Thursday, June 22, 2017

Closing the Cybersecurity Skills Gap With a New Collar Approach

Bughunter University

Bughunter University: This site was created by the Google Security Team for members of our Vulnerability Reward Program bug hunter community. If you want to create great vulnerability reports, you've come to the right place! Take a look at various tips on how to be successful with our reward program, get a little behind-the-scenes knowledge, and learn from the mistakes other bug hunters sometimes make.

Program Rules – Application Security – Google

Program Rules – Application Security – Google We have long enjoyed a close relationship with the security research community. To honor all the cutting-edge external contributions that help us keep our users safe, we maintain a Vulnerability Reward Program for Google-owned web properties, running continuously since November 2010.

Patch Rewards – Application Security – Google

Patch Rewards – Application Security – Google Of course, you need to make sure that your work does not violate any law and does not disrupt or compromise any data that is not your own.

HHS targeting outdated regs in wake of damning cybersecurity report, WannaCry

HHS targeting outdated regs in wake of damning cybersecurity report, WannaCry | Healthcare IT News: new cybersecurity threats require updated guidelines, HHS, CMS, ASPR officials say.

Thursday, June 15, 2017

CIA has been hacking into Wi-Fi routers for years, leaked documents show | ZDNet

CIA has been hacking into Wi-Fi routers for years, leaked documents show 

http://www.zdnet.com/article/cia-has-been-hacking-into-wi-fi-routers-for-years-leaked-documents-show/

Advanced CIA firmware has been infecting Wi-Fi routers for years | Ars Technica

Advanced CIA firmware has been infecting Wi-Fi routers for years | Ars Technica

https://arstechnica.com/security/2017/06/advanced-cia-firmware-turns-home-routers-into-covert-listening-posts/

The NSA has linked the WannaCry computer worm to North Korea - The Washington Post

The NSA has linked the WannaCry computer worm to North Korea - The Washington Post: The assessment, which was issued internally last week and has not been made public, is based on an analysis of tactics, techniques and targets that point with “moderate confidence” to North Korea’s spy agency, the Reconnaissance General Bureau, according to an individual familiar with the report.

Microsoft: Latest security fixes thwart NSA hacking tools | ZDNet

Microsoft: Latest security fixes thwart NSA hacking tools | ZDNet: Microsoft has confirmed its latest round of security patches has fixed three remaining vulnerabilities built by the National Security Agency, which the company previously said it would not fix.

WannaCry ransomware timeline: from the NSA to the NHS

WannaCry ransomware timeline: from the NSA to the NHS | Gallery | Computerworld UK



Annoying format!

Why 'WannaCry' Malware Caused Chaos for National Health Service in U.K. - NBC News

Why 'WannaCry' Malware Caused Chaos for National Health Service in U.K. - NBC News: Last week's worldwide cyberattack potentially put lives at risk by paralyzing computers at state-run medical facilities across the U.K. — including many using discontinued Windows XP.

(U//FOUO) DHS Report: Potential Impacts of WannaCry Ransomware on Critical Infrastructure | Public Intelligence

(U//FOUO) DHS Report: Potential Impacts of WannaCry Ransomware on Critical Infrastructure | Public Intelligence: WannaCry installs the DoublePulsar backdoor, which means that infected machines may still be vulnerable to future attacks.

The Washington Post: The NSA has linked the WannaCry computer worm to North Korea

The NSA has linked the WannaCry computer worm to North Korea
http://wapo.st/2s2G1Gg

Wednesday, June 14, 2017

HIDDEN COBRA – North Korea’s DDoS Botnet Infrastructure | US-CERT

HIDDEN COBRA – North Korea’s DDoS Botnet Infrastructure | US-CERT: "DHS and FBI identified Internet Protocol (IP) addresses associated with a malware variant, known as DeltaCharlie, used to manage North Korea’s distributed denial-of-service (DDoS) botnet infrastructure. "



'via Blog this'

Director Comey Legally SS7 Taped Calls, Meetings With Trump – patribotics

Director Comey Legally Taped Calls, Meetings With Trump – patribotics

https://patribotics.blog/2017/06/13/exclusive-director-comey-legally-taped-calls-meetings-with-trump/

Friday, June 9, 2017

Digital disruption: Data intelligence, digital supply chain and beyond | IBM

IoT Security Spending Pays Off

OneLogin security chief reveals new details of data breach | ZDNet

"The company has advised customers to change their passwords, generate new API keys for their services, and create new OAuth tokens -- used for logging into accounts -- as well as to create new security certificates.

One report pointed to a corporate customer affected by the breach having to "rebuild the whole authentication security system.""

http://www.zdnet.com/article/onelogin-security-chief-new-details-data-breach/

Monday, June 5, 2017

Saturday, June 3, 2017

Shocke Bikes Spark Commuter eBike | ElectriCity Cycles

Indigenous knowledge systems can help solve the problems of climate change

"Indigenous knowledges have been greatly suppressed as a part of the colonial process in Australia. Our people lived completely sustainably, and in balance with each other and country, for over 60,000 years. We kept our country clean through practices like fire-stick farming, we monitored our species of animals and plants through our totem systems."

https://www.theguardian.com/commentisfree/2017/jun/02/indigenous-knowledge-systems-can-help-solve-the-problems-of-climate-change?CMP=share_btn_tw

QUIZ: How Good Are You At Detecting Bias? (with Lesson Plan) | The Lowdown | KQED News

QUIZ: How Good Are You At Detecting Bias? (with Lesson Plan) | The Lowdown | KQED News: Take this quiz to test how adept you are at recognizing five of the most common forms of cognitive bias that most likely influence your daily decision-making.

Friday, June 2, 2017

About Backchannel

About Backchannel: Mining the tech world for lively and meaningful tales and analysis. May be pitch?

Password manager OneLogin hacked, exposing sensitive customer data | ZDNet

Thursday, June 1, 2017

6 tips for successful enterprise risk management - The Business Journals

6 tips for successful enterprise risk management - The Business Journals: "A recent survey by the American Institute of CPAs (AICPA) and North Carolina State University, however, found that only 28 percent of companies have a complete ERM process in place. Additionally, less than half of companies have a partial ERM process in place, with some, but not all risks addressed. Those are pretty low numbers."



'via Blog this'

the life of a cybercriminal - Google Search

the life of a cybercriminal - Google Search

What to Do If the Laptop Ban Goes Global