Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Information Security News - SANS Internet Storm Center Information Security News


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Popular News

2 days ago Mirai author named as operator of DDOS protection service

The Register View Synopsis+1
Krebs says he's fingered author of epic IoT DDoS code

The author of the massive distributed denial of service attack platform Mirai, that compromised scores of routers and internet of things devices, is a New Jersey man, according to KrebsonSecurity.

2 days ago Security researcher finds the DDoS mastermind who took down the internet last fall

Yahoo Security View Synopsis+1
A distributed denial of service (DDoS) attack can take down a site, a server, or various parts of the internet. Attackers send to the target incredible amounts of junk traffic which bring their target down, making it impossible for real users to access that online service. One such attack happened back in mid-October last year , and it took out a large number of sites - the entire internet some would say - including Twitter, Spotify, Reddit, PayPal, and others. Researchers found a Mirai botnet to be responsible for the entire thing, and now a renown security researcher thinks he has uncovered one of the creators of the Mirai botnet. Brian Krebs, who often writes about online security and data breaches over at his own site Krebs On Security , was attacked with the help of Mirai in September 2016, with his site being down for almost four days. Since then, he has carefully investigated the matter, and he now thinks he knows who that person is. After months of digging, Krebs wrote an extensive story about the case, which reads like a mob story. Only everything he explains happens online. "The story you're reading now is the result of hundreds of hours of research," he said. "At times, I was desperately seeking the missing link between seemingly unrelated people and events; sometimes I was inundated with huge amounts of information - much of it intentionally false or misleading - and left to search for kernels of truth hidden among the dross. "If you've ever wondered why it seems that so few Internet criminals are brought to justice, I can tell you that the sheer amount of persistence and investigative resources required to piece together who's done what to whom (and why) in the online era is tremendous," he said, adding that that he even has a glossary for the story to make reading it easier. Krebs explained that the object of many DDoS has to do with money. For example, a company that provided DDoS protection for a living might employ DDoS attacks on potential customers, to convince them to buy their protection service. Did I tell you this reads like a mob story? Apparently, Paras Jha, who owns a DDoS protection provider called Protraf Solutions, is the guy responsible for the attack on Krebs and the internet. Check out the entire story at this link .

1 day ago Unbreakable Locky ransomware is on the march again

The Register View Synopsis+1
Necrus botnet wakes up and starts fresh malware-cano

Cisco is warning of possible return of a massive ransomware spam campaign after researchers noticed traces of traffic from the hitherto dormant Necrus botnet.

1 day ago DHS Used Outdated, Unpatched Systems: Audit

SecurityWeek View Synopsis+1

The Department of Homeland Security (DHS) has made improvements to its information security program, but problems have still been identified in several areas, according to a report made public this week by the Office of Inspector General (OIG).

2 days ago The Need for Connectivity

IT Toolbox Blogs View Synopsis+1
Even now we are starting to project the end of email systems as the use of instant messaging and group communications tools become ubiquitous on hand held connected devices.

Top News

1 hour ago IP Options Processing

IT Toolbox Blogs View Synopsis+1
Hosts call procedure ipdstopts to handle options in arriving datagrams. Although our procedure does not implement option processing, it parses the option length octets and deletes the options field from the IP header.

2 hours ago Crossing red lines: What's annoying Asian nations most?

Yahoo Security View Synopsis+1

How can you get under the skin of an Asian country? Diplomatic body searches, bomber flights, shrine statues and even doormats have set governments on edge. Here's a nation-by-nation look at Asia's figurative, ...

1 day ago LogicForce: The Tech Startup Helping Mid-Sized Law Firms Surpass The Giants

Forbes View Synopsis+1
How this disruptive tech company is leading the charge to equip mid-size law firms with the tools to out-scale and outsmart the competition.

1 day ago In Transition: White House Cybersecurity Policy

InfoRiskToday View Synopsis+1
President Donald Trump Suggests a Militaristic Approach to IT SecurityAs President Trump delivered his inaugural address, the White House transitioned its website from the Obama to the Trump administration. Immediately, Trump's team posted a series of position papers, including one that addressed - albeit briefly - cybersecurity.

15 hours ago Satan RaaS Promises Large Gains With Zero Coding Needed

SecurityWeek View Synopsis+1

A newly discovered family of ransomware is being offered via the Ransomware-as-a-Service (RaaS) business model, allowing cybercriminals to easily customize their own versions of the malware, researchers explain.

1 day ago Megaviral Meitu "beauty" app's data grab is anything but skin-deep

ArsTechnica View Synopsis+1
Android version seeks intrusive permissions, sends lots of data to servers in China.

1 day ago How to enable two-factor authentication for your Apple ID

TechRepublic View Synopsis+1
A hacked Apple account can be worth a lot to a cybercriminal. Protect yourself by enabling two-factor authentication for your Apple ID.

1 day ago Stop overhyping blockchain

ZDNet View Synopsis+1
Most blockchain evangelists exaggerate what blockchain does, overlooking what it was designed for, and stretch it to irrelevance

Latest News

1 hour ago LANs for Organizational Needs

IT Toolbox Blogs View Synopsis+1
The earlier manifestations of the PC-based LANs, by way of contrast, were not designed to provide connectivity except to a file server and to other micros on the network.

1 hour ago Choosing Broadband Technologies

IT Toolbox Blogs View Synopsis+1
Each broadband technology has its strengths and weaknesses.

3 hours ago Career Craft: Soul Searching

IT Toolbox Blogs View Synopsis+1

This is the 5th installment in a serial story on career problems and how to overcome them (Chapter 1).  To see the entire series, click here.

By Tuesday morning, James had worked himself into a small panic.  The meeting with Harold the previous day had taken

8 hours ago Trump vows his full support to CIA after feud about Russia hacking

Yahoo Security View Synopsis+1

By Jeff Mason and Warren Strobel LANGLEY, Va./WASHINGTON (Reuters) - U.S. President Donald Trump sought to mend fences with the CIA on Saturday, telling officers he had their back after he criticized spy agencies for their investigation into Russian hacking. In his first official visit to a government agency as president, Trump - who had said U.S. intelligence tactics were reminiscent of Nazi Germany - sought to leave no doubt with officers that he supported their work. "Very, very few people could do the job you people do and I want you to know I am so behind you," Trump said, to cheers and loud applause.

11 hours ago Trump to visit CIA after feud about Russia hacking

Yahoo Security View Synopsis+1

By Jeff Mason and Warren Strobel WASHINGTON (Reuters) - On the first full day as U.S. president, Donald Trump will head to CIA headquarters on Saturday, signaling an effort to mend fences after he slammed spy agencies for their investigation into Russian hacking during the presidential election. Trump engaged in an unprecedented feud with the CIA and U.S. intelligence agencies before his inauguration, but his spokesman Sean Spicer suggested that Trump would bear friendlier greetings when he speaks with more than 300 people at the event at the Langley, Virginia-based Central Intelligence Agency. "Excited to thank the men and women of the intelligence community," White House spokesman Spicer said on Twitter.