Training Ops

• See the replay of the Black Hills Infosec How to Stop Compliance Zombies presentation, and check out the accompanying files as well.

• Tim Tomes is teaching PWAPT - Practical Webapp Pentesting in SC and Boston soon. Keep an eye on his training page or Twitter account. I attended PWAPT (listen to episodes #107 and #108) and it was worth every penny.

General News

• Apple is fighting the FBI's request for backdooring a phone associated with the mass shooting in San Bernardino. Troy Hunt's article gives you a thorough breakdown, and you should also check out a technical explanation of how Apple can comply with the order, and Apple's letter to customers.

• Apple fixes the pesky error 53 that disabled some iPhones recently. The peasants rejoice!

• You definitely should not set your iDevice to January 1, 1970 unless you want to have a very expensive rock for a phone.

• The Glibc flaw affects thousands of devices and this article walks through some of the "what ifs" and practicality of real world exploitation.

• Steve Gibson's GRC.com site has been down for days after being subject to a massive distributed DNS reflection attack.

• You probably shouldn't use Comodo Internet Security. A few weeks ago we talked about how it disables same-origin policy, and apparently it also installs VNC by default.

Tools/Scripts

• Use airgraph-ng to create a wifi network graph. It's cool!

Misc/Humor

• Pee Wee Herman is returning to TV (specifically Netflix) in March. I hope he brings a huge foil or rubber band ball!