Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Information Security News - SANS Internet Storm Center Information Security News


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Popular News

1 day ago Google secretly logs users into Chrome whenever they log into a Google site

ZDNet View Synopsis+1
Browser maker faces backlash for failing to inform users about Chrome Sync behavioral change.

1 day ago Millions of Twitter Users Affected by Information Exposure Flaw

SecurityWeek View Synopsis+1

Twitter has patched a bug that may have caused direct messages to be sent to third-party developers other than the ones users interacted with. The problem existed for well over a year and it impacted millions of users.

22 hours ago Woman pleads guilty to hacking police surveillance cameras

ZDNet View Synopsis+1
A chase around Europe led to the extradition of a 28-year-old who infected police equipment with ransomware days before Trump's inauguration.

21 hours ago Some credential-stuffing botnets don't care about being noticed any more

The Register View Synopsis+1
They just take a battering ram to the gates

The bots spewing out malicious login attempts by the bucketload appear to have cranked it up a notch.

20 hours ago YubiKey 5: First multi-protocol security keys with FIDO2 support

ZDNet View Synopsis+1
Replace weak, outdated password-based methods with strong hardware-based authentication.

Top News

7 hours ago Domain registrar oversteps taking down Zoho domain, impacts over 30Mil users

ZDNet View Synopsis+1
Domain registrar bungle takes down the website of one of the world's largest companies.

6 hours ago Microsoft 'kills' passwords, throws up threat manager, APIs Graph Security

The Register View Synopsis+1
Cloud lineup gets security overhaul with 2FA and new monitoring tools

Ignite Microsoft is beefing up the security in its cloud services lineup with a handful of unveilings today at this year's Ignite conference.

2 hours ago PCI compliance slipping for first time in 6 years, but IT remains on top

TechRepublic View Synopsis+1
According to Verizon data, only 52.5% of companies maintained full compliance with payment card industry standards in 2017.

1 hour ago Symantec Completes Internal Accounting Investigation

SecurityWeek View Synopsis+1

Symantec announced on Monday that it has completed its internal accounting audit, and while some issues have been uncovered, only one customer transaction has an impact on financial statements.

10 hours ago Advanced DDoS Detection and Defense

InfoRiskToday View Synopsis+1
Not only are we now seeing the most powerful DDoS attacks ever recorded, but they also are leveraging the ever-growing army of IoT devices. Gary Sockrider of NETSCOUT Arbor offers advice for detection and defense.

18 hours ago Microsoft offers completely passwordless authentication for online apps

ArsTechnica View Synopsis+1
Phone-based authentication is the way forward instead.

Latest News

8 hours ago SHEIN fashion retailer announces breach affecting 6.42 million users

ZDNet View Synopsis+1
Hack took place somewhere in June, but the company only discovered the breach in late August.

10 hours ago Microsoft 'kills' passwords, throws up threat manager, and APIs Graph Security

The Register View Synopsis+1
Cloud lineup gets security overhaul with 2FA and new monitoring tools

Ignite Microsoft is beefing up the security in its cloud services lineup with a handful of unveilings today at this year's Ignite conference.

10 hours ago Massachusetts HIPAA Case Outlines Series of Missteps

InfoRiskToday View Synopsis+1
$230,000 in Penalties After Two Insider BreachesA HIPAA-related enforcement case in Massachusetts involving two insider breaches alleges a trail of missteps, including failure to take prompt action after receiving tips about potential misuse of patient information. What can other entities learn from the mistakes?

10 hours ago Breach Investigations: The Detective's View

InfoRiskToday View Synopsis+1
Kenrick Bagnall of Toronto Police on How to Be Prepared for CybercrimeKenrick Bagnall, a former IT executive who is now a detective constable with the Toronto Police, offers unique insights on public/private partnerships and how enterprises can work better with investigators in the event of a breach.

11 hours ago Future-Proofing for IoT Risks

InfoRiskToday View Synopsis+1
Check Point's Robert Falzon on Preparing for the Changes to ComeThe internet of things promises to change how enterprises operate - as well as the cybersecurity risks they will face. Robert Falzon of Check Point Software Technologies outlines IoT risks and how to prepare to mitigate them.