Threat Level: green Handler on Duty: Rick Wanner

SANS ISC: Information Security News - SANS Internet Storm Center Information Security News


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Popular News

15 hours ago Clinton email probe in late stage, FBI may question her

Yahoo Security View Synopsis+1

WASHINGTON (AP) - FBI agents probing whether Hillary Clinton's use of a private email server imperiled government secrets appear close to completing their work, a process experts say will probably culminate in a sit-down with the former secretary of state.

11 hours ago 4 Useful Tips for Protecting Yourself When Shopping Online

IT Toolbox Blogs View Synopsis+1
People rarely shop in actual stores anymore; they even buy groceries over the internet.

10 hours ago Google to kill passwords on Android, replace 'em with 'trust scores'

The Register View Synopsis+1
Hello, privilege escalation attacks

Google is planning to use "trust scores" to kill off traditional passwords on Android.

13 hours ago Hackers Steal $2 Million From Bitcoin Exchange In Hong Kong, Bounty Offered To Recover Funds

Forbes View Synopsis+1
Cybercriminals appear to have made off with the equivalent of $2 million in digital currencies from Gatecoin, according to a notice posted on the exchange's website.

13 hours ago Bomb threat hoax shuts down US, UK schools: zero skill required

ZDNet View Synopsis+1
Digital "swatting" has evolved into bomb and beheading threats made against schoolchildren.

Top News

8 hours ago DMA Locker Ransomware Gets Prepped for Outbreak

SecurityWeek View Synopsis+1

As ransomware authors continue to increase their presence on the threat landscape, the group behind the DMA Locker malware is getting ready for massive distribution, Malwarebytes researchers warn.

7 hours ago Australia, New Zealand Still Mulling Data Breach Laws

InfoRiskToday View Synopsis+1
Both Nations Have Committed to Strengthening Notification RequirementsNeither Australia nor New Zealand currently has laws on the books requiring organizations to notify people affected by data breaches. But both countries do say they are committed to introducing that requirement.

7 hours ago Critical Security Controls: Software Designed Inventory, Configuration, and Governance

SANS Reading Room View Synopsis+1
The events of September 11, 2001, show us how isolated communication and the inability to share intelligence could paralyze decision making (Johnston, 2003).

6 hours ago How to easily encrypt/decrypt a file in Linux with gpg

TechRepublic View Synopsis+1
Stop your search for an easy way to encrypt and decrypt files in Linux -- the built-in gpg tool will do the trick.

5 hours ago Federal Government HR and Cybersecurity (May 20, 2016)

SANS Newsbites View Synopsis+1

The White House plans to issue HR strategy for federal government HR (human resources) departments for recruiting cybersecurity talent.......

1 day ago Beware of keystroke loggers disguised as USB phone chargers, FBI warns

ArsTechnica View Synopsis+1
Private industry notification comes 15 months after debut of KeySweeper.

Latest News

10 hours ago Google wants to kill off passwords for logging into your Android smartphone

ZDNet View Synopsis+1
Google's 'Project Abacus' wants to replace passwords and pins with biometric logins -- and banks will do the initial testing soon.

9 minutes ago Agari Raises $22 Million to Expand Email Protection Platform

SecurityWeek View Synopsis+1

Agari, a provider security solutions that help detect email-based cyberattacks, today announced that it has raised $22 million in a Series D funding round, bringing the total raised by the company to $44.7 million. The company previously raised $15 million in a Series C funding round back in September 2014. 

1 hour ago 7 Gadgets to Make Your Home a Smart Home

IT Toolbox Blogs View Synopsis+1
A guide to 7 gadgets that will make your home smarter

1 hour ago SWIFT CEO promises security improvements

The Register View Synopsis+1
Humble piece comes in five slices

The head of the SWIFT financial network has put forward a five-part plan to improve security after its systems were the focus of several cyberattacks.

1 hour ago PGP co-founder rejoins Apple to bring better encryption to the masses

ZDNet View Synopsis+1
This will be Jon Callas' third stint at the technology giant.

