Threat Level: green Handler on Duty: Bojan Zdrnja

SANS ISC: Information Security News - SANS Internet Storm Center Information Security News


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Popular News

17 hours ago 10 tips to avoid ransomware attacks

TechRepublic View Synopsis+1
As ransomware increasingly targets healthcare organizations, schools and government agencies, security experts offer advice to help IT leaders prepare and protect.

16 hours ago LastPass unpatched zero-day vulnerability gives hackers access to your account

ZDNet View Synopsis+1
The security flaw was one of "a bunch of critical problems" discovered by a prominent researcher who simply took a quick look at the software.

16 hours ago Vulnerabilities Found in Osram Smart Lighting Products

SecurityWeek View Synopsis+1

Researchers at security firm Rapid7 have identified several vulnerabilities in the home and professional versions of Osram's Lightify smart connected lighting products.

13 hours ago Saved from ransomware thugs... by rival ransomware thug

The Register View Synopsis+1
Chimera cybercrook competitor hands victims the keys

Private keys of the Chimera ransomware have been leaked by a rival cybercriminal.

12 hours ago Ransomware Gang Allegedly Dumps Rival's Crypto Keys

InfoRiskToday View Synopsis+1
Leak of 3,500 Chimera Crypto Keys Claimed by Petya Ransomware DevelopersThe Petya ransomware gang says it released 3,500 crypto keys that it stole - along with source code - from rival Chimera ransomware developers. If the keys are legitimate, security firms say they can build decryption tools for Chimera victims.

Top News

8 minutes ago U.S. theory on Democratic Party breach: Hackers meant to leave Russia's mark

Yahoo Security View Synopsis+1
By John Walcott, Joseph Menn and Mark Hosenball WASHINGTON (Reuters) - Some U.S. intelligence officials suspect that Russian hackers who broke into Democratic Party computers may have deliberately left digital fingerprints to show Moscow is a "cyberpower" that Washington should respect. Three officials, all speaking on condition of anonymity, said the breaches of the Democratic National Committee (DNC) were less sophisticated than other cyber intrusions that have been traced to Russian intelligence agencies or criminals.

21 hours ago 7 Campaign Monitor Integrations to Enhance Your Email Marketing Efforts

IT Toolbox Blogs View Synopsis+1
Add as much value as possible to your Campaign Monitor email marketing with these seven third-party integrations.

14 hours ago WikiLeaks And Whistle-blowers Are The Two Biggest Threats To Your Business Right Now

Forbes View Synopsis+1
Recent events have shown how information can be wielded to wound and tarnish perceptions of people and parties. Your business is not immune from such threats. How should you think about WikiLeaks and whistleblowers moving forward?

11 hours ago Clinton campaign e-mail accounts were targeted by Russians, too

ArsTechnica View Synopsis+1
Was it to cover for hack, or part of info-war on NATO? Putin won't tell.

1 day ago US Critical Infrastructure and Cyberattack Preparedness (July 21, 2016)

SANS Newsbites View Synopsis+1

Speaking at the Chemical Sector Security Summit last week, Department of Homeland Security (DHS) assistant secretary for cybersecurity and communications Andy Ozment said that the December attack against the power grid in Ukraine should be "a wake up call" for organizations supporting critical infrastructure in the US.......

Latest News

7 hours ago Petya, Mischa Ransomware Now Available as a Service

SecurityWeek View Synopsis+1

Ransomware-as-a-Service (RaaS) has become a very popular business model over the past several months, and the actor(s) behind Petya and Mischa ransomware families have adopted the service model.

8 hours ago New US cybersecurity plan makes it easier for businesses to get help after an attack

TechRepublic View Synopsis+1
US President Barack Obama recently published a policy directive for cyber incident coordination, which outlines how the government should respond to cybersecurity attacks.

1 hour ago Airbus doesn't just make aircraft - now it designs drone killers

The Register View Synopsis+1
New security system downs sky spies from seven miles away

Vid A new joint venture between aircraft manufacturer Airbus and California startup Dedrone is selling a security system that can spot drones miles away and knock them out of the sky.

