tor Users | Threatpost | The first stop for security news
http://threatpost.com/tor-reins-in-concerns-after-academic-paper-on-de-a...

For a year, gang operating rogue Tor node infected Windows executables | Ars Technica
http://arstechnica.com/security/2014/11/for-a-year-one-rogue-tor-node-ad...

SMS pwnage on MEELLIONS of flawed SIM cards, popular 4G modems \u2022 The Register
http://www.theregister.co.uk/2014/11/19/sms_pwnage_on_meellions_of_flawe...

Google Releases Open Source XSS Web App Scanner | Threatpost | The first stop for security news
http://threatpost.com/google-releases-open-source-xss-web-app-scanner/10...

Open Source OpenSOC Security Analytics Framework Released | Threatpost | The first stop for security news
http://threatpost.com/cisco-releases-security-analytics-framework-to-ope...

Visa, MasterCard Remove Passwords from 3D Secure | Threatpost | The first stop for security news
http://threatpost.com/visa-mastercard-removing-passwords-from-3d-secure/...

Swedish Court Rejects Julian Assange's Appeal to Dismiss His Arrest Warrant | WIRED
http://www.wired.com/2014/11/sweden-rejects-assange-appeal/

How the Dark Web's New Favorite Drug Market Is Profiting From Silk Road 2's Demise | WIRED
http://www.wired.com/2014/11/the-evolution-of-evolution-after-silk-road/

AT&T Stops Using Invasive 'Perma-Cookies,' But It May Turn Them Back On | WIRED
http://www.wired.com/2014/11/att-hits-pause-privacy-busting-perma-cookie...

UK.gov teams up with moneymen on HACK ATTACK INSURANCE \u2022 The Register
http://www.theregister.co.uk/2014/11/13/cyber_insurance_analysis/

Network Hijackers Exploit Technical Loophole - Krebs on Security
http://krebsonsecurity.com/2014/11/network-hijackers-exploit-technical-l...

Attackers Using Compromised Web Plug-Ins in CryptoPHP Blackhat SEO Campaign | Threatpost | The first stop for security news
http://threatpost.com/attackers-using-compromised-web-plug-ins-in-crypto...

A neverending story: PC users lose another $120M to tech support scams | Ars Technica
http://arstechnica.com/information-technology/2014/11/ftc-windows-tech-s...

State Department shuts down email system after suspected hacker attack | US news | theguardian.com
http://www.theguardian.com/us-news/2014/nov/16/state-department-shuts-do...

Malware's new target: your password manager's password | Ars Technica
http://arstechnica.com/security/2014/11/citadel-attackers-aim-to-steal-v...

Apple iOS 8.1.1 Fixes Several Code-Execution Flaws | Threatpost | The first stop for security news
http://threatpost.com/apple-ios-8-1-1-fixes-several-code-execution-flaws...

Nasty Security Bug Fixed in Android Lollipop 5.0 | Threatpost | The first stop for security news
http://threatpost.com/nasty-security-bug-fixed-in-android-lollipop-5-0/1...

Windows Phone security sandbox survives Pwn2Own unscathed | Ars Technica
http://arstechnica.com/security/2014/11/windows-phone-security-sandbox-s...

Microsoft Releases Emergency Security Update - Krebs on Security
http://krebsonsecurity.com/2014/11/microsoft-releases-emergency-security...

WinShock PoC clocked: But DON'T PANIC... It's no Heartbleed \u2022 The Register
http://www.theregister.co.uk/2014/11/17/ms_schannel_crypto_poc/

Drupal Denial of Service Session Hijacking Patch | Threatpost | The first stop for security news
http://threatpost.com/drupal-patches-denial-of-service-vulnerability-det...

EMVCo
http://emvco.com/approvals.aspx?id=85

Payment Security Consulting
http://pscco.com.au/

the loved ones - ever lovin' man - YouTube
https://www.youtube.com/watch?v=Ajdqk8ZN1jM

Silk Road, other Tor "darknet" sites may have been "decloaked" through DDoS [Updated] | Ars Technica
http://arstechnica.com/security/2014/11/silk-road-other-tor-darknet-site...

How Did The FBI Break Tor?
http://www.forbes.com/sites/kashmirhill/2014/11/07/how-did-law-enforceme...

