Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC Information Security News


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Popular News

1 day ago Things You May Not Realize About 802.11ac

IT Toolbox Blogs View Synopsis+1
Our latest WLAN access standard is the most complex to date, and there's a lot of misunderstanding and confusion related 802.11ac out there. Let's talk about a number of points that may not be so obvious with 11ac- see how many of these you already knew...

23 hours ago Sophos takes rare step of citing Microsoft flaw as a must-fix

IT Toolbox Blogs View Synopsis+1
It?s unusual for a security company like Sophos to target a specific update that ?MUST? be applies ASAP. Sophos takes rare step of citing Microsoft flaw as a must-fix

23 hours ago Your city's not smart if it's vulnerable, says hacker

The Register View Synopsis+1
Major vendors block hackers from testing insecure IoT kit

"Real world hacker" Cesar Cerrudo has blasted vendors, saying they're stopping security researchers from testing smart city systems, and as a result they're being sold with dangerous unchecked vulnerabilities.

18 hours ago New Browser Hack Can Spy On Eight Out Of Ten PCs

Forbes View Synopsis+1
A group of Columbia University security researchers have uncovered a new and insidious way for a hacker to spy on a computer, Web app or virtual machine running in the cloud without being detected. Any computer running a late-model Intel microprocessor and a Web browser using HTML5 (i.e., 80% of [...]

Top News

8 hours ago EE Will Host Mobile Calls over WiFi for Buildings That Don't Have Cell Signal

IT Toolbox Blogs View Synopsis+1

Last year, EE rolled out a new service that allowed its customers to place mobile calls over a Wi-Fi connection. This service enables EE's customers to place calls without a cellular signal through Wi-Fi, which can save battery life and provide uninterrupted mobile phone service. Why is this a breakthrough for EE? People who get poor or no reception inside a building often

7 hours ago Lawyer: Cops dropped robbery case rather than detail FBI's StingRay phone snoop gizmo

The Register View Synopsis+1
Cell tracker kept secret at expense of criminal complaint

Prosecutors in St Louis, Missouri, have dropped a criminal robbery case to avoid revealing details of a controversial mobile phone surveillance program, a defense attorney has claimed.

7 hours ago Woman sues Google claiming she lost "thousands" through Google Play Store hack

ArsTechnica View Synopsis+1
Google never reimbursed her after agreeing that the purchases weren't hers, she says.

5 hours ago White House's Daniel 'Intrigued' By UL-Type Model For IoT Security

Dark Reading View Synopsis+1
Michael Daniel, the national cybersecurity coordinator and assistant to the President, talks Internet of Things security and recent Executive Orders on intel-sharing and sanctions.

1 day ago "‹Jokers, hackers, and airline safety

ZDNet View Synopsis+1
A security researcher joked about hacking a plane and was picked up by the FBI. They didn't think it was one bit funny.

1 day ago Researcher denied airline flight after tweet about hacking

Yahoo Security View Synopsis+1
WASHINGTON (AP) - United Airlines stopped a prominent security researcher from boarding a California-bound flight late Saturday, following a social media post by the researcher days earlier suggesting the airline's onboard systems could be hacked.

20 hours ago IBM launches free collaborative threat-sharing platform

SC Magazine View Synopsis+1
IBM launched a cyber threat intelligence sharing platform on Thursday that the company is billing as a social media network for security analysts.

18 hours ago Don't implement zero-trust security in a virtualized network without reading this overview

TechRepublic View Synopsis+1
Zero-trust network security has become a popular feature of software-defined networking (SDN). Here's an overview of this security approach, along with some of the market options.

15 hours ago Updates Fix Several Vulnerabilities in HP Network Automation

SecurityWeek View Synopsis+1

HP has released updates to address several remotely exploitable vulnerabilities in HP Network Automation.

19 hours ago New Top Secret Information on the US's Drone Program

Schneier blog View Synopsis+1

New operational information on the US's drone program, published by the Intercept and Der Speigel.

14 hours ago https://youtube.com/devicesupport

SANS YouTube View Synopsis+1
https://youtube.com/devicesupport From: YouTube Help Views: 301 0 ratingsTime: 03:56 More in Howto & Style

12 hours ago Info-Sharing Bills: What Happens Next?

InfoRiskToday View Synopsis+1
Obama's Stand on Two Measures Could Affect Their FateAs the House prepares to vote this week on two cyberthreat information sharing bills, their fates will rest as much on the White House's reaction to the proposals as on what happens in Congress.

Latest News

10 hours ago This machine catches stingrays: Pwnie Express demos cellular threat detector

ArsTechnica View Synopsis+1
An exclusive first look at Pwnie's new tool for catching cellular network attacks.

4 hours ago Waratek Wins RSA Innovation Sandbox

Dark Reading View Synopsis+1
RSA: 10th annual event honors runtime application self protection solution for solving Java security problems.

5 hours ago JavaScript CPU cache snooper tells crooks EVERYTHING you do online

The Register View Synopsis+1
New research sends browser kingpins scurrying for fixes

Four Cornell University boffins reckon they can spy on keystrokes and mouse clicks in a web browser tab by snooping on the PC's processor caches.

6 hours ago D-Link: sorry we're SOHOpeless

The Register View Synopsis+1
PS. Most products don't have a fix yet

D-Link's SOHOpeless HNAP vulnerability hasn't been fixed, but readers will be pleased to know that the company is very, very, very sorry that it exists.

6 hours ago Mt Gox LEAKED Bitcoin for years before heist, says WizSec

The Register View Synopsis+1
When the crooks struck, freedom was just another word for nothing left to lose

WizSec, a Tokyo-based group that's been investigating the Bitcoin thefts that eventually led to the unravelling of Mt Gox, reckons the crypto-currency was going missing from the trading firm long before it collapsed.

9 hours ago Sprint Takes a New Approach to Mobile and Wired Communications Management

IT Toolbox Blogs View Synopsis+1

As anyone who's been tasked with opening a new office knows, it is an exciting, exhausting, and without question a complex technical endeavor. The components that comprise an office network, both wired and wireless, must often be procured from separate providers that have little incentive to play well with one another when frustrating glitches arise. In the era of Bring

9 hours ago 10 Steps To ERP Security

IT Toolbox Blogs View Synopsis+1

Securing your ERP system is critical to your business. ERP contains almost all the vital information from your business can result in catastrophic loss if it is hacked.

 

Here are ten things you can do to help make your system more secure.

 

1. Keep your ystem updated 

Updates and patches to fix security holes need to be applied

9 hours ago 5 Ways to Improve Manufacturing Operations with ERP

IT Toolbox Blogs View Synopsis+1

Manufacturers have to be at the top of their game to stay competitive in crowded markets. One way companies choose to do that is by installing an enterprise resource planning (ERP) application. ERP can help organizations improve operations and stay competitive, even when competition is tight. Here are five ways in which an ERP system can help.

 

1.

11 hours ago 1,500 iOS apps have HTTPS-crippling bug. Is one of them on your device?

ArsTechnica View Synopsis+1
Apps downloaded two million times are vulnerable to trivial man-in-the-middle attacks.

11 hours ago Twitter allows anyone to send you a direct message: This is an upgrade?

ZDNet View Synopsis+1
For businesses, this makes sense. But for individuals, it seems like an invitation for 140-character spam. The good news: The feature is opt-in.