Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Information Security News - SANS Internet Storm Center Information Security News


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Popular News

1 day ago Shocking Security Discovery!

IT Toolbox Blogs View Synopsis+1

At work, I've just received a course in application security for Product Managers.  It's not something I've really focused on before to this extent.  As a result, I've learned a lot, and I now better understand why companies have departments and senior leaders who focus on this topic.

 

My takeaway is twofold:

Being secure is a lot of work.  The

21 hours ago Smart burglars will ride the surf of inter-connected hackability

The Register View Synopsis+1
Let's invent a dustbin that throws itself away

Something for the Weekend, Sir? What the world needs now is an intelligent dustbin. It would be the pinnacle of achievement for the Internet of Things sector.

19 hours ago Virgin Media tells 800,000 customers to change passwords after routers found vulnerable to hackers

ZDNet View Synopsis+1
Ethical hackers carried out research on the Super Hub 2 router and found it could be used to take control of Internet of Things devices.

23 hours ago WikiLeaks Details CIA's Air-Gapped Network Hacking Tool

SecurityWeek View Synopsis+1

WikiLeaks published several documents on Thursday detailing a tool allegedly used by the U.S. Central Intelligence Agency (CIA) to hack air-gapped networks through USB drives.

22 hours ago Get your facts straight!

IT Toolbox Blogs View Synopsis+1

As you probably know I write programs for a living. More specifically I write programs which interact and control different devices. These varied devices are often controlled by their own firmware.

 

Firmware is just another name for a program which has been installed on the device to control it and is not changeable by the normal user. Just about, all actually, smart electronic

Top News

6 hours ago Anthem to shell out $115m in largest-ever data theft settlement

The Register View Synopsis+1
Good day to be an attorney, or a Maserati salesman

Health insurer Anthem has today agreed to pay $115m to settle a class-action suit brought on by its 2015 cyber-theft of 78.8 million records.

6 hours ago Finally, The Perfect Dating App For Superfans, Stalkers, And Serial Killers

Forbes View Synopsis+1
Technology has long been driving the way we date, but with both innovation and relationships, it's vitally important to know when it's time to hit the brakes.

5 hours ago CIA Knew in August that Putin Sought to Boost Trump: Report

SecurityWeek View Synopsis+1

The CIA had top-level intelligence last August that Russian President Vladimir Putin personally ordered an operation to help Donald Trump win the US presidential race, the Washington Post reported Friday.

The intelligence shocked the White House and put US security chiefs on a top-secret crisis footing to figure out how to react.

21 hours ago The Return of the Luddite: Securing Critical Systems

InfoRiskToday View Synopsis+1
The latest edition of the ISMG Security Report leads off with a look at why organizations turn to paper when critical systems can't be secured. Also, how to hack air-gapped systems over the internet.

18 hours ago Security firm claims malware infection hit 250 million; Microsoft says it didn't

ArsTechnica View Synopsis+1
Either way, Microsoft assures us that Windows 10 S would have been immune.

17 hours ago Ringless voicemail messaging: Why advocates are speaking out for and against it

TechRepublic View Synopsis+1
In the US, controversy once again erupts between privacy groups and telemarketers. This time it's about ringless voicemail messaging and the ability to put messages onto mobile phones without calling.

Latest News

8 hours ago AES-256 crypto cracked in 50 secs using €200 of kit one metre away

The Register View Synopsis+1
Van Eck phreaking getting surprisingly cheap

Sideband attacks that monitor a computer's electromagnetic output to snaffle passwords are nothing new. They usually require direct access to the target system and a lot of expensive machinery - but no longer.

9 hours ago Microsoft says 'no known ransomware' runs on Windows 10 S -- so we tried to hack it

ZDNet View Synopsis+1
We enlisted a leading security researcher to test if Microsoft's newest, locked-down version of Windows 10 is protected against all "known" kinds of ransomware, as the company claims.

9 hours ago AMD Will Take Server Market Share From Intel With EPYC, It's Just A Matter Of How Much

Forbes View Synopsis+1
How much share AMD will take is the $64,000 question but Intel's lucrative Data Center group is the company's high profit cash cow. If AMD is able to chip off even 10% share it could mean billions in new, high-margin business for the company.

10 hours ago Obama reportedly ordered hacking operation targeting key Russian networks

ArsTechnica View Synopsis+1
Covert program draws on the NSA, CIA, and US Cyber Command.

10 hours ago 32TB of Windows 10 internal builds, core source code leak online

The Register View Synopsis+1
Looking for exploitable bugs has never been easier

Exclusive A massive trove of Microsoft's internal Windows operating system builds and chunks of its core source code have leaked online.

11 hours ago Not Apr 1: Google stops scanning your Gmail to sling targeted ads at you

The Register View Synopsis+1
Given the amount of data it already has on you, why bother?

Google has said it will no longer scan the content of Gmail messages to sell targeted adverts to users of the free service.

5 hours ago Finally, The Perfect App For Superfans, Stalkers, And Serial Killers

Forbes View Synopsis+1
Technology has long been driving the way we date, but with both innovation and relationships, it's vitally important to know when it's time to hit the brakes.

8 hours ago $115 Million Settlement in Massive Anthem Breach Case

InfoRiskToday View Synopsis+1
Largest Data Breach Settlement Ever, Pending Court Approval, Lawyers SayHealth insurer Anthem has agreed to a proposed record $115 million deal to settle a class action lawsuit over the 2015 cyberattack that resulted in data breach affecting nearly 78.9 million individuals. If approved, lawyers say it would be the largest data breach settlement ever.

9 hours ago CISO Thom Langford on Risk and Awareness

InfoRiskToday View Synopsis+1
How to Gauge Your Organization's Risk Appetite and Improve Security TrainingPublicis Groupe CISO Thom Langford discusses how best to measure your organization's true risk appetite, and the business value of blending storytelling techniques into your security awareness programs.

9 hours ago The Weaponization of DDoS

InfoRiskToday View Synopsis+1
Arbor's Darren Anstee on How to Defend Against Powerful DDoS for HireThe Mirai botnet is just the most high-profile example of the new weaponization of DDoS. Attacks are stronger than ever, and multilayer defenses are needed to prevent disruption and distraction, says Darren Anstee of Arbor Networks.

9 hours ago Obama reportedly ordered implants to be deployed in key Russian networks

ArsTechnica View Synopsis+1
Covert program draws on the NSA, CIA, and US Cyber Command.