So Far Feds Have Only Confirmed Seizing 27 "Dark Market" Sites In Operation Onymous - Forbes
http://www.forbes.com/sites/katevinton/2014/11/07/operation-onymous-dark...

the grugq on Twitter: "http://t.co/mLVVT9NHzF"
https://twitter.com/thegrugq/status/530411690676875264

129 Of the Seized ".Onion" Domains Were at a Single Bulgarian Hosting - Deep Dot Web
http://www.deepdotweb.com/2014/11/08/129-seized-onion-domains-single-bul...

Law enforcement seized Tor nodes and may have run some of its own | Ars Technica
http://arstechnica.com/security/2014/11/law-enforcement-seized-tor-nodes...

TORpedo'd dev dumps Doxbin files after police raids \u2022 The Register
http://www.theregister.co.uk/2014/11/09/torpedod_dev_dumps_doxbin_files_...

Supporting Anonymous Use of Facebook in Tor - DigiCert Blog
https://blog.digicert.com/anonymous-facebook-via-tor/

New Mozilla Privacy Initiative to Include High-Capacity Tor Relays | Threatpost | The first stop for security news
http://threatpost.com/new-mozilla-privacy-initiative-to-include-high-cap...

Did the government hack a CBS journalist? Maybe. [Updated] | Ars Technica
http://arstechnica.com/tech-policy/2014/11/did-the-government-hack-a-cbs...

Sharyl Attkisson Changes Hacking Story Again: Now She Doesn't Know Who Did It | Blog | Media Matters for America
http://mediamatters.org/blog/2014/11/05/sharyl-attkisson-changes-hacking...

Australian Federal Police methods under question after 'LulzSec hacker' claims he was wrongly accused - ABC News (Australian Broadcasting Corporation)
http://mobile.abc.net.au/news/2014-11-10/afp-methods-questioned-as-hacke...

Hacker Emails Testing Service BrowserStack's Customers, Says Company Lied About Security | TechCrunch
http://techcrunch.com/2014/11/10/hacker-emails-testing-service-browserst...

gist:9b16e436e035f90ec35f
https://gist.github.com/simonsarris/9b16e436e035f90ec35f

Masque Attack: All Your iOS Apps Belong to Us | FireEye Blog
http://www.fireeye.com/blog/technical/cyber-exploits/2014/11/masque-atta...

DarkHotel: A Sophisticated New Hacking Attack Targets High-Profile Hotel Guests | WIRED
http://www.wired.com/2014/11/darkhotel-malware/

FBI defends "ruse" of undercover agents posing as hotel cable guys | Ars Technica
http://arstechnica.com/tech-policy/2014/11/fbi-defends-ruse-of-undercove...

Only Half of USB Devices Have an Unpatchable Flaw, But No One Knows Which Half | WIRED
http://www.wired.com/2014/11/badusb-only-affects-half-of-usbs/

Chinese hack U.S. weather systems, satellite network - The Washington Post
http://www.washingtonpost.com/local/chinese-hack-us-weather-systems-sate...

All US Postal Service employees' personal data exposed by hackers | Ars Technica
http://arstechnica.com/security/2014/11/all-us-postal-service-employees-...

Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon: Kim Zetter: 9780770436179: Amazon.com: Books
http://www.amazon.com/Countdown-Zero-Day-Stuxnet-Digital/dp/077043617X/r...

Lonely Planet 2001 Out to Eat San Francisco (Out to Eat Series): Kim Zetter, Andrew Dean Nystrom: 9781864500844: Amazon.com: Books
http://www.amazon.com/Lonely-Planet-2001-Francisco-Series/dp/1864500840

Stuxnet worm infected high-profile targets before hitting Iran nukes | Ars Technica
http://arstechnica.com/security/2014/11/stuxnet-worm-infected-high-profi...

iPhone, Galaxy S5, Nexus 5, and Fire Phone fall like dominoes at Pwn2Own | Ars Technica
http://arstechnica.com/security/2014/11/iphone-galaxy-s5-nexus-5-and-fir...

Don't blame Obama, but DDoS attacks are now using his press releases | Ars Technica
http://arstechnica.com/security/2014/11/dont-blame-obama-but-ddos-attack...

WTF, Russia's domestic Internet traffic mysteriously passes through Chinese routers | Ars Technica
http://arstechnica.com/security/2014/11/wtf-russias-domestic-internet-tr...

Emoticons blast three security holes in Pidgin :-( \u2022 The Register
http://www.theregister.co.uk/2014/11/10/cisco_security_bods_hunt_pidgin/

Potentially catastrophic bug bites all versions of Windows. Patch now | Ars Technica
http://arstechnica.com/security/2014/11/potentially-catastrophic-bug-bit...

