Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Information Security News Information Security News


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Popular News

17 hours ago 455,000 Turkish card details put up for sale, web skimmers suspected

ZDNet View Synopsis+1
Biggest dump of Turkish payment card details recorded in recent years.

17 hours ago iOS 13.3 brings bug fixes and a new security feature, but does it bring new bugs

ZDNet View Synopsis+1
iOS 13.3 and iPadOS 13.3 landed last night, and as well as bringing with them a whole array of bug fixes, but also a new security feature to help protect users from attacks.

16 hours ago Joker's Stash Celebrates Turkey Day With Stolen Card Data

InfoRiskToday View Synopsis+1
Fraudsters Invited to Dine Out on 460,000 Stolen Turkish Payment CardsThe notorious Joker's Stash carding forum has recently listed for sale 460,000 records, including never-before-seen payment card data that traces to Turkey's 10 largest banks, in four "Turkey-Mix" batches, says cybersecurity firm Group-IB.

15 hours ago Beware of bad Santas this Xmas: Piles of insecure smart toys fill retailers' shelves

The Register View Synopsis+1
Latest Which? study with NCC Group highlights toys it ain't smart to buy

It seems to come around quicker every year - the failure of so-called smart toys to meet the most basic of security requirements. Which? has discovered a bunch of sack fillers that dirtbags can use to chat to your kids this Christmas.…

15 hours ago Adobe patches 17 critical code execution bugs in Photoshop, Reader, Brackets

ZDNet View Synopsis+1
Other vulnerabilities resolved include privilege escalation and information leaks.

Top News

1 day ago U.S. City Hit by Cyberattack Days After Military Base Shooting

SecurityWeek View Synopsis+1

Authorities in Pensacola, Florida said Monday the city had been hit by a cyberattack, just days after a Saudi officer killed three American sailors at the city's naval base.

1 day ago AWS on Australia's encryption Bill and government-wide contract

ZDNet View Synopsis+1
The cloud giant's CISO has said his company will advocate 'very strongly' on behalf of its customers where the encryption Bill is concerned, and the company's local MD has said the region is among the most advanced markets in the world.

1 day ago A $200,000 Internet Fraud: Will Anyone Investigate?

InfoRiskToday View Synopsis+1
As Internet Crime Grows, Victims Have Few OptionsInternet crime has grown so rapidly that law enforcement is outpaced. Here's the story of how a Manhattan doctor lost $200,000 in an internet scam, and why he's struggling to get law enforcement's attention.

1 day ago SIEMs like a stretch: Elastic searches for cash from IT pros with security budgets

The Register View Synopsis+1
Open-source product now has yet another paid option on top

Black Hat Europe Elastic, the biz behind open-source search engine stack Elasticsearch, has launched its own SIEM - a somewhat counterintuitive thing to do, you'd think, until you look at how many others are using Elasticsearch for lucrative security products.…

1 day ago Network attacks increased in third quarter, WatchGuard says

TechRepublic View Synopsis+1
One network attack targeted the same vulnerability exploited in the Equifax data breach from September 2017, according to a new report.

Latest News

4 hours ago Mastercard joins Aussie digital ID market with Deakin and Australia Post partnerships

ZDNet View Synopsis+1
Australia is the first market for the company to trial its digital identity play with Australia Post and Deakin University signing up for the platform.

4 hours ago Five Charged in $722 Million Cryptomining Ponzi Scheme

InfoRiskToday View Synopsis+1
Prosecutors: Defendants Falsely Promised Big ReturnsThe Justice Department has charged five individuals with running a high-tech Ponzi scheme that allegedly fleeced investors out of $722 million by falsely promising clients big returns as part of a cryptomining operation.

5 hours ago How to stop spam calls right now

TechRepublic View Synopsis+1
Spam calls drive us all crazy. Here are four ways to stop robocalls and other unsolicited phone calls.

5 hours ago SAP Releases 5 Security Notes on December 2019 Patch Day

SecurityWeek View Synopsis+1

SAP issued five new Security Notes this week as part of its December 2019 Security Patch Day, to which it also added 2 updates for previously released Security Notes.

All of the new Security Notes released this month are rated Medium priority and feature CVSS scores ranging between 6.7 and 4.3. 

5 hours ago Plundervolt Attack Uses Voltage Changes to Steal Secrets From Intel Chips

SecurityWeek View Synopsis+1

A newly disclosed attack method targeting Intel processors employs voltage modifications to expose data protected using Intel's Software Guard Extensions (SGX).

5 hours ago Plundervolt Attack Uses Voltage to Steal Data From Intel Chips

SecurityWeek View Synopsis+1

A newly disclosed attack targeting Intel processors utilizes CPU voltage modifications to expose data stored using Intel's Secure Guard Extensions (SGX). 

5 hours ago Microsoft details the most clever phishing techniques it saw in 2019

ZDNet View Synopsis+1
This year's most clever phishing tricks include hijacking Google search results and abusing 404 error pages.

6 hours ago Health Data Breach Tally: Trends in 2019

InfoRiskToday View Synopsis+1
Hacking Attacks, Business Associate Incidents Were CommonThe federal tally of health data breaches shows that hacking attacks and incidents involving business associates dominated this year. Here's an analysis of all the latest trends.

7 hours ago Google Chrome will check for leaked credentials every time you sign in anywhere

The Register View Synopsis+1
Double-encrypted. That said, if you're worried about over-sharing, what are you doing on Chrome?

A new feature in Google's Chrome browser will warn you if your username and password matches a known combination in a security breach every time you type credentials into any website.…

8 hours ago McAfee Considers Purchase of NortonLifeLock: Report

InfoRiskToday View Synopsis+1
Former Symantec Consumer Business Unit Continues to Attract InterestMcAfee's ownership team is exploring a deal to acquire NortonLifeLock, the renamed, publicly traded firm that was formerly the consumer and small business security division of Symantec, according to the Wall Street Journal, which cites "people familiar with the matter."

9 hours ago Analysts find connection between North Korean military and crimeware organization TrickBot

TechRepublic View Synopsis+1
Researchers with SentinelLabs say they have found one of "the first known links between cybercrime groups and nation-state actors."

9 hours ago FBI shares security advice for online shopping

ZDNet View Synopsis+1
FBI: Use credit cards rather than debit cards, don't use public WiFi, keep your devices updated, and more.

10 hours ago Bad news: KeyWe Smart Lock is easily bypassed and can't be fixed

The Register View Synopsis+1
Good news? There is no good news

File this one under "not everything needs a computer in it". Finnish security house F-Secure today revealed a vulnerability in the KeyWe Smart Lock that could let a sticky-fingered miscreant easily bypass it.…