Threat Level: green Handler on Duty: Jim Clausing

SANS ISC: Information Security News - SANS Internet Storm Center Information Security News


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Popular News

2 days ago Equifax Sent Breach Victims to Fake Website

SecurityWeek View Synopsis+1

Equifax has made another blunder following the massive data breach suffered by the company - it advised some customers on Twitter to access a fake support website set up by a security researcher.

2 days ago Avast: The 2.3M CCleaner Hack Was A Sophisticated Assault On The Tech Industry

Forbes View Synopsis+1
In an attack on major tech companies, 20 PCs out of 700,000 singled out by the CCleaner hackers.

2 days ago Equifax's May Mega-Breach May Trace to March Hack

InfoRiskToday View Synopsis+1
Intrusion Eyed as Beachhead for Theft of 143 Million US Consumers' DataHackers behind the mega-breach at Equifax stole data in May, but they - or other attackers - penetrated the credit bureau's systems in March, exploiting a vulnerability for which Apache Struts had issued a patch, just four days prior.

2 days ago Part of FTC Complaint Against D-Link Dismissed

InfoRiskToday View Synopsis+1
But FTC Has One Month to Amend the ComplaintA federal judge Tuesday dismissed three of six counts in a complaint filed by the U.S. Federal Trade Commission against IoT manufacturer D-Link that alleges its sloppy security practices deceived consumers. The FTC has until Oct. 20 to amend the complaint.

Top News

1 day ago Google Patches High Risk Flaws in Chrome

SecurityWeek View Synopsis+1

Google this week released an updated version of Chrome 61 to address two High severity vulnerabilities.

Available for download as version 61.0.3163.100, the new Chrome iteration was pushed to all Windows, Mac, and Linux users, and should reach all in the next several days/weeks.

21 hours ago The method to model your system (i)

IT Toolbox Blogs View Synopsis+1

 continuing from

 If your Business Architecture framework does not return results follow this

 

The most recent large attempt to model a system took place in software with Object Oriented (OO) methodologies. Unfortunately

1 day ago Data From 540,000 Vehicle Tracking Devices Leaked Online

Forbes View Synopsis+1
Another configuration oversight has allowed highly-sensitive data that was stored in the cloud to leak.

1 day ago Analyzing Changes to EHR Certification Practices

InfoRiskToday View Synopsis+1
Recent changes by the HHS to the certification program for electronic health record software could potentially weaken efforts to ensure EHRs meet federal requirements, including those that impact security, says attorney Maya Uppaluru, who formerly was on the HHS staff.

1 day ago Aw, not you too, Verizon: US telco joins list of leaky AWS S3 buckets

The Register View Synopsis+1
Now is a good time to go check your own Amazon settings. It's OK, we'll wait

Yet another major company has burned itself by failing to properly secure its cloud storage instances. Yes, it's Verizon.

1 day ago "‹Australian government trying to weed out the 'murky' areas of cyber insurance

ZDNet View Synopsis+1
Before organisations in the country can head down the path of insuring against cyber incidents, the federal government needs to set the agenda, a senior government cyber adviser has said.

1 day ago Video: How to protect your company from internal cyber-threats

TechRepublic View Synopsis+1
A survey conducted by cybersecurity firm Varonis found that many large firms leave sensitive files like credit card credentials and medical records unencrypted. Technical Evangelist Brian Vecci explains how to protect your company's data from insider threats.L

Latest News

7 hours ago Chronically bad results (a caveat)

IT Toolbox Blogs View Synopsis+1

The other day I wrote about the reason for measuring.  It's to figure out when it's time to take action.  My advice was to not get too worried about it if your metrics are bad.  Taking action is a normal management action and isn't something to be too worried about.

 

There

7 hours ago The LAN: A History of Network Operating Systems Part 9

IT Toolbox Blogs View Synopsis+1
In the early 1990s, there seemed to have been some convergence on the use of 802.2 (LLC) and 802.3/802.5 Mac sub-layers as the basic Physical and Data Link Layer technology. Every major manufacturer provided this alternative, and over time it became a common methodology employed.

8 hours ago The LAN: A History of Network Operating Systems Part 8

IT Toolbox Blogs View Synopsis+1
In addition to the network architectures mentioned above, other protocol or protocol-like issues were of great importance: