Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Information Security News - SANS Internet Storm Center Information Security News


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Popular News

12 hours ago DNS Servers Crash Due to BIND Security Flaw

SecurityWeek View Synopsis+1

Updates released by the Internet Systems Consortium (ISC) for BIND patch a remotely exploitable security flaw that has caused some DNS servers to crash.

11 hours ago US hospital pays $55,000 to hackers after ransomware attack

ZDNet View Synopsis+1
Hancock Health paid up despite having backups available.

10 hours ago Wanna motivate staff to be more secure? Don't bother bribing 'em

The Register View Synopsis+1
Also, don't get the BOFH to publicly smack them with a LART

Usenix Enigma It's frustrating getting users to keep information and systems secure on a daily basis. However, don't try any smart gimmicks - particularly offering wedges of cash or other prizes for good behavior.…

10 hours ago BlackBerry in Motion: Firm Aims to Secure Cars From Hackers

InfoRiskToday View Synopsis+1
With Jarvis, BlackBerry Targets Connected - and Driverless - Vehicle SecurityBlackBerry mobile devices have become a rare sight. But drivers of Audi, GM and Mercedes vehicles may be using the company's embedded operating system in their cars, and with a new tool called Jarvis, BlackBerry is also making a play to secure the code used to drive autonomous vehicles.

10 hours ago Biggest vuln bombshell in forever and storage industry still umms and errs over patches

The Register View Synopsis+1
Does it run in VMs, containers, systems running external code? Just. Patch. It

Analysis A growing consensus among storage hardware appliance vendors is that, since they don't run external software on their hardware, they don't need to stick performance-hindering patches into their operating systems.…

Top News

8 hours ago Meltdown and Spectre patches now available for Oracle systems

TechRepublic View Synopsis+1
Among the 237 fixes in Oracle's Critical Patch Update for January are patches for both Spectre and Meltdown.

2 hours ago Facebook To Finally Hold Full Investigation Into Russian Involvement In Brexit

Forbes View Synopsis+1
Facebook has agreed - not entirely happily, from its tone - to expand its investigation into whether Russia meddled with the UK's Brexit referendum.

Latest News

8 hours ago Former CIA Agent Arrested With Top Secret Info

SecurityWeek View Synopsis+1

US authorities said Tuesday they had arrested a former CIA agent, Hong Kong resident Jerry Chun Shing Lee, after discovering he had an unauthorized notebook that had the identities of undercover US spies.

Lee, a naturalized US citizen also known as Zhen Cheng Li, was arrested late Monday after he arrived at JFK International Airport in New York.

48 minutes ago Why Some Healthcare Entities Pay Ransoms

InfoRiskToday View Synopsis+1
Indiana Hospital Pays After Ransomware Attack, Citing Time Needed to Restore SystemsA recent incident involving an Indiana hospital that publicly admitted to paying a $55,000 ransom to unlock data following a ransomware attack - despite having backup systems - highlights the need to test data recovery plans.

1 hour ago HTML5 may as well stand for Hey, Track Me Longtime 5. Ads can use it to fingerprint netizens

The Register View Synopsis+1
This language is wired for sound

Usenix Enigma HTML5 is a boon for unscrupulous web advertising networks, which can use the markup language's features to build up detailed fingerprints of individual netizens without their knowledge or consent.…

1 hour ago Zyklon Malware Delivered via Recent Office Flaws

SecurityWeek View Synopsis+1

A piece of malware known as Zyklon has been delivered by cybercriminals using some relatively new vulnerabilities in Microsoft Office, FireEye reported on Wednesday.

3 hours ago Anatomy of a Cryptocurrency Phishing Campaign

InfoRiskToday View Synopsis+1
North Korea Keeps Hacking for Bitcoins, Researchers SayVirtual currency that's been surging in value, stored in internet-connected banks and virtual "hot wallets": What could go wrong? The answer includes well over $175 million worth of stolen cryptocurrency and attacks that have been tied to North Korea's Lazarus Group.

4 hours ago Google intros Security Center tool for G Suite

ZDNet View Synopsis+1
Security center aims to bring together analytics, insights and recommendations about an organization's data security.

4 hours ago Stack Ranking SSL Vulnerabilities: The ROBOT Attack

SecurityWeek View Synopsis+1

At least two additional security vendors, including IBM and Palo Alto Networks, have been added to the list of vendors vulnerable to a variation on the Bleichenbacher attack called the ROBOT attack.

4 hours ago New G Suite security center offers security analytics and best practices from Google

TechRepublic View Synopsis+1
The service will offer insights into current security practices and methods for flagging future threats.

4 hours ago Skygofree Android malware is 'one of the most powerful ever seen'

TechRepublic View Synopsis+1
The dangerous new spyware kit can gain total control over an Android device, and it's been in the wild since 2015.

5 hours ago A Venture Capitalist's 2018 Outlook

InfoRiskToday View Synopsis+1
As a longtime investor in companies offering cybersecurity solutions, Alberto Yépez of Trident Capital Cybersecurity is most concerned by a lack of investment in one key area; replacing aged technologies that are supporting critical infrastructure industries, such as power utilities.

5 hours ago Cloud computing: Why a major cyber-attack could be as costly as a hurricane

ZDNet View Synopsis+1
The economic costs of a large cyber-attack could be as large as the impact of a major natural disaster.

5 hours ago Want more privacy online? ProtonMail brings its free VPN to Android

ZDNet View Synopsis+1
ProtonVPN comes to Android, promising no malware, no ads, and no selling of user data.

6 hours ago Cyberattacks are third largest threat to global society over next 5 years

TechRepublic View Synopsis+1
These attacks fell behind natural disasters and extreme weather in the World Economic Forum's 2018 Global Risks Report.

6 hours ago Former Santander bank manager pleads guilty to computer misuse crimes

The Register View Synopsis+1
£15k went walkabout after customer details spilled to boyfriend

A former Santander bank manager has pleaded guilty to £15,000 worth of computer misuse crimes after her boyfriend talked her into giving him illicitly obtained customer information.…