Adobe, Microsoft Issue Critical Security Fixes - Krebs on Security
http://krebsonsecurity.com/2014/11/adobe-microsoft-issue-critical-securi...

thinkst.com/stuff/hitb2014/HITB_Thinkst_2014_No_notes.pdf
http://thinkst.com/stuff/hitb2014/HITB_Thinkst_2014_No_notes.pdf

LABJACD | Unearthed
https://www.triplejunearthed.com/artist/labjacd

shouldersofinfosec [licensed for non-commercial use only] / The Shoulders of InfoSec Project
http://shouldersofinfosec.pbworks.com/w/page/85415119/The%20Shoulders%20...

Feds Arrest Alleged 'Silk Road 2\u2032 Admin, Seize Servers - Krebs on Security
http://krebsonsecurity.com/2014/11/feds-arrest-alleged-silk-road-2-admin...

Blake Benthall Criminal Complaint
http://www.scribd.com/doc/245744857/Blake-Benthall-Criminal-Complaint

Not Just Silk Road 2: Feds Seize Two Other Drug Markets and Counting | WIRED
http://www.wired.com/2014/11/dark-web-seizures/

US Attorney's office: Whoops, Silk Road 2.0 hired a fed [Updated] | Ars Technica
http://arstechnica.com/tech-policy/2014/11/feds-claim-silkroad-2-0-taken...

Why Facebook Just Launched Its Own 'Dark Web' Site | WIRED
http://www.wired.com/2014/10/facebook-tor-dark-site/

Active "WireLurker" iPhone infection ushers in new era for iOS users | Ars Technica
http://arstechnica.com/security/2014/11/active-wirelurker-iphone-infecti...

WireLurker Mac OS X Malware Shut Down | Threatpost | The first stop for security news
http://threatpost.com/wirelurker-mac-os-x-malware-shut-down/109204

Secret Manuals Show the Spyware Sold to Despots and Cops Worldwide - The Intercept
https://firstlook.org/theintercept/2014/10/30/hacking-team/

Hacking Team Responds in Defense of Its Spyware - The Intercept
https://firstlook.org/theintercept/2014/11/03/hacking-team-responds-defe...

How to leak sensitive data from an isolated computer (air-gap) to a near by mobile phone - AirHopper | Cyber Security Labs @ Ben-Gurion University of the Negev
http://cyber.bgu.ac.il/content/how-leak-sensitive-data-isolated-computer...

Crypto attack that hijacked Windows Update goes mainstream in Amazon Cloud | Ars Technica
http://arstechnica.com/security/2014/11/crypto-attack-that-hijacked-wind...

Nat McHugh: How I created two images with the same MD5 hash
http://natmchugh.blogspot.co.uk/2014/10/how-i-created-two-images-with-sa...

Flaw in New 'Secure' Credit Cards Would Let Hackers Steal $1M Per Card | WIRED
http://www.wired.com/2014/11/chip-n-pin-foreign-currency-vulnerability/

Who wants to be A MILLIONAIRE? Not so fast, Visa tells wannabe pay-by-bonk thieves \u2022 The Register
http://www.theregister.co.uk/2014/11/05/visa_contactless_card_flaw/

Pirate Bay Founder Convicted on Hacking Charges, Sentenced to 3.5 Years | WIRED
http://www.wired.com/2014/10/pirate-bay-founder-hacking/

Thai police question The Pirate Bay founder | Stuff.co.nz
http://www.stuff.co.nz/technology/digital-living/62971785/thai-police-qu...

Cell carrier was weakest link in hack of Google, Instagram accounts | Ars Technica
http://arstechnica.com/security/2014/11/cell-carrier-was-weakest-link-in...

Ericsson boss sticks a pin in Google's loony Loon bubble \u2022 The Register
http://www.theregister.co.uk/2014/11/06/ericsson_chief_pops_googles_loon...

Microsoft releases free anti-malware for Azure VMs \u2022 The Register
http://www.theregister.co.uk/2014/11/06/microsoft_releases_free_antimalw...

EFF: VPNs will crumble Verizon's creepy supercookie stalkers \u2022 The Register
http://www.theregister.co.uk/2014/11/06/mobile_vpns_will_save_you_from_v...

Feds investigate Homeland Security background checker security breach \u2022 The Register
http://www.theregister.co.uk/2014/11/05/feds_investigate_dhs_background_...

