Trey's InfoSec SitRep [09 Nov 2015]

Blog Post created by treyford Employee on Nov 9, 2015

In the News

Man Who Tried to Hire Hacker to Wipe Out Court Fines Sentenced to 2-4 Years in Prison| SoftPedia


Hackers Claim Million-Dollar Bounty for iOS Zero Day Attack | Wired

(Just in case you missed this publicity stunt...)


The cost of immaturity | The Economist

At first, this article irritated me... and I'm one that speaks regularly on the room we have to mature the profession. That said, it's a conversation starter, and this is in a HUGE publication.


Technically Relevant

Apple Doesn’t Want Talks About Hacking on Apple TV | Motherboard - Vice

Some of you speak at conferences, many aspire to. As you prepare, set aside the rockstar aspirations, and consider if your delivery would be a good representation of our profession to the general public.


vBulletin password hack fuels fears of serious Internet-wide 0-day attacks | Ars Technica

"Developers of the vBulletin software package for website forums released a security patch Monday night, just hours after reports surfaced that a hack on the developers' site leaked password data and other sensitive information belonging to almost 480,000 subscribers.” - Followed by a mandatory password reset.


Google makes Symantec an offer it can’t refuse | Ars Technica

They're all about those certs.... no kidding.


Of Interest to Management

Facebook data transfers threatened by Safe Harbour ruling | BBC

(This keeps coming in discussions)


Please take care in what 3rd party code you run from your website… worth a discussion.

PageFair hack serves up fake flash update to 500 sites | ThreatPost



Slightly Less Random
Hackers gonna hack, but why? Maybe Freud has the answer | Guardian Try to face palm gently, Mary (with a straight face) explains that, "hackers hack because of a cyber-sexual urge to penetrate."