2 hours ago SWIFT CEO Pushes Information Sharing, Improved Security

SecurityWeek View Synopsis+1

Threat Intelligence Sharing Moves Center Stage for SWIFT

2 hours ago Cloud security startup vArmour raises $41 million from Telstra, Redline Ventures

ZDNet View Synopsis+1
Based in Mountain View, vArmour specializes in application-aware micro-segmentation to bring security analytics to data centers and cloud platforms.

3 hours ago Attacks Against Banks Leverage Macros, PowerShell

SecurityWeek View Synopsis+1

A series of attacks carried out against banks in the Middle East in early May were using unique scripts that are not commonly seen in crimeware campaigns, researchers at FireEye warn.

4 hours ago How to add a simple password manager to Ubuntu Touch

TechRepublic View Synopsis+1
For an easy-to-use password manager for the Ubuntu Touch platform, Jack Wallen recommends the no-frills app password-shroud.

4 hours ago How UC Supports the Needs of Remote Workers

IT Toolbox Blogs View Synopsis+1

Previous posts in this series have focused on the needs of various job functions inside the business, and that's the natural starting point when considering UC. They will account for the majority of activity, both in terms of utilizing UC applications and bandwidth consumption on your network.

4 hours ago Contact Center Agents - the Original UC Users

IT Toolbox Blogs View Synopsis+1

Over the past few posts, I've looked at various job functions in terms of their specific needs for communications. Not surprisingly, they're all different, and if they're not reflected in your decisions around Unified Communications, you run the risk of deploying a generic

4 hours ago Apple rehires prominent security pro as encryption fight boils

Yahoo Security View Synopsis+1

By Joseph Menn SAN FRANCISCO (Reuters) - Apple Inc , which has resisted pressure from U.S. law enforcement to unlock encrypted iPhones, this month rehired a top expert in practical cryptography to bring more powerful security features to a wide range of consumer products. Jon Callas, who co-founded several well-respected secure communications companies including PGP Corp, Silent Circle and Blackphone, rejoined Apple in May, an Apple spokesman said. Callas had worked at Apple in the 1990s and again between 2009 and 2011, when he designed an encryption system to protect data stored on a Macintosh computer.

4 hours ago CompTIA report: Almost half of companies believe their security is 'good enough'

TechRepublic View Synopsis+1
A recent security report from CompTIA found that while threats are growing stronger, many enterprises still aren't ready to face them.

5 hours ago New Japanese Government Agency Will Protect Critical Infrastructure from Cyberattacks (May 20, 2016)

SANS Newsbites View Synopsis+1

Japan plans to establish a new government agency to protect the country's critical infrastructure from cyberattacks.......

5 hours ago US House Legislators Advise Colleagues to Upgrade to Basic Security Hygiene (May 23, 2016)

SANS Newsbites View Synopsis+1

US Representatives Ted Lieu (D-California) and Will Hurd (R-Texas) have written a "Dear Colleagues" letter to their fellow legislators, warning them about cybersecurity threats and offering concrete advice for protecting information.......

5 hours ago US Medicare Agency Introduces Data Guardians Program (May 23, 2016)

SANS Newsbites View Synopsis+1

Following a spear phishing attack that targeted the US Centers for Medicare and Medicaid Services (CMS), the agency's chief information officer (CIO) David Nelson created the job of data guardian.......

6 hours ago China's Huawei sues Samsung Electronics claiming mobile patent infringement

Yahoo Security View Synopsis+1

By Yimou Lee and Anne Marie Roantree HONG KONG (Reuters) - Huawei Technologies Co Ltd [HWT.UL] said on Wednesday it has filed lawsuits against Samsung Electronics Co Ltd claiming infringement of smartphone patents, in the first such case by the Chinese firm against the world's biggest mobile maker. Huawei has filed lawsuits in the United States and China seeking compensation for what it said was unlicensed use of fourth-generation (4G) cellular communications technology, operating systems and user interface software in Samsung phones. "We hope Samsung will ... stop infringing our patents and get the necessary license from Huawei, and work together with Huawei to jointly drive the industry forward," Ding Jianxing, president of Huawei's Intellectual Property Rights Department, said in a statement.

7 hours ago Insure against a cyberwhat now? How the heck do we crunch <i>those</i> numbers?