Russia to ban iCloud.. to PROTECT iPhone fiddlers' pics 'n' sh*t \u2022 The Register
http://www.theregister.co.uk/2014/11/05/russia_set_to_ban_icloud/

Critics chafe as Macs send sensitive docs to iCloud without warning | Ars Technica
http://arstechnica.com/security/2014/11/critics-chafe-as-macs-send-sensi...

Thieves Cash Out Rewards, Points Accounts - Krebs on Security
http://krebsonsecurity.com/2014/11/thieves-cash-out-rewards-points-accou...

Does your phone company track you? | Ars Technica
http://arstechnica.com/security/2014/11/does-your-phone-company-track-you/

Google releases "nogotofail" to detect HTTPS bugs before they bite users | Ars Technica
http://arstechnica.com/security/2014/11/google-releases-nogotofail-to-de...

Yosemite infested by nasty 'Rootpipe' vuln \u2022 The Register
http://www.theregister.co.uk/2014/11/04/rootpipe_another_os_x_vuln/

Fatback Band - Tour
http://fatbackband.com/tour.html

https://ruxcon.org.au/assets/2014/slides/Breaking Bricks Ruxcon 2014.pdf
https://ruxcon.org.au/assets/2014/slides/Breaking%20Bricks%20Ruxcon%2020...

Verizon's 'Perma-Cookie' Is a Privacy-Killing Machine | WIRED
http://www.wired.com/2014/10/verizons-perma-cookie/

Facebook, Google, and the Rise of Open Source Security Software | WIRED
http://www.wired.com/2014/10/facebook-builder-osquery/

GCHQ views data without a warrant, government admits | UK news | The Guardian
http://www.theguardian.com/uk-news/2014/oct/29/gchq-nsa-data-surveillance

Feds identify suspected 'second leaker' for Snowden reporters - Yahoo News
http://news.yahoo.com/feds-identify-suspected--second-leaker--for-snowde...

NY Senator Calls for Renewed Crackdown on Dark Web Drug Sales | WIRED
http://www.wired.com/2014/10/schumer-crackdown-on-dark-web-drug-sales/

Now Everyone Wants to Sell You a Magical Anonymity Router. Choose Wisely | WIRED
http://www.wired.com/2014/10/anonymity-routers/

White House unclassified network hacked, apparently by Russians | Ars Technica
http://arstechnica.com/tech-policy/2014/10/white-house-unclassified-netw...

Research links massive cyber spying ring to Russia | Ars Technica
http://arstechnica.com/security/2014/10/research-links-massive-cyber-spy...

Researchers identify sophisticated Chinese cyberespionage group - The Washington Post
http://www.washingtonpost.com/world/national-security/researchers-identi...

Moscow, Beijing poised to sign deal on joint cyber security ops \u2022 The Register
http://www.theregister.co.uk/2014/10/24/moscow_beijing_poised_to_sign_de...

'Replay' Attacks Spoof Chip Card Charges - Krebs on Security
http://krebsonsecurity.com/2014/10/replay-attacks-spoof-chip-card-charges/

Hackers Are Using Gmail Drafts to Update Their Malware and Steal Data | WIRED
http://www.wired.com/2014/10/hackers-using-gmail-drafts-update-malware-s...

FBI created fake Seattle Times Web page to nab bomb-threat suspect | Local News | The Seattle Times
http://seattletimes.com/html/localnews/2024888170_fbinewspaper1xml.html

Intel bods to detail RSA birko crypto man-in-the-middle diddle \u2022 The Register
http://www.theregister.co.uk/2014/10/28/intel_bods_to_detail_rsa_crypto_...

Shellshock over SMTP attacks mean you can now ignore your email \u2022 The Register
http://www.theregister.co.uk/2014/10/28/shellshocked_via_email_smtp_atta...

MacOS X 10.10 & FreeBSD10 ftp Remote Comand Execution - CXSecurity.com
http://cxsecurity.com/issue/WLB-2014100174

Spiderbait - Run - YouTube
https://www.youtube.com/watch?v=H7ociMW-_hs

Palo Alto Networks boxes spray firewall creds across the net \u2022 The Register
http://www.theregister.co.uk/2014/10/21/palo_alto_customers_spray_net_wi...

Is your home or office internet gateway one of '1.2 MILLION' wide open to hijacking? \u2022 The Register
http://www.theregister.co.uk/2014/10/22/home_router_security_threat_rapid7/

Chipmaker FTDI bricking counterfeit kit \u2022 The Register
http://www.theregister.co.uk/2014/10/23/ftdi_turning_counterfeit_chips_i...