2 hours ago Solving Big Risk Problems One Small Step at a Time

InfoRiskToday View Synopsis+1
The Global Cyber Alliance is taking on small projects to come up with solutions to big cyber risk problems. "It's essentially using a startup approach to a much bigger problem," CEO Phil Reitinger, who will keynote the upcoming ISMG New York Fraud and Breach Summit, says in this interview.

2 hours ago CEO Fraud: Lessons From an Attack

InfoRiskToday View Synopsis+1
Why Employees Are the Best Lines of DefenseCEO fraud campaigns are becoming far more common. A recent attack against our company was deflected because of the alertness of a staff member who received a fraudulent wire transfer request, illustrating why well-informed employees truly are the best lines of defense against these schemes.

2 hours ago Cisco Live 2016: Analyst Take On Important Security And Networking Announcements You May Have Missed

Forbes View Synopsis+1
Cisco CEO Chuck Robbins kicking off Cisco Live (Photo courtesy Patrick Moorhead) Cisco Live is Cisco Systems' annual education and training conference, held in multiple countries worldwide and attended by their customers, partners, resellers, press and analysts. Two weeks ago, I attended the U.S. analyst conference held in Las Vegas, July [...]

3 hours ago Couple in the cooler for sucking $1m out of Uncle Sam via IRS 'Get Transcript' scam

The Register View Synopsis+1
DoJ says pair exploited web tools to file fake returns

Two people have been jailed for their involvement in a scam that exploited the US IRS "Get Transcript" website to defraud the American government.

3 hours ago A Practical Approach to Digital Clinician and Patient Credentials

InfoRiskToday View Synopsis+1

This exclusive webinar, sponsored by VASCO, will talk about ways your healthcare organization can create a secure bridge between the verified identity in the physical world and the online identity in the cyberspace on a state or national level. Co-hosts Michael Magrath, Director of Business Development at VASCO and a nationally recognized leader in the healthcare identity management field, and Andrew Showstead, Director of Technical Consultancy at VASCO, will discuss how your organization can deploy a unique, reusable and trusted digital patient credential that provides interoperability and links multiple players via a trust framework.

In this exclusive webinar, Magrath and Showstead will also discuss:

  • Different options to provide better patient and provider electronic authentication;
  • How superior identity management naturally leads to improved HIPAA and HITECH compliance;
  • How to implement remote ID verification;
  • How to secure end-to-end communications between patients and providers.

3 hours ago Savvius Insight 2.0 Packs a Slew of Network Analysis and Reporting Into a Very Small Package

IT Toolbox Blogs View Synopsis+1

 

 

If you're in enterprise networking, you know that everything tends to get bigger. We currently talk in terms of 10 and 40 Gbps pipes, and ponder how to properly analyze our enormous client device and application bases for performance, security, and a host of other parameters. It's easy to skirt right past the branch paradigm when it comes to analysis if

3 hours ago Trump to Russia: Uncover, release deleted Clinton emails

Yahoo Security View Synopsis+1

WASHINGTON (AP) - Donald Trump encouraged Russia on Wednesday to find and make public missing emails deleted by his presidential opponent, Hillary Clinton, setting off an instant debate over hacking and his urging of a foreign government to meddle in American politics.

4 hours ago Cybersecurity startup PhishMe raises $42.5 million Series C

ZDNet View Synopsis+1
PhishMe aims to help companies thwart phishing attacks and other threats to business networks through consistent employee training.

4 hours ago Did Donald Trump really just ask Russia to hack the US govt? Yes, he did

The Register View Synopsis+1
And now denies it. But hey: News cycle!

In the latest of a series of implausibly appalling statements, Republican presidential nightmare Donald Trump encouraged the Russian government to hack into the servers of US government officials in order to provide him political ammunition against his Democratic rival.

