Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: Information Security News - SANS Internet Storm Center Information Security News

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Popular News

1 day ago Fruity hacking group juiced by Microsoft's October patch parade

The Register View Synopsis+1
Get your patching done, people, this Font-borne bug is being actively exploited

Kaspersky Labs researcher Anton Ivanov says an advanced threat group was exploiting a Windows zero day vulnerability before Microsoft patched it last week.

1 day ago NSA Contractor's Alleged Theft 'Breathtaking'

InfoRiskToday View Synopsis+1
Government Argues Harold T. Martin III Should Stay in Jail Until TrialU.S. government prosecutors want former NSA contractor Harold T. Martin III detained until trial, fearing that the highly classified information he allegedly collected - and knows - might leak and pose a risk to national security.

1 day ago U.S. vote authorities warned to be alert to Russian hacks faking fraud: officials

Yahoo Security View Synopsis+1

U.S. intelligence and law enforcement officials are warning that hackers with ties to Russia's intelligence services could try to undermine the credibility of the presidential election by posting documents online purporting to show evidence of voter fraud. The officials, who spoke on condition of anonymity, said however, that the U.S. election system is so large, diffuse and antiquated that hackers would not be able to change the outcome of the Nov. 8 election.

1 day ago Hacking the US Presidential Election: Evaluating the Threats

InfoRiskToday View Synopsis+1
Experts evaluating the likelihood of a hack to alter votes in this year's American presidential election highlight the latest edition of the ISMG Security Report. Also, U.S. federal regulators propose new cybersecurity rules for big banks.

1 day ago Pentagon to Launch More Bug Bounty Programs

SecurityWeek View Synopsis+1

Following the success of the "Hack the Pentagon" program, the U.S. Department of Defense has decided to continue to test its websites and networks for cybersecurity vulnerabilities using crowdsourced experts.

Top News

11 hours ago Cyberattacks on key internet firm disrupt internet services

Yahoo Security View Synopsis+1
Withering cyberattacks on server farms of a key internet firm repeatedly disrupted access to major websites and online services including Twitter, Netflix and PayPal across the United States on Friday. ...

7 hours ago IoT Security Is A Mess That Will Take An Age To Fix

Forbes View Synopsis+1
The IoT security nightmare will take an age to fix, and we may not have that long.

6 hours ago Russian Indicted for Breach of Three Silicon Valley Companies

InfoRiskToday View Synopsis+1
Suspect Said to Have Targeted LinkedIn, Dropbox and FormspringAuthorities say Yevgeniy Aleksandrovich Nikulin stole credentials from a LinkedIn employee and used them to breach the social networking firm in 2012, in which well over 100 million members' passwords were exposed.

1 day ago "Most serious" Linux privilege-escalation bug ever is under active exploit (updated)

ArsTechnica View Synopsis+1
Lurking in the kernel for nine years, flaw gives untrusted users unfettered root access.

1 day ago GCHQ tech leader's plan to secure an entire country

ZDNet View Synopsis+1
The UK's cyber defenders plan to make the country's government networks vastly more secure by strong, national enforcement of network protocols.

21 hours ago IBM and SBI Securities test bond trading on the blockchain

TechRepublic View Synopsis+1
SBI Securities will adopt the Hyperledger Fabric and work with IBM to test the application of blockchain technology for operational processes and security around bond trading.

16 hours ago How To Attract and Retain 'Cyber Ninjas': High Pay Is Not the Top Requirement(October 19, 2016)

SANS Newsbites View Synopsis+1

For seasoned cybersecurity professionals, motivation for sticking with their current jobs doesn't mean big management promotions or higher salaries, a new Center for Strategic and International Studies (CSIS) report finds.......

16 hours ago "Continuous Integration: Live Static Analysis with Roslyn"

Appsec Streetfighter Blog View Synopsis+1
Early in 2016, I had a conversation with a colleague about the very, very limited free and open-source .NET security static analysis options. We discussed CAT.NET, which released back in 2009 and hasn't been updated since. Next came FxCop, which has a few security rules looking for SQL Injection and Cross-Site Scripting included in the … Continue reading Continuous Integration: Live Static Analysis with Roslyn

Latest News