Security
Researcher gets hacked and details how he investigated, mitigated, and responded to it. Enjoyable 'mea culpa.'https://securosis.com/blog/my-500-cloud-security-screwup
Sigh...It's not just Target that was a target over the holidays:
http://krebsonsecurity.com/2014/01/hackers-steal-card-data-from-neiman-marcus/
Krebs gets the details on how Target was compromised. Malware on each POS relaying data back to the attackers:
http://krebsonsecurity.com/2014/01/a-first-look-at-the-target-intrusion-malware/
Cryptography
Interesting perspective on RSA and NSA kerfuffle. Emgage the community around RSAC to counter the actions of the company, RSA.http://www.mckeay.net/2014/01/06/still-going-to-rsa/
CryptoLocker's new Sibling PowerLocker. Back...up...everything:
https://www.schneier.com/blog/archives/2014/01/powerlocker_use.html
Privacy
Essay on Twitter's block/unfollow implementation. Serious insight into how public services chose to protect user privacy:
Well reasoned counter-arguments to the surveillance state excuses:
http://addxorrol.blogspot.de/2014/01/why-intelligence-reform-is-necessary.html
Internet governing bodies meet to discuss how to fight pervasive monitoring (seen as an attack on the internet):
https://www.w3.org/2014/strint/
Privacy concerns from Angry Birds? Why aren't customer usage statsencrypted? Anyone could read this information...
http://www.theregister.co.uk/2014/01/27/leaking_smartphone_apps_nsa_gchq/
Internet governing bodies meet to discuss how to fight pervasive monitoring (seen as an attack on the internet):
https://www.w3.org/2014/strint/
Privacy concerns from Angry Birds? Why aren't customer usage statsencrypted? Anyone could read this information...
http://www.theregister.co.uk/2014/01/27/leaking_smartphone_apps_nsa_gchq/
Training
Matasano teams up with Square (the Credit Card Merchant Aggregators) for an exploit CTF through a web browser:http://www.matasano.com/matasano-square-microcontroller-ctf/