Kickstarter Freezes Anonabox Privacy Router Project for Misleading Funders | WIRED
http://www.wired.com/2014/10/kickstarter-suspends-anonabox/

In wake of Anonabox, more crowdsourced Tor router projects make their pitch | Ars Technica
http://arstechnica.com/information-technology/2014/10/in-wake-of-anonabo...

The Case of the Modified Binaries | Leviathan Security Group
http://www.leviathansecurity.com/blog/the-case-of-the-modified-binaries/

Google Accounts Now Support Security Keys - Krebs on Security
http://krebsonsecurity.com/2014/10/google-accounts-now-support-security-...

How to Stop Apple From Snooping on Your OS X Yosemite Searches | WIRED
http://www.wired.com/2014/10/how-to-fix-os-x-yosemite-search/

Apple dumps SSL 3.0 for push notifications due to Poodle flaw - CNET
http://www.cnet.com/news/apple-dumps-ssl-3-0-for-push-notifications-due-...

Whisper CTO says tracking "anonymous" users not a big deal, really | Ars Technica
http://arstechnica.com/security/2014/10/whisper-cto-says-tracking-anonym...

Guns don't scare people, hackers do: Americans fear identity theft more than shooting sprees \u2022 The Register
http://www.theregister.co.uk/2014/10/22/americans_more_afraid_of_identit...

Obama Executive Order Forces Chip & Pin, EMV on Government | Threatpost | The first stop for security news
http://threatpost.com/obama-executive-order-forces-chip-pin-payment-on-g...

Xen says its security policies might be buggier than its software \u2022 The Register
http://www.theregister.co.uk/2014/10/23/xen_says_its_security_policies_h...

NIST Publishes Draft Hypervisor Security Guide | Threatpost | The first stop for security news
https://threatpost.com/nist-publishes-draft-hypervisor-security-guide/10...

Chinese APT groups targeting Australian lawyers \u2022 The Register
http://www.theregister.co.uk/2014/10/21/bakers_dozen_of_apt_groups_poppi...

Chinese government launches man-in-middle attack against iCloud [Updated] | Ars Technica
http://arstechnica.com/security/2014/10/chinese-government-launches-man-...

Quick PHP patch beats slow research reveal \u2022 The Register
http://www.theregister.co.uk/2014/10/23/quick_php_patch_beats_slow_resea...

DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides \u2022 The Register
http://www.theregister.co.uk/2014/10/22/powerpoint_attacks_exploit_ms_0day/

Cisco Patches Three-Year-Old Telnet Remote Code Execution Bug in Security Appliances | Threatpost | The first stop for security news
http://threatpost.com/cisco-patches-three-year-old-telnet-remote-code-ex...

There Is a New Security Vulnerability Named POODLE, and It Is Not Cute | WIRED
http://www.wired.com/2014/10/poodle-explained/

Browser Vendors Move to Disable SSLv3 in Wake of POODLE Attack | Threatpost | The first stop for security news
http://threatpost.com/browser-vendors-move-to-disable-sslv3-in-wake-of-p...

Bahraini Activists Hacked by Their Government Go After UK Spyware Maker | WIRED
http://www.wired.com/2014/10/bahraini-activists-go-after-spyware-source/

NSA May Have Undercover Operatives in Foreign Companies | WIRED
http://www.wired.com/2014/10/nsa-may-undercover-operatives-foreign-compa...

Russian 'Sandworm' Hack Has Been Spying on Foreign Governments for Years | WIRED
http://www.wired.com/2014/10/russian-sandworm-hack-isight/

With This Tiny Box, You Can Anonymize Everything You Do Online | WIRED
http://www.wired.com/2014/10/tiny-box-can-anonymize-everything-online/

Judge Rejects Defense That FBI Illegally Hacked Silk Road-On a Technicality | WIRED
http://www.wired.com/2014/10/silk-road-judge-technicality/

Snapchat Can't Stop the Parasite Apps That Screw Its Users | WIRED
http://www.wired.com/2014/10/snapchat-parasite-apps/

Developer of hacked Snapchat web app says "Snappening" claims are hoax [Updated] | Ars Technica
http://arstechnica.com/security/2014/10/developer-of-hacked-snapchat-web...

Dropbox Denies Hack, Says 'Your Stuff is Safe' | Threatpost | The first stop for security news
http://threatpost.com/dropbox-denies-hack-says-your-stuff-is-safe/108824

Malware Based Credit Card Breach at Kmart - Krebs on Security
http://krebsonsecurity.com/2014/10/malware-based-credit-card-breach-at-k...

