Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Information Security News - SANS Internet Storm Center Information Security News


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Popular News

5 hours ago Traveling? How To Keep Homeland Security Away From Your (Real) Cell Phone

Forbes View Synopsis+1
In the brave new world of border checks, any traveler entering or leaving the United States may have his or her cell phone seized without a warrant and its entire contents copied for future use. Learn more -- including how to avoid this stunning violation of privacy.

9 hours ago SNMP Authentication Bypass Plagues Numerous Devices

SecurityWeek View Synopsis+1

The Simple Network Management Protocol (SNMP) embedded in some Internet connected devices allows an attacker to bypass authentication by simply sending random values in specific requests, security researchers have discovered.

4 hours ago How one company wants to replace tech show booth babes with STEAM students

TechRepublic View Synopsis+1
The new STEAM-Con Connection offers cybersecurity vendors an alternative to staffing trade show booths with models. Here's how it works.

6 hours ago What Is IP Tracking and What You Need to Know About It

IT Toolbox Blogs View Synopsis+1
What tool can help you grab all the information you need about your online visitors and turn it to your advantage?

1 day ago Symantec promises audit-fest to placate Google trust reduction plans

ZDNet View Synopsis+1
TLS certificate vendor says it will even audit its previous audits to prevent having Google reduce its trust on Symantec certificates.

Top News

3 hours ago TrickBot banking Trojan steps up attacks against UK targets

ZDNet View Synopsis+1
IBM X-Force researchers warn that this sophisticated malware family is fast becoming one of the most prevalent forms of data-stealing banking Trojans

3 hours ago Sneaky 'fileless' malware flung at Israeli targets

The Register View Synopsis+1
Spies, bank raiders gravitate to growing stealth technique

A newly uncovered cyber-espionage campaign targeting Israeli organisations relies on "fileless" malware, a hacker tactic that's becoming a growing menace.…

1 hour ago Verizon's New Data Breach Report: An Analysis

InfoRiskToday View Synopsis+1
In an in-depth interview, Verizon's Ashish Thapar analyzes the results of the company's latest Data Breach Investigations Report, noting, for example, the spread of cyberespionage in several sectors worldwide. He also shares insights on effective mitigation strategies.

19 hours ago Russian-controlled telecom hijacks financial services' Internet traffic

ArsTechnica View Synopsis+1
Visa, MasterCard, and Symantec among dozens affected by "suspicious" BGP mishap.

Latest News

47 minutes ago A database of thousands of credit cards was left exposed on the open internet

ZDNet View Synopsis+1
The data was exposed for at least six months -- likely longer.

47 minutes ago Microsoft Turns Off Wi-Fi Sense After Risk Revealed

InfoRiskToday View Synopsis+1
Researcher Demonstrates a Dangerous Attack ScenarioRemember Microsoft's Wi-Fi Sense? A security researcher has discovered how the beleaguered feature in Windows 10 could force an unsuspecting user to automatically connect to a rogue access point.

1 hour ago How Blockchain Startups Will Solve The Identity Crisis For The Internet Of Things

Forbes View Synopsis+1
The future will be powered by a set of objects connected through a network known as the Internet of Things ("IOT"). However, just as data security protects humans from identity theft, the same will be required within IOT. I spoke with two startups to learn how blockchain will solve these issues.

2 hours ago The Effects that Augmented Reality Will Have on Healthcare

IT Toolbox Blogs View Synopsis+1
Augmented reality is the future, and it will impact many areas of health care.

2 hours ago Software Snake Oil Leads To Tech Support Scams

Forbes View Synopsis+1
Apps that claim to boost the performance of sluggish PCs have been around for years. Today, some are being used to push tech support scams.

2 hours ago ?Facebook: We're adding information warfare to our fight against malware, fraud

ZDNet View Synopsis+1
Facebook's security team doesn't disagree with the US Director of National Intelligence's conclusion that Russia tried to sway the US Presidential election.

3 hours ago Google tightens noose on HTTP: Chrome to stick 'Not secure' on pages with search fields

ZDNet View Synopsis+1
In October, Google will begin phase two of its plan to label all HTTP pages as non-secure.

4 hours ago How Politics Shape IT Scenes in Different Countries

IT Toolbox Blogs View Synopsis+1
We have witnessed a number of political decisions being made around the world these last twelve months and all of them will influence IT communities in those countries. This article provides an overview of these decisions and the expected effects.

4 hours ago Critical Flaw in GE Protection Relays Exposes Power Grid: Researchers

SecurityWeek View Synopsis+1

A critical vulnerability that affects some of GE's protection relays poses a serious threat to the power grid, researchers have claimed. The vendor has started releasing patches for the security hole.

5 hours ago Stellar MBOX to PST Converter - Product Review

IT Toolbox Blogs View Synopsis+1
Review of MBOX to PST converter software by email expert

6 hours ago Rethinking Cybersecurity: Lessons from Russian Hacks

InfoRiskToday View Synopsis+1
The ISMG Security Report leads with an analysis of how tactics used by Kremlin-tied actors to hack political groups in France, Germany and the U.S. to influence foreign elections could be employed to damage the reputation of businesses.

7 hours ago Last year's ICO fines would be 79 times higher under GDPR

The Register View Synopsis+1
TalkTalk's £400,000 penalty was big - how about £59 MILLION?

Fines from the Information Commissioner's Office (ICO) against Brit companies last year would have been £69m rather than £880,500 if the pending General Data Protection Regulation (GDPR) had been applied, according to analysis by NCC Group.…

8 hours ago Kali Linux can now use cloud GPUs for password-cracking

The Register View Synopsis+1
Kali's a favourite for white hats, but that doesn't stop black hats guys from using it too

Think passwords, people. Think long, complex passwords. Not because a breach dump's landed, but because the security-probing-oriented Kali Linux just got better at cracking passwords.…

9 hours ago FIN7 Hackers Change Phishing Techniques

SecurityWeek View Synopsis+1

A recently uncovered threat group referred to as FIN7 has adopted new phishing techniques and is now using hidden shortcut files (LNK files) to compromise targets, FireEye security researchers reveal.