ISC StormCast for Monday, November 28th 2016

Extracting Shellcode from Javascript
https://isc.sans.edu/forums/diary/Extracting+Shellcode+From+JavaScript/21753/
Using Scapy to Test CozyDuke Snort Signatures
https://isc.sans.edu/forums/diary/Scapy+vs+CozyDuke/21755/
Malicious JPEG Spreading via Facebook
http://blog.checkpoint.com/2016/11/24/imagegate-check-point-uncovers-new-method-distributing-malware-images/
San Francisco Public Transport ("MUNI") hit by Ransomware
http://sanfrancisco.cbslocal.com/2016/11/26/you-hacked-cyber-attackers-crash-muni-computer-system-across-sf/
Tesla Smartphone App Vulnerability
https://promon.co/blog/tesla-cars-can-be-stolen-by-hacking-the-app/