Signed Malware = Expensive "Oops" for HP - Krebs on Security
http://krebsonsecurity.com/2014/10/signed-malware-is-expensive-oops-for-hp/

Who's Watching Your WebEx? - Krebs on Security
http://krebsonsecurity.com/2014/10/whos-watching-your-webex/

Doubling up on Ads Code Bounties
https://www.facebook.com/notes/protect-the-graph/doubling-up-on-ads-code...

Heistmeisters crack cost of safecrackers with $150 widget \u2022 The Register
http://www.theregister.co.uk/2014/10/13/heistmeisters_crack_cost_of_safe...

Shellshock Exploits Spreading Mayhem Botnet Malware | Threatpost | The first stop for security news
http://threatpost.com/shellshock-exploits-spreading-mayhem-botnet-malwar...

October 2014 Oracle Java Security Patches | Threatpost | The first stop for security news
http://threatpost.com/java-reflection-api-woes-resurface-in-latest-oracl...

Fixes for IE, Flash Player in October Patch Tuesday Release | Threatpost | The first stop for security news
http://threatpost.com/fixes-for-ie-flash-player-in-october-patch-tuesday...

Firms Detail Zero Days Targeting Windows Kernel | Threatpost | The first stop for security news
http://threatpost.com/two-patched-zero-days-targeting-windows-kernel/108860

Drupal Fixes Highly Critical SQL Injection Flaw | Threatpost | The first stop for security news
http://threatpost.com/drupal-fixes-highly-critical-sql-injection-flaw/10...

SAP Patches Seven Vulnerabilities in Three Products | Threatpost | The first stop for security news
http://threatpost.com/sap-patches-seven-vulnerabilities-in-three-product...

BlackBerry 10 Open to Bug That Allows Malicious App Installation | Threatpost | The first stop for security news
http://threatpost.com/blackberry-10-devices-open-to-bug-that-allows-mali...

Google Online Security Blog: This POODLE bites: exploiting the SSL 3.0 fallback
http://googleonlinesecurity.blogspot.co.nz/2014/10/this-poodle-bites-exp...

Speakers \xbb Breakpoint 2014
https://ruxconbreakpoint.com/speakers/#Mathew Solnik

Tower Of Power - Soul Vaccination - YouTube
https://www.youtube.com/watch?v=46hd6DZS0ww

Shellshock-like Vulnerability May Affect Windows | Threatpost | The first stop for security news
http://threatpost.com/shellshock-like-weakness-may-affect-windows/108696

White hat claims Yahoo and WinZip hacked by "shellshock" exploiters | Ars Technica
http://arstechnica.com/security/2014/10/white-hat-claims-yahoo-and-winzi...

Yahoo says attack wasn't Shellshock - CNET
http://www.cnet.com/news/yahoo-late-to-fix-shellshock-threat/

That Unpatchable USB Malware Now Has a Patch ... Sort Of | WIRED
http://www.wired.com/2014/10/unpatchable-usb-malware-now-patchsort/

Twitter Sues the Government for Violating Its First Amendment Rights | WIRED
http://www.wired.com/2014/10/twitter-sues-government/

Feds 'Hacked' Silk Road Without a Warrant? Perfectly Legal, Prosecutors Argue | WIRED
http://www.wired.com/2014/10/feds-silk-road-hack-legal/

Finding a Video Poker Bug Made These Guys Rich-Then Vegas Made Them Pay | WIRED
http://www.wired.com/2014/10/cheating-video-poker/

AT&T Hit By Insider Breach | Threatpost | The first stop for security news
http://threatpost.com/att-hit-by-insider-breach/108705

Huge Data Leak at Largest U.S. Bond Insurer - Krebs on Security
http://krebsonsecurity.com/2014/10/huge-data-leak-at-largest-u-s-bond-in...

Arbor: DDoS Attacks Getting Bigger as Reflection Increases | Threatpost | The first stop for security news
http://threatpost.com/arbor-ddos-attacks-getting-bigger-as-reflection-in...

Create app-specific passwords for iCloud - CNET
http://www.cnet.com/how-to/how-to-create-app-specific-passwords-for-icloud/

Bugzilla Zero-Day Exposes Zero-Day Bugs - Krebs on Security
http://krebsonsecurity.com/2014/10/bugzilla-zero-day-exposes-zero-day-bugs/

Tyupkin ATM Malware Discovered by Kaspersky Lab | Threatpost | The first stop for security news
http://threatpost.com/tyupkin-malware-infects-atms-in-eastern-europe/108734

Reddit-powered botnet infected thousands of Macs worldwide | Ars Technica
http://arstechnica.com/security/2014/10/reddit-powered-botnet-infected-t...

