Quebec police spied on multiple journalists - https://www.engadget.com/2016/11/03/quebec-canada-cops-monitor-journalists/ Canadian intelligence agency gets hands slapped - http://www.cbc.ca/news/politics/csis-metadata-ruling-1.3835472 EMET EOL announced - https://blogs.technet.microsoft.com/srd/2016/11/03/beyond-emet/
Typed JSON - https://tonyarcieri.com/introducing-tjson-a-stricter-typed-form-of-json
http://www.cbc.ca/beta/news/canada/toronto/woman-toronto-police-database-unauthorized-searches-1.3830541 http://www.cbc.ca/beta/news/canada/calgary/gerard-brand-calgary-police-trial-breach-trust-1.3829644
Google talks about disclosing 0days - https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html Finically regulator loses some records - https://www.engadget.com/2016/10/31/us-comptroller-data-breach/
AIs make their own crypto: http://arstechnica.com/information-technology/2016/10/google-ai-neural-network-cryptography/ George Hotz folds https://www.google.ca/amp/www.theverge.com/platform/amp/2016/10/28/13453344/comma-ai-self-driving-car-comma-one-kit-canceled Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security - https://www.sigsac.org/ccs/CCS2016/wp-content/uploads/2016/08/Open-TOC-CCS.html Hillary…
Australia's Blood Service's exposed lots of personal data - https://www.troyhunt.com/the-red-cross-blood-service-australias-largest-ever-leak-of-personal-data/
Machine Learning Appsec testing - http://www.slideshare.net/babaroa/code-blue-2016-method-of-detecting-vulnerability-in-web-apps Mozilla doesn't trust Ernst & Young audits of CAs - https://blog.mozilla.org/security/2016/10/24/distrusting-new-wosign-and-startcom-certificates/
UNENCRYPTED SCADA PAGERS!!! http://arstechnica.com/security/2016/10/nuclear-plants-leak-critical-alerts-in-unencrypted-pager-messages/ (watch Jamie and Dave's head explode when they read that) MS threat modelling tool - https://www.microsoft.com/en-us/download/details.aspx?id=49168
Yet another - this is LSD TV mini0x07. Talking about the Defense again. Oh, and Ben's got a link for you - http://mooc.fi/courses/2016/cybersecurity/
Hangzhou Xiongmai recalls IoT devices - http://www.reuters.com/article/us-cyber-attacks-manufacturers-idUSKCN12O0MS Comodo CA relies on broken OCR and issues certs incorrectly - https://bugzilla.mozilla.org/show_bug.cgi?id=1311713 Using Rowhammer on Android - http://arstechnica.com/security/2016/10/using-rowhammer-bitflips-to-root-android-phones-is-now-a-thing/