It’s a document extravaganza this week, with newly released Bin Laden files, ISIS informants & document treasure troves. We cover what surely must be a great week for the intelligence agencies.

Plus an update on the Apple vs DOJ case, the latest terrorism bogeyman, a 2016 race update, a high-note & even more!

Direct Download:

Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

Video Feed | MP3 Feed | OGG Feed | HD Torrent | Mobile Torrent | iTunes

Become an Unfilter supporter on Patreon:

— Show Notes —

Episode Links

• North Korea fires two missiles into Sea of Japan, cuts cooperation with South — RT News
• Ignore him at your own peril: Why Bernie Sanders may defy all predictions to win the Democratic nomination – Firstpost
• Producer License Descriptions and Fees | Washington State Liquor and Cannabis Board
• Barack Obama blames David Cameron for Libya descending into a “sh** show” – Mirror Online
• Germany says stolen Islamic State files ‘probably genuine’ – BBC News
• Obama Critical Of Cameron Over Libya Invasion
• Germany Obtains List of Foreigners Suspected of Fighting for ISIS – The New York Times
• German Media Say They Have a List of 22,000 Foreign ISIS Recruits – The Atlantic
• Isis document leak reportedly reveals identities of 22,000 recruits | World news | The Guardian
• US, South Korea take part in joint military exercise
• South Korea, U.S. begin exercises as North Korea threatens attack | Reuters
• 315,000 U.S. and South Korean troops begin massive exercise as North threatens war
• Painkillers now kill more Americans than any illegal drug. Watch why. – Vox
• One of the FBI’s Major Claims in the iPhone Case Is Fraudulent | American Civil Liberties Union
• SITE Cyber Security on Twitter: “Jihadi Telegram Channels Disseminate Anonymous-Associated Hacking Guide https://t.co/h0uzLhv75g https://t.co/dpgAFLk1DY”
• At Secretive Meeting, Tech CEOs And Top Republicans Commiserate, Plot To Stop Trump
• How DuPont Concealed the Dangers of the New Teflon Toxin
• NPR One
• iPhone may be suffering from Harry Potter fan-created disease – CNET
• This is how we spooked Putin: What the New York Times won’t tell you about the American adventure in Ukraine – Salon.com
• Cannabidiol could have rapid-acting antidepressant-like effects

The post Doxing ISIS | Unfilter 179 first appeared on Jupiter Broadcasting.

We review and discuss the most important bits from Edward Snowden’s Interview on John Oliver’s Last Week Tonight program. Plus an update on the situation in Yemen & the US’s increasing involvement.

Russia hacks the White House but the White House won’t confirm & a high note worth millions.

Direct Download:

Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

Video Feed | MP3 Feed | OGG Feed | HD Torrent | Mobile Torrent | iTunes

Become an Unfilter supporter on Patreon:

Show Notes:

News:

Oh, Google.

• Google wants to track what you’re watching to help you avoid spoilers

Tsarnaev

Dzokhar Tsarnaev is found guilty, and could face death penalty

Russia

How Russians hacked the White House – CNN.com

Russian hackers behind the damaging cyber intrusion of the State Department in recent months used that perch to penetrate sensitive parts of the White House computer system, according to U.S. officials briefed on the investigation.

While the White House has said the breach only affected an unclassified system, that description belies the seriousness of the intrusion. The hackers had access to sensitive information such as real-time non-public details of the president’s schedule. While such information is not classified, it is still highly sensitive and prized by foreign intelligence agencies, U.S. officials say.

Snowden:

An Edward Snowden Statue Was Replaced By A Hovering Snowden Image Last Night

Last Week Tonight with John Oliver: Government Surveillance (HBO) – YouTube

There are very few government checks on what America’s sweeping surveillance programs are capable of doing. John Oliver sits down with Edward Snowden to discuss the NSA, the balance between privacy and security, and dick-pics.

High Note:

Bob Marley-branded weed is helping pot startups break funding records

GOP medical marijuana bill delayed until next year

The post Naked Line In The Sand | Unfilter 140 first appeared on Jupiter Broadcasting.

Microsoft has been breached, Google suffers a major outage, and finally some solid technical details on Target’s massive credit card hack.

Plus a great batch of your questions, a rockin roundup, and much much more.

Thanks to:

— Show Notes: —

Microsoft breach leads to hackers stealing Law Enforcement documents

• According to the company, a number of Microsoft employees were targeted with attacks aiming to compromise both email and social media accounts, and in some cases, the attacks were successful.
• “It appears that documents associated with law enforcement inquiries were stolen”
• Adrienne Hall, General Manager at Microsoft’s Trustworthy Computing Group, wrote in a blog post.
• He continues: “If we find that customer information related to those requests has been compromised, we will take appropriate action,” Hall continued. “Out of regard for the privacy of our employees and customers – as well as the sensitivity of law enforcement inquiries – we will not comment on the validity of any stolen emails or documents.”
• The attackers have conducted their offensive against both email and social media accounts of Microsoft’s employees, the company did not reveal how many documents might have been exposed neither the nature of the attackers.
• What’s interesting about this is that the incident was significant enough to disclose, indicating that a fair number of documents could have been exposed, or that the company fears some documents will make their way to the public if released by the attackers.
• According to Microsoft, the Syrian Electronic Army may be behind the attacks.
• “Our current information suggests the phishing attacks are related,” Hall told SecurityWeek in an emailed statement.
• In March 2013, Microsoft released its first transparency report, noting that it had received over 70,000 law enforcement requests in 2012.
• Additional Coverage:
• Spear phishing against Microsoft, exposed law enforcement inquiries
• Microsoft Believes Law Enforcement Documents Compromised in Hack
• Microsoft says new phishing attacks targeted law enforcement documents | Ars Technica
• Microsoft: documents were stolen during recent employee email hack | The Verge
• Syrian Electronic Army stole law enforcement docs from Microsoft