FDA: Medical device cybersecurity necessary, but optional | Ars Technica
http://arstechnica.com/security/2014/10/fda-medical-device-cybersecurity...

Adobe's e-book reader sends your reading logs back to Adobe-in plain text [Updated] | Ars Technica
http://arstechnica.com/security/2014/10/adobes-e-book-reader-sends-your-...

October 2014, Melbourne
http://www.contextis.com/events/oasis/october-2014-melbourne/

Alice Russell - Twin Peaks - YouTube
https://www.youtube.com/watch?v=vySmFB_vUeg

JPMorgan hack exposed data of 83 million, among biggest breaches in history
http://www.theage.com.au/business/world-business/jpmorgan-hack-exposed-d...

Xen Bug Could cause Crashes, Expose Cloud Data | Threatpost | The first stop for security news
http://threatpost.com/serious-hypervisor-bug-fix-causes-unexpected-cloud...

Musings on the recent Xen Security Advisories | Bromium Labs
http://labs.bromium.com/2014/10/01/musings-on-the-recent-xen-security-ad...

Apple patches "Shellshock" Bash bug in OS X 10.9, 10.8, and 10.7 | Ars Technica
http://arstechnica.com/apple/2014/09/apple-patches-shellshock-bash-bug-i...

OpenVPN vulnerable to Shellshock Bash vulnerability | Threatpost | The first stop for security news
http://threatpost.com/openvpn-vulnerable-to-shellshock-bash-vulnerabilit...

Fiora\u202e\u2604anreteA on Twitter: "RT "cmd.exe #shellshock" @dakami: "this is why we can't have nice strings" http://t.co/9LPTbtVazr"
https://twitter.com/FioraAeterna/status/517791046835920897

Silk Road Lawyers Poke Holes in FBI's Story - Krebs on Security
http://krebsonsecurity.com/2014/10/silk-road-lawyers-poke-holes-in-fbis-...

The Unpatchable Malware That Infects USBs Is Now on the Loose | WIRED
http://www.wired.com/2014/10/code-published-for-unfixable-usb-attack/

Lacoon Discovers Xsser mRAT, the First Advanced iOS Trojan
https://www.lacoon.com/lacoon-discovers-xsser-mrat-first-advanced-ios-tr...

If the information from https://www.lacoon.com/lacoon-discovers-xsser-mrat-first - Pastebin.com
http://pastebin.com/Zkhpn8bG

Holder urges tech companies to leave device backdoors open for police - The Washington Post
http://www.washingtonpost.com/blogs/the-switch/wp/2014/09/30/holder-urge...

Cops Are Handing Out Spyware to Parents-With Zero Oversight | WIRED
http://www.wired.com/2014/10/cops-giving-parents-spyware/

The Criminal Indictment That Could Finally Hit Spyware Makers Hard | WIRED
http://www.wired.com/2014/10/stealthgenie-indictment/

CloudFlare Rolls Out Free SSL | Threatpost | The first stop for security news
http://threatpost.com/cloudflare-rolls-out-free-ssl/108593

FBI to Open Up Malware Investigator Portal to External Researchers | Threatpost | The first stop for security news
http://threatpost.com/fbi-to-open-up-malware-investigator-portal-to-exte...

Chrome bug hunters, Google's giving you a raise - CNET
http://www.cnet.com/news/chrome-bug-hunters-googles-giving-you-a-raise/

WPScan Vulnerability Database WordPress Security Resource | Threatpost | The first stop for security news
http://threatpost.com/wpscan-vulnerability-database-a-new-wordpress-secu...

Second Same-Origin Policy Bypass Flaw Haunts Android Browser | Threatpost | The first stop for security news
http://threatpost.com/second-same-origin-policy-bypass-flaw-haunts-andro...

Advertising firms struggle to kill malvertisements | Ars Technica
http://arstechnica.com/security/2014/09/advertising-firms-struggle-to-ki...

www.bromium.com/sites/default/files/bromium-report-optimized-mal-ops.pdf
http://www.bromium.com/sites/default/files/bromium-report-optimized-mal-...

The Basics
https://www.facebook.com/thebasics

Leftovers | The Basics
http://thebasics.bandcamp.com/album/leftovers-2

Shell Shock: Bash bug labelled largest ever to hit the internet
http://www.smh.com.au/it-pro/security-it/shell-shock-bash-bug-labelled-l...