The Register View Synopsis+1
Pushing for creation of cyberattack database

The head of a UK industry insurance organisation has called for the government to create a database where companies would be obliged to "record details of cyber attacks".

7 hours ago ISMG Security Report: Unusual Twist in Ransomware

InfoRiskToday View Synopsis+1
Information Security Media Group is premiering the twice-weekly ISMG Security Report, a concise, on-demand audio report in which ISMG editors and other experts analyze the latest IT security news.

7 hours ago Pebble just re-invented the iPod Shuffle, and it runs Spotify

Yahoo Security View Synopsis+1
Back in the days before RunKeeper and GPS watches, my jogs were a beautifully simple thing: I strapped on an iPod Shuffle loaded with a strong mix of Britney and Eminem, and vanished into my own little world for an hour. A couple years later, I transitioned to Spotify and never really looked back. But running with an armband and a 5-inch phone never felt quite the same, and clearly other people agree. That's why I'm absurdly happy that Pebble, a small Canadian company that makes wearables, is making a Shuffle-sized device that clips on to your shorts, plays your Spotify playlists, and tracks runs. DON'T MISS: iPhones will finally get the OLED screens they deserve The Core is a $70 device about the same size as an old Shuffle, complete with a little clip. It allows you to store Spotify playlists on the 4GB of built-in storage, or stream them over a 3G connection. It also has built-in GPS and integration with popular apps like RunKeeper and Strava, so you can track your workouts. Finally, it builds in an emergency SOS button using that cellular radio, so you still have the comfort value of not being completely cut off from the world in an emergency. It feels like someone's sat down, thought about what my ideal device would be to take running or biking, and then built that. It's a stripped-down machine for people who just want to know how far they've run, and listen to music along the way. My only concern is the controls: Core only has two buttons, so you'll really need to pair it to a Pebble smartwatch over Bluetooth to make the most of it. Pebble actually has other plans for the Core beyond just workouts. As Pebble points out, Core is really just a tiny Android 5.0-powered computer, complete with a full suite of sensors like GPS and microphones, and Bluetooth, Wi-Fi and cellular connectivity. Pebble is making the device completely open to hackers, so you can expect a bunch of Core-powered lifehacks coming soon. Alongside the Core, Pebble also revamped its line of smartwatches with a new focus on fitness. The Pebble 2 is a $100 smartwatch that looks a lot like the original Pebble, but with the notable addition of built-in heartrate tracking. The Pebble Time 2 is an update to last summer's Pebble Time Steel, with a color e-ink display and heart-rate monitoring again. Overall, the smartwatch updates stick to Pebble's core philosophy of the simpler, the better. Pebble watches have buttons instead of touchscreens, and week-long battery life rather than 24 hours. They're meant to be smartwatches for people who mostly want a watch, only with this update, they're now also cheap and powerful fitness trackers. All three devices are up for pre-order on Kickstarter right now, Pebble's tried-and-tested method of selling products. The Core is $69 with delivery in January next year, Pebble 2 is $99 in September this year, while the Pebble Time 2 is $169, delivery November 2016.

7 hours ago New Note 6 Trademark Reveals Samsung's Futuristic Vision

Forbes View Synopsis+1
Samsung has registered a new trademark that suggests a new user-friendly security measures is arriving on its mobile hardware. Marks for both 'Samsung Iris' and 'Samsung Eyeprint' were requested last week, implying that the technology is on course to be available to the public.

8 hours ago New Galaxy Note 6 Trademark Reveals Samsung's Futuristic Vision

Forbes View Synopsis+1
Samsung has registered a new trademark that suggests a new user-friendly security measures is arriving on its mobile hardware. Marks for both 'Samsung Iris' and 'Samsung Eyeprint' were requested last week, implying that the technology is on course to be available to the public.

11 hours ago SWIFT Promises Security Overhaul, Fraud Detection

InfoRiskToday View Synopsis+1
But Post-Bangladesh Bank Hack Plans Would Not Require Compliance, CEO SaysAfter blaming a recent spate of bank robberies on banks' poor information security practices, SWIFT has changed its tune. Now it says it wants to help financial firms spot related fraud and better share information about unfolding threats.