4 hours ago Motorola isn't worried about making sure your Android phone is secure

Yahoo Security View Synopsis+1
We've all heard it before: the best thing you can do to keep your computer safe from hackers is to update regularly. Software companies push updates to fix known flaws in their operating systems, and hackers routinely search for old software versions so that they can take advantage of known security flaws that no one's bothered to patch yet. So it's a little unnerving to hear that Motorola, maker of some of the world's best Android phones, doesn't really think that making Android security updates available in a timely manner is particularly important. DON'T MISS:  6 of the best Gmail tricks you never knew existed To be absolutely clear, Android as a platform has a problem with updates and security updates. Unlike iOS devices, which get the update as soon as Apple has tested it, there's a few more steps to the Android update process. Google has to issue an update, which manufacturers then have to tweak, cell carriers have to mess with a little, and then the update finally gets pushed to customers. It's a painstaking process that takes months of time, and serious money for the hardware manufacturers that they'll never see back. But timely updates are also the cornerstone of good mobile security. With major flaws like Stagefright being revealed every year -- flaws that can only be fixed with a security patch -- updates that get pushed in days or weeks, not months, are important. This is where Motorola comes in. As first spotted by  Ars Technica , the company has decided not to commit to monthly Android security updates, even for its newest devices. When asked to comment on this story, Motorola didn't address specific questions about security concerns, and stuck to the line that monthly updates are "difficult": Motorola understands that keeping phones up to date with security patches is important to our customers. We strive to push security patches as quickly as possible. However, because of the amount of testing and approvals that are necessary to deploy them, it's difficult to do this on a monthly basis for all our devices. It is often most efficient to bundle security updates in a scheduled Maintenance Release (MR) or OS upgrade. As we previously stated, Moto Z Droid Edition will receive Android Security Bulletins. Moto G4 will also receive them. Everything in the statement is technically true: issuing fewer updates is certainly "most efficient" for Motorola, and cranking out monthly updates for a number of devices is difficult. But the statement is symptomatic of a pretty cavalier attitude from many Android manufacturers towards security. With profits difficult to find in the high-end smartphone business (if you're not called Apple, that is), spending money issuing free security updates is a difficult ask. Google is aware of the reputation Android has for poor security (compared to iOS), which is why it created the Android Security Bulletin program to issue monthly security updates. But if manufacturers refuse to commit to the program -- and Moto seems to be leading the charge here -- it's not going to do much to fix Android's " toxic hellstew " of vulnerabilities.

4 hours ago Motorola doesn't really care about making your Android phone secure

Yahoo Security View Synopsis+1
We've all heard it before: the best thing you can do to keep your computer safe from hackers is to update regularly. Software companies push updates to fix known flaws in their operating systems, and hackers routinely search for old software versions so that they can take advantage of known security flaws that no one's bothered to patch yet. So it's a little unnerving to hear that Motorola, maker of some of the world's best Android phones, doesn't really think that making Android security updates available in a timely manner is particularly important. DON'T MISS:  6 of the best Gmail tricks you never knew existed To be absolutely clear, Android as a platform has a problem with updates and security updates. Unlike iOS devices, which get the update as soon as Apple has tested it, there's a few more steps to the Android update process. Google has to issue an update, which manufacturers then have to tweak, cell carriers have to mess with a little, and then the update finally gets pushed to customers. It's a painstaking process that takes months of time, and serious money for the hardware manufacturers that they'll never see back. But timely updates are also the cornerstone of good mobile security. With major flaws like Stagefright being revealed every year -- flaws that can only be fixed with a security patch -- updates that get pushed in days or weeks, not months, are important. This is where Motorola comes in. As first spotted by  Ars Technica , the company has decided not to commit to monthly Android security updates, even for its newest devices. When asked to comment on this story, Motorola didn't address specific questions about security concerns, and stuck to the line that monthly updates are "difficult": Motorola understands that keeping phones up to date with security patches is important to our customers. We strive to push security patches as quickly as possible. However, because of the amount of testing and approvals that are necessary to deploy them, it's difficult to do this on a monthly basis for all our devices. It is often most efficient to bundle security updates in a scheduled Maintenance Release (MR) or OS upgrade. As we previously stated, Moto Z Droid Edition will receive Android Security Bulletins. Moto G4 will also receive them. Everything in the statement is technically true: issuing fewer updates is certainly "most efficient" for Motorola, and cranking out monthly updates for a number of devices is difficult. But the statement is symptomatic of a pretty cavalier attitude from many Android manufacturers towards security. With profits difficult to find in the high-end smartphone business (if you're not called Apple, that is), spending money issuing free security updates is a difficult ask. Google is aware of the reputation Android has for poor security (compared to iOS), which is why it created the Android Security Bulletin program to issue monthly security updates. But if manufacturers refuse to commit to the program -- and Moto seems to be leading the charge here -- it's not going to do much to fix Android's " toxic hellstew " of vulnerabilities.