Hackers Are Already Using the Shellshock Bug to Launch Botnet Attacks | WIRED
http://www.wired.com/2014/09/hackers-already-using-shellshock-bug-create...

The Internet Braces for the Crazy Shellshock Worm | WIRED
http://www.wired.com/2014/09/internet-braces-crazy-shellshock-worm/

Patching Bash Vulnerability a Challenge for ICS, SCADA | Threatpost | The first stop for security news
http://threatpost.com/patching-bash-vulnerability-a-challenge-for-ics-sc...

Bash Botnet Exploit Found, Bash Patches Incomplete | Threatpost | The first stop for security news
http://threatpost.com/bash-exploit-reported-first-round-of-patches-incom...

Mozilla Patches RSA Signature Forgery in NSS, Firefox | Threatpost | The first stop for security news
http://threatpost.com/mozilla-patches-rsa-signature-forgery-in-firefox-t...

Xen security bug, you say? Amazon readies GLORIOUS GLOBAL CLOUD REBOOT \u2022 The Register
http://www.theregister.co.uk/2014/09/25/amazon_readies_global_glory_reboot/

Amazon forced to reboot EC2 to patch Xen bug - Storage - News - iTnews.com.au
http://www.itnews.com.au/News/396180,amazon-forced-to-reboot-ec2-to-patc...

Terror laws clear Senate, enabling entire Australian web to be monitored and whistleblowers to be jailed
http://www.smh.com.au/digital-life/consumer-security/terror-laws-clear-s...

Senate rejects attempt to limit ASIO's access to devices - Security - Telco/ISP - News - iTnews.com.au
http://www.itnews.com.au/News/396179,senate-rejects-attempt-to-limit-asi...

Charney on Trustworthy Computing: 'I Was the Architect of These Changes' | Threatpost | The first stop for security news
http://threatpost.com/charney-on-trustworthy-computing-i-was-the-archite...

Kevin Mitnick, Once the World's Most Wanted Hacker, Is Now Selling Zero-Day Exploits | WIRED
http://www.wired.com/2014/09/kevin-mitnick-selling-zero-day-exploits/

Home Depot's former security architect had history of techno-sabotage | Ars Technica
http://arstechnica.com/security/2014/09/home-depots-former-security-arch...

Home Depot ignored security warnings for years, employees say | Ars Technica
http://arstechnica.com/security/2014/09/home-depot-ignored-security-warn...

MIT Students Battle State's Demand for Their Bitcoin Miner's Source Code | WIRED
http://www.wired.com/2014/09/mit-students-face-aggressive-subpoena-deman...

PayPal takes second cautious step towards Bitcoin - Finance - Security - News - iTnews.com.au
http://www.itnews.com.au/News/392418,paypal-takes-second-cautious-step-t...

Why the Heyday of Credit Card Fraud Is Almost Over | WIRED
http://www.wired.com/2014/09/emv/

Small Signs of Progress on DNSSEC | Threatpost | The first stop for security news
http://threatpost.com/small-signs-of-progress-on-dnssec/108536

Microsoft Online Services Bug Bounty Program Launches | Threatpost | The first stop for security news
http://threatpost.com/microsoft-starts-online-services-bug-bounty/108486

Blackphone Bug Bounty Program Launches on Bugcrowd | Threatpost | The first stop for security news
http://threatpost.com/blackphone-gets-bug-bounty-program-off-ground/108468

Productivity Trumping Security as BYOD Grows | Threatpost | The first stop for security news
http://threatpost.com/productivity-gains-trumping-security-as-byod-grows...

Researcher Discloses Wi-Fi Thermostat Vulnerabilities | Threatpost | The first stop for security news
http://threatpost.com/researcher-discloses-wi-fi-thermostat-vulnerabilit...

Kali NetHunter turns Android device into hacker Swiss Army knife | Ars Technica
http://arstechnica.com/information-technology/2014/09/kali-nethunter-tur...

The Mouse Trap: No Thing Left Behind
http://blog.securitymouse.com/2014/09/no-thing-left-behind.html

[Dailydave] Junk Hacking Must Stop!
https://lists.immunityinc.com/pipermail/dailydave/2014-September/000746....

Hacking Canon Pixma Printers - Doomed Encryption
http://www.contextis.com/resources/blog/hacking-canon-pixma-printers-doo...

Dawn LP/CD | HopeStreet Recordings
http://www.hopestreetrecordings.com/releases/dawn/