Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Information Security News - SANS Internet Storm Center Information Security News


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Popular News

15 hours ago Win 7, Server 2008 'Total Meltdown' exploit lands to pop admin shells

The Register View Synopsis+1
Plus: Xen admins - you need to get patching your patches, too

If you're not up-to-date with your Intel CPU Meltdown patches for Windows 7 or Server 2008 R2, get busy with that, because exploit code for Microsoft's own-goal flaw is available.…

11 hours ago Microsoft Releases More Microcode Patches for Spectre Flaw

SecurityWeek View Synopsis+1

Microsoft this week released another round of software and microcode updates designed to address the CPU vulnerability known as Spectre Variant 2.

Microsoft has been releasing software mitigations for the Spectre and Meltdown vulnerabilities since January, shortly after researchers disclosed the flaws.

19 hours ago Facebook And Google Are Under Fire For Shady Data. Why Not Uber?

Forbes View Synopsis+1
While Facebook and Cambridge Analytica face scrutiny for hazy dealings with data, strange links in Uber's past remain mostly unexplored.

15 hours ago Win 7, Server 2008 'Total Meltdown' exploit lands, pops admin shells

The Register View Synopsis+1
Plus: Xen admins - you need to get patching your patches, too

If you're not up-to-date with your Intel CPU Meltdown patches for Windows 7 or Server 2008 R2, get busy with that, because exploit code for Microsoft's own-goal flaw is available.…

13 hours ago Power spike leads Chinese police to 600-machine mining rig

The Register View Synopsis+1
Six Bitcoiners cuffed for electricity heist

Chinese media is reporting the seizure of 600 Bitcoin miners in the northern municipality of Tianjin, on the grounds of electricity theft.…

Top News

11 hours ago ?Equifax has spent $242.7 million on its data breach so far

ZDNet View Synopsis+1
The spending is shifting more toward data security and IT systems. Equifax carries $125 million in cybersecurity insurance with a $7.5 million deductable.

7 hours ago Police Seize Webstresser.org, Bust 6 Suspected Admins

InfoRiskToday View Synopsis+1
DDoS Stresser/Booter Service: Servers Seized, Top Users Also ArrestedPolice have taken down Webstresser, a leading stresser/booter service tied to 4 million on-demand DDoS attacks, which could be used for as little as $15 per month. Six of the site's administrators have been arrested, as have some of the site's top users, authorities say.

7 hours ago 5 things you should know about fileless malware attacks

TechRepublic View Synopsis+1
Cybersecurity threats evolve quickly, and attackers are increasingly using tactics that don't require a payload or tricking someone into installing something. Here's what you need to know about fileless attacks.

Latest News

6 hours ago Ransomware warning: This phishing campaign delivers new malware variants

ZDNet View Synopsis+1
Tens of thousands of messages are being sent each day in an effort to trick people into installing this particular form of ransomware, say researchers.

6 hours ago Top 5: Things to know about fileless attacks

TechRepublic View Synopsis+1
Fileless attacks are particularly tricky because they don't require anything to be installed before causing harm. Here are the basics you should know about this type of threat.

6 hours ago Apple Is Struggling To Stop A 'Skeleton Key' Hack On Home Wi-Fi

Forbes View Synopsis+1
If you can hack a toaster, you can hack home Wi-Fi, all by exploiting the trust of Apple.

15 minutes ago Recent BA Ransomware Incidents Serve Up Lessons

InfoRiskToday View Synopsis+1
Experts Say Breaches Spotlight Vendor RisksTwo recent security incidents involving ransomware attacks on vendors serve as the latest reminders of the risks business associates pose to healthcare organizations. What steps should entities take to mitigate those risks?

15 minutes ago Improving Fraud Prevention: Key Steps

InfoRiskToday View Synopsis+1
Kedar Samant of Simility on Leveraging Machine Learning, Data AnalyticsMachine learning and data analytics are both critical to fraud prevention, says Kedar Samant, CTO of Simility.

60 minutes ago How to easily manage CentOS firewalld with an ncurses tool

TechRepublic View Synopsis+1
Jack Wallen shows you how to make working with CentOS 7 iptables much easier with the help of an ncurses-based GUI.

2 hours ago The Promise of Artificial Intelligence in Security

InfoRiskToday View Synopsis+1
OpenText's Gary Weiss on the Role of New TechnologyArtificial intelligence can help the security community tackle the skills shortage and is also essential to fighting the volume and sophistication of cyberattacks, says Gary Weiss of OpenText.

3 hours ago Hackers Made A Device That Can Unlock Every Room In 140,000 Hotels

Forbes View Synopsis+1
A pair of security researchers have cooked up an electronic master key that can unlock millions of hotel room doors.

3 hours ago How to help employees realize their responsibility in keeping a company safe from data breaches

TechRepublic View Synopsis+1
According to a Dtex System's report, one-third of government employees believe they are more likely to be struck by lightning than have their data compromised. Here's how to change their perspective.

6 hours ago Entrepreneurs Should Get Free Training, Tax Breaks To Boost Cybersecurity, Senate Told

Forbes View Synopsis+1
There can be a silver lining in a hack, however. An entrepreneur said most of the files his hacker swiped were years old and useless: "It was like cleaning house."

9 hours ago Cheap crimeware kits help wannabe hackers get into the malware business

ZDNet View Synopsis+1
Latest kit costs $40 a month and allows users to conduct mass campaigns.