4 hours ago Motorola Declines To Commit To Monthly Security Updates For Android

Forbes View Synopsis+1
Motorola Mobility, a Lenovo company, made a splash last week with the introduction of new Moto Z and Moto Z Force smartphones. Not only are the devices well-built, premium Android phones with seriously potent performance, they also bring with them a very innovative version of modular expansion called Moto Mods [...]

5 hours ago PhishMe Raises $42.5 Million in Series C Funding

SecurityWeek View Synopsis+1

PhishMe, a company that helps organizations teach security awareness by educating employees on how to identify phishing attacks, today announced it has raised a whopping $42.5 million in funding.

6 hours ago Locky Ransomware Sheds Downloaders in Favor of JavaScript

SecurityWeek View Synopsis+1

Locky, one of the top ransomware families currently haunting users around the world, has upgraded its distribution mechanism, and is now spread embedded in JavaScript files attached to spam emails.

6 hours ago Critics blast Trump calls for Russia to locate missing Hillary Clinton e-mails

ArsTechnica View Synopsis+1
"I think you will probably be rewarded mightily by our press," he says.

7 hours ago Tor inquiry: "Many people" reported being "humiliated" by Appelbaum

ArsTechnica View Synopsis+1
Going forward, group will now have a new anti-harassment policy, among other changes.

7 hours ago 5 Kinds of Tools Every IT Professional Should Have

IT Toolbox Blogs View Synopsis+1
Most people outside of the profession only know the IT team as the techies who come in and fix things when the computers ?aren't acting right.?

8 hours ago Cyber Security Failures Front and Center In the US Presidential Race

IT Toolbox Blogs View Synopsis+1

If you are a CISO or Chief Compliance Officer you couldn't ask for more public examples of why your profession matters.  The news headlines have been a treasure trove of evidence why your budget should be protected from any kinds of cuts.

 

Don't get me wrong, I'm not advocating for any of the bad cyber-security stories that we've been reading lately.  But the fact

10 hours ago Signal Sciences pushes real-time security solution to tech companies

ZDNet View Synopsis+1
A number of companies have signed up for tech which makes real-time updates and DevOps easier to integrate.

10 hours ago Telegram app vuln recorded anything macOS users pasted - even in secret

ArsTechnica View Synopsis+1
CEO Pavel Durov claims Telegram has plugged "a minor bug phrased to look big."

10 hours ago How to avoid ransomware attacks: 10 tips

TechRepublic View Synopsis+1
As ransomware increasingly targets healthcare organizations, schools and government agencies, security experts offer advice to help IT leaders prepare and protect.

10 hours ago DNC Launches Fresh Hack Probe As Russia Continues To Take Blame

Forbes View Synopsis+1
DNC doesn't know how bad its hack was and experts still aren't sure if Russia is to blame.

11 hours ago Signal Sciences pushes real-time security solution to tech firms

ZDNet View Synopsis+1
A number of companies have signed up for tech which makes real-time updates and DevOps easier to integrate.