security

WordPress Disconnects Unpatched Self-Hosted Sites (January 22, 2015)

SANS NewsBites - Sat, 2015-01-24 14:33

WordPress has disconnected self-hosted sites running its content management and blogging platform that have not yet patched the jetpack add-on.......

Categories: security

Guilty Plea in Online Intellectual Property Theft Case (January 20 & 22, 2015)

SANS NewsBites - Sat, 2015-01-24 14:33

A Maryland man has pleaded guilty to conspiracy to commit computer intrusion and criminal copyright infringement for his role in a scheme that infiltrated systems at technology companies and stole intellectual property.......

Categories: security

NSW Auditor Says Traffic Signals Management Networks Lack Sufficient Security (January 21 & 22, 2015)

SANS NewsBites - Sat, 2015-01-24 14:33

According to a report from the Auditor-General of New South Wales, the systems used to manage traffic signals in the Australian state "are not as secure as they should be.......

Categories: security

Adobe Issues Emergency Flash Patch (January 22, 2015)

SANS NewsBites - Sat, 2015-01-24 14:33

Adobe has released an emergency patch for Flash on Thursday, January 22 to address a vulnerability that is being actively exploited (see story below).......

Categories: security

Unpatched Adobe Flash (January 21 & 22, 2015)

SANS NewsBites - Sat, 2015-01-24 14:33

An unpatched flaw in Adobe Flash Player is currently being exploited via compromised websites.......

Categories: security

Oracle Issues Java Updates (January 21, 2015)

SANS NewsBites - Sat, 2015-01-24 14:33

Oracle has released updates for Java that address 19 security issues, including disabling default support for SSL 3.......

Categories: security

Progressive Insurance Device Security Issues (January 20 & 21, 2015)

SANS NewsBites - Sat, 2015-01-24 14:33

A wireless device used by Progressive Insurance to gather information about customers' driving habits lacks adequate security.......

Categories: security

Technology Analyzes ICS Power Consumption to Detect Attacks (January 20, 2015)

SANS NewsBites - Sat, 2015-01-24 14:33

A startup security company that got its start through DARPA funding focuses on detecting anomalies in power consumption to detect attacks against utilities and manufacturing systems.......

Categories: security

GoDaddy Fixes Serious Site Flaw (January 20 & 21, 2015)

SANS NewsBites - Sