Welcome to another edition of our Weekly Rewind – where we summarize all our posts from the last week. The top stories this week were 3) “Annoyed”, 2) “iPhone SS Two-Factor Authentication Fail”, and 1) “ISC Raises Threat Level to Yellow Due to Recent IE Exploits”. If you missed anything or happened to be offline, we hope you find this summary post useful as a quick reference.
A la Schneier … you can also use this rewind post to talk about the security stories in the news that we haven’t covered.
ISC Raises Threat Level to Yellow Due to Recent IE Exploits: Thought this was interesting… SANS’s Internet Storm Center (ISC) recently raised its Threat Level to Yellow due to an IE vulnerability described in Microsoft Security Advisory 2887505 and CVE-2013-3893 that affects most mainstream versions. In general, the Threat Level doesn’t deviate that much from Green so when it does it is definitely something take note of. The last two times occurred on March 16, 2012 (MS12020 Windows RDP Vulnerability) and September 28, 2010 (MS10070). (continued here)
iPhone 5S Two-Factor Authentication Fail: The past few days we’ve seen a lot of pomp and circumstance trying to awe us about the quality of the sub-dermal sensor in the new iPhone 5S. But in the end it was just capable of higher resolutions that fell to the same technique documented in 2007 by Starbug of the Chaos Computer Club. (continued here)
Common Criteria or Common Crapteria Certifications?: In case you haven’t heard Good Technology and it’s enterprise MDM solution recently attained the esteemed EAL4+ Common Criteria certification. Great for Good, their marketing department, and me and the vast set of users that are now allowed to use this technology to carry one less device by ditching the corporate BlackBerry. (continued here)
Free P0WNAG3 Cyber Security Summit Announced: Just wanted to make everyone aware of this new free conference called P0WNAG3 taking place in early November being hosted by TrainACE. Join the likes of Curt Shaffer of General Dynamics Fidelis Cybersecurity Solutions and Joe McCray of Strategic Security leading topics such as traditional and intelligence based analysis models as well as mobile application hacking. Other presenters and panel participants will include Chris Camacho, Manoj Srivastava, Rich Barger, Brandon Dixon, Michael Buratowski, Matt McKnew, and Ned Moran. (continued here)
Annoyed: Chris “@cyberhiker” Burton is back in the blogging mood. Here he covers his frustrations with a recent article from DarkReading titled “Federal Cybersecurity Professionals To Leadership: We Can Do Better.” (continued here)
Hope everyone had a wonderful week. Have a great weekend!