Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Information Security News - SANS Internet Storm Center Information Security News


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Popular News

7 hours ago Microsoft Patches Actively Exploited Windows Vulnerability

SecurityWeek View Synopsis+1

Microsoft's Patch Tuesday updates for November 2018 address more than 60 vulnerabilities, including zero-days and publicly disclosed flaws.

20 hours ago Who Hijacked Google's Web Traffic?

InfoRiskToday View Synopsis+1
Data Routes Through Russia, Nigeria and China, Raising Security ConcernsGoogle is investigating the unorthodox routing of traffic bound for its cloud services that instead traveled via internet service provides in Nigeria, Russia and China. Security experts say border gateway protocol is to blame, but that no easy fix is in sight.

1 day ago Researcher Bypasses Windows UAC by Spoofing Trusted Directory

SecurityWeek View Synopsis+1

A security researcher from Tenable, Inc. recently discovered that it is possible to bypass Windows' User Account Control (UAC) by spoofing the execution path of a file in a trusted directory. 

Top News

5 hours ago It's November 2018, and Microsoft's super-secure Edge browser can be pwned eight different ways by a web page

The Register View Synopsis+1
Look, we're tired of doing these headlines too, but for there's patching to do

Microsoft and Adobe have delivered the November edition of Patch Tuesday with another sizable bundle of security fixes.

4 hours ago Card skimming malware removed from Infowars online store

ZDNet View Synopsis+1
Infowars online store hit by brief Magecart incident that lasted around 24 hours. Less than 1,600 users may have been affected.

3 hours ago Spectre, Meltdown researchers unveil 7 more speculative execution attacks

ArsTechnica View Synopsis+1
Systemic analysis reveals a range of new issues, and a need for new mitigations.

8 hours ago 4 communication fundamentals that should be in every disaster recovery plan

TechRepublic View Synopsis+1
See where the communication breakdowns are likely to occur--and revise the disaster recovery plan accordingly.

Latest News

2 hours ago Call of Duty swatting killer pleads guilty to 47 criminal charges

The Register View Synopsis+1
Another two awaiting trial over sad death of Andrew Finch

One of three people charged over the December 2017 "swatting" death of 28-year-old Andrew Finch has entered a guilty plea.

2 hours ago Senate votes to extend My Health Record opt-out to January 31

ZDNet View Synopsis+1
An amendment put forward by Pauline Hanson has been agreed to by the Senate, less than 48 hours before the legislated opt-out period was due to end.

6 hours ago Microsoft patches Windows zero-day used by multiple cyber-espionage groups

ZDNet View Synopsis+1
Kaspersky: Windows zero-day exploited by multiple cyber-espionage groups.

8 hours ago Russia: We did not hack the US Democrats. But <i>if</i> we did, we're immune from prosecution (lmao)

The Register View Synopsis+1
Hackers are lethal weapons, as in diplomatic... oh forget it

The Russian government has denied having anything to do with hacking the US Democratic party in 2016, although in a court filing this week stressed that even if it did break into the DNC's servers, it is immune from prosecution.

8 hours ago Russia: We did not hack the US Democrats. But <i>IF</i> we did, we're immune from prosecution (lmao)

The Register View Synopsis+1
Hackers are lethal weapons, as in diplomatic... oh forget it

The Russian government has denied having anything to do with hacking the US Democratic party in 2016, although in a court filing this week stressed that even if it did break into the DNC's servers, it is immune from prosecution.

9 hours ago Adobe Patches Disclosed Acrobat Vulnerability

SecurityWeek View Synopsis+1

Adobe has released Patch Tuesday updates for Flash Player, Acrobat and Reader, and Photoshop CC to address three vulnerabilities - one in each product.

9 hours ago SAP Patches Critical Vulnerability in HANA Streaming Analytics

SecurityWeek View Synopsis+1

SAP this week published its November 2018 set of security patches, which include 11 new Security Patch Day Notes, along with 3 updates for previously released notes.

9 hours ago Seven Hacking Groups Operate Under "Magecart" Umbrella, Analysis Shows

SecurityWeek View Synopsis+1

At least seven different cybercrime groups referred to as "Magecart hackers" are placing digital credit card skimmers on compromised e-commerce sites, Flashpoint and RiskIQ reveal in a joint report. 

Active since at least 2015, the Magecart hackers steal credit card information by placing digital skimmers on the websites they visit. 

10 hours ago How to download your data stored by Apple

TechRepublic View Synopsis+1
Downloading a copy of your data that Apple stores in iCloud and other services is easier than ever. Learn how to get your copy and what to do with it. Learn more about this massive privacy change.

10 hours ago Android Security Bulletin November 2018: What you need to know

TechRepublic View Synopsis+1
Another month where Android finds itself with a mixture of Critical and High vulnerabilities. Jack Wallen offers highlights.

11 hours ago Windows 10 October 2018 Update is back, this time without deleting your data

ArsTechnica View Synopsis+1
Microsoft is opening up about some of its testing procedures, too.