Target Update

• An examination of the malware used in the Target breach suggests that the attackers may have had help from a poorly secured feature built into a widely-used IT management software
• As we previously noted the attackers used malware on the POS boxes to send credit card data read from memory to a central control server on Targets internal network.
• The user account “Best1_user” and password “BackupU$r” were used to log in to the shared drive (indicated by the “S:” under the “Resource Type” heading in the image above.
• That username is the same one that gets installed with an IT management software suite called Performance Assurance for Microsoft Servers. This product, according to its maker — Houston, Texas base BMC Software — includes administrator-level user account called “Best1_user.”
• BMC explains the Best1_user account is installed by the software to do routine tasks. That article states that while the Best1_user account is essentially a “system” or “administrator” level account on the host machine
• The Best1_user account appears to be associated with the Performance Assurance component of BMC Software’s Patrol product. According to BMC’s documentation, this account is normally restricted, but the attackers may have usurped control to facilitate lateral movement within the network.” According to a Dell SecureWorks paper being circulated to certain Dell customers.
• According to SecureWorks, one component of the malware installed itself as a service called “BladeLogic,” a service name no doubt designed to mimic another BMC product called BMC BladeLogic Automation Suite.
• According to a trusted Krebs source who uses mostly open-source data to keep tabs on the software and hardware used in various retail environments, BMC’s software is in use at many major retail and grocery chains across the country, including Kroger, Safeway, Home Depot, Sam’s Club and The Vons Companies, among many others.
• Initial entry into the network is suspected to have been facilitated by a SQL injection attack, according to Malcovery.
• Update: BMC says it is working with McAfee to investigate
• Krebs: WSJ says that vendor credentials that were used in the attack may have been from vendor other than BMC
• Additional Coverage – Ars Technica

Google breaks itself, and then fixes itself, while Engineers are busy on Reddit

• At 10:55 a.m. PST this morning, an internal system that generates configurations—essentially, information that tells other systems how to behave—encountered a software bug and generated an incorrect configuration.
• The incorrect configuration was sent to live services over the next 15 minutes, caused users’ requests for their data to be ignored, and those services, in turn, generated errors.
• Users began seeing these errors on affected services at 11:02 a.m., and at that time our internal monitoring alerted Google’s Site Reliability Team. Engineers were still debugging 12 minutes later when the same system, having automatically cleared the original error, generated a new correct configuration at 11:14 a.m. and began sending it; errors subsided rapidly starting at this time.
• By 11:30 a.m. the correct configuration was live everywhere and almost all users’ service was restored.
• Reddit AMA
• Additional Coverage – Reuters
• Additional Coverage – TechCrunch
• Additional Coverage – FoxNews

• FauxShow – Final sticker map! That was quite the experience! Awards Show on Feb 15th

Feedback:

• Unrecoverable read errors, how they affect ZFS
  • Has RAID5 stopped working – No, it never worked
• Dell Poweredge 1800 server
• pfSense firewalls hardware?
  • Amazon.com: PLANEX Wireless N 150Mbps USB2.0 RJ45 Mini Print Server Supports Windows 7 and MAC OS, WPS, IEEE 802.11n/g/b print server support SNMP & HP Web JetAdmin/ Hi-Speed USB – EN, Fast EN – 10Base-T, 100Base-Print Server/2.4 Ghz Wi-Fi Wireless Network LAN Print Server/Mini -103MN for office and SOHO usage supports peer to peer or server based printing 2dBi internal antenna x 1: Electronics
• Using RAID (or RAID-Z) with SSD drives
• cURL vs curling

Round-Up:

• How I lost my $50,000 Twitter username
  • Update: GoDaddy restored account and increase employee training
  • Update: PayPal denies providing attackers with details
• Yes, Virginia, There Really is Social Engineering
• Slashdot headline claims IE market share down to single digits, turns out metrics are only from W3School, so are skewed towards web developers
• Why the backblaze hard drive reliability numbers are wrong
• ISC highlights findings from Cisco Annual Security Report
• Gmail bug sends thousands of emails to the same guy
• If You Used This Secure Webmail Site, the FBI Has Your Inbox
• Department of Justice says company that did background check on Snowden faked over 665,000 background checks
• 4 HTTP security headers you should know about
• LeaseWeb Labs talks about ZFS

The post Google's Automated Outage | TechSNAP 147 first appeared on Jupiter Broadcasting.