Threat Level: green Handler on Duty: Russell Eubanks

SANS ISC Information Security News


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Popular News

1 day ago Prank texts CLOBBER iPhones - we dive inside the iOS, OS X bug

The Register View Synopsis+1
75-byte character assassination reveals Apple was so close yet so far

Analysis Miscreants can crash and reboot iPhones from afar by sending them specially crafted texts, thanks to a vulnerability in iOS.

1 day ago Attack Of The Angry Support Staff

Forbes View Synopsis+1
I've had occasion over the last year to write about digital supply chain security more than a few times (1, 2, 3). There are the aspects of outsourcing helpdesk functions, code development, millions of interconnects with partners. There is no shortage to how wide the attack surface for your organization can [...]

1 day ago Mozilla abandons Firefox tracking protection initiative: Is privacy protection impossible?

ZDNet View Synopsis+1
A hidden feature in the open-source Firefox browser can cut load times for modern web pages nearly in half. So why isn't this feature easy to find and enable? Blame the well-funded online advertising industry.

1 day ago The IRS Could Have Prevented Its Latest Data Hack. Time For Some TFA

Forbes View Synopsis+1
The IRS and 100,000 unlucky taxpayers are victims of the latest data breach in an endless string of cyber exploits that have turned into the online world's version of Groundhog Day. The attackers, identity thieves and fraudsters seeking to file false tax returns, target a place with perhaps the country's [...]

2 days ago Why The World's Top Security Pros Are Furious About Exploit Export Rules

Forbes View Synopsis+1
US plans to control exports of hacker tools causes a furore amongst security researchers, who fear for the future of their profession. Even engineers and execs from Facebook, Google and Yahoo have given their backing and voiced their dissent at the proposals.

Top News

12 hours ago IRS attack may have originated in Russia

SC Magazine View Synopsis+1
An IRS breach may have been instigated by attackers in Russia, a U.S. Congressman said.

12 hours ago Security Software Market Jumped Worldwide in 2014: Gartner

SecurityWeek View Synopsis+1

Global revenues for the security software market grew more than five percent in 2014 to a total of $21.4 billion, according to industry analyst firm Gartner.

12 hours ago IRS Authentication Method Criticized

InfoRiskToday View Synopsis+1
The method the Internal Revenue Service used to authenticate users, which failed to keep sophisticated hackers from breaching a taxpayer-facing system, has been widely criticized by cybersecurity experts.

8 hours ago Small businesses trashed in big malware campaign

The Register View Synopsis+1
'Grabit' malware isn't subtle or clever, but it's working

Kaspersky researcher Ido Noar says attackers have hit hundreds of small and medium businesses, stealing credentials and documents in a noisy smash-and-grab campaign.

8 hours ago BSides London 2015

Forbes View Synopsis+1
Next week I have the distinct pleasure of heading over to London to attend a couple of security events. One of which is the community driven BSides London 2015 conference. This will be the third year that I'm attending this event and I still am tickled with the quality of [...]

7 hours ago Sourceforge and Trusted Software Sources

IT Toolbox Blogs View Synopsis+1
This week we got a healthy reminder of one of the drawbacks of open source software - anyone who wants to can compile and distribute it. More people distributing free software is a good thing right? It is - but not if they are packaging it with Malware to boot.

1 hour ago Apple issues temporary workaround for iPhone crashing Messages bug

ZDNet View Synopsis+1
The company is working on a fix, but in the meantime, there are steps you can take to mitigate the problem.

31 minutes ago Sally Beauty says hackers used malware in data breach

Yahoo Security View Synopsis+1
Sally Beauty Holdings, as part of an ongoing investigation into a data breach, said that malware was deployed against some of its point-of-sale systems, or cash registers, over a six-week period beginning ...

23 hours ago MOOC on Cybersecurity

Schneier blog View Synopsis+1

The University of Adelaide is offering a new MOOC on "Cyberwar, Surveillance and Security." Here's a teaser video. I was interviewed for the class, and make a brief appearance in the teaser.

22 hours ago Data Theft The Goal Of BlackEnergy Attacks On Industrial Control Systems, Researchers Say

Dark Reading View Synopsis+1
CyberX analysis of BlackEnergy module reveals most likely motive behind sophisticated multi-year attack campaign.

16 hours ago Inside a Giant Dark Web Coupon Counterfeiting Scheme

WIRED View Synopsis+1

On Thursday, the FBI indicted 30-year old Beau Wattigney on charges of wire fraud and trademark counterfeiting for enabling a gargantuan series of petty thefts as the dark web kingpin ThePurpleLotus.

The post Inside a Giant Dark Web Coupon Counterfeiting Scheme appeared first on WIRED.

1 day ago Beware of the text message that crashes iPhones

ArsTechnica View Synopsis+1
Newly discovered iOS bug triggers wave of text messages that causes iDevice reboot.

Latest News

28 minutes ago Belgium Probes Germany Spying Claims

SecurityWeek View Synopsis+1

Belgium has launched an investigation into claims of widespread espionage by Germany, which is accused of helping the US spy on Berlin's closest allies in Europe, a minister said Friday.

1 hour ago Tim Bryce - BED BUGS & OUR CHANGING WORLD - 6/1/2015

IT Toolbox Blogs View Synopsis+1
What is the true cause of our changing world and what can be done about it?

1 hour ago Hola: A free VPN with a side of botnet

ZDNet View Synopsis+1
The free Hola package operates by reselling the bandwidth of millions of Hola users -- resulting in a millions-strong botnet for sale.

2 hours ago Germany licks lips, eyes new data gulp with revised retention law

The Register View Synopsis+1
Wrong in 2006, 2010 and 2014, but it's now fine

Once a fierce opponent of data retention, Germany's back in slurping mode. The Federal Cabinet yesterday approved a new draft law that would force telcos to store call and email records for 10 weeks.

2 hours ago Sally Beauty: Cybercriminals Planted Malware on PoS Systems for 6 Weeks

SecurityWeek View Synopsis+1

Professional beauty supplies retailer Sally Beauty has provided an update on its investigation into the recent breach of its payment card systems.

4 hours ago Researchers Find Over 50 Security Flaws in D-Link NAS, NVR Devices

SecurityWeek View Synopsis+1

SEARCH-LAB, a Hungary-based security testing company that specializes in embedded systems, has identified more than 50 vulnerabilities in network-attached storage (NAS) and network video recorder (NVR) products from D-Link.

5 hours ago Death to Bullet Points

IT Toolbox Blogs View Synopsis+1

You want to communicate effectively.  You want to be persuasive.  Great!  Don't use bullet points.Bullet points aren't the worst thing in the world. They are more effective than paragraph prose.  If you make your audience read a full paragraph to know what you want, then you deserve what you get (nothing).  BUT!  Any more, bullet point lists

5 hours ago Yay for Tor! It's given us RANSOMWARE-as-a-service

The Register View Synopsis+1
A simple but TOXic attack emerges from the onion

Threat Research head Jim Walter says a virus writer has created a ransomware-as-a-service offering which allows luddite criminals to fleece users.

6 hours ago Prominent Approaches to Compact Large Size Outlook PST File

IT Toolbox Blogs View Synopsis+1
Large size PST file can result in corruption, so to avoid corruption it is necessary to compact the PST file. Such compaction can be done through various methods as described in post.

7 hours ago Google launches native Android Smart Lock password manager

The Register View Synopsis+1
Look out LastPass: Devs can shunt creds into OS vault

Google I/O Android users will be able to store passwords in Google's native Smart Lock manager, in a security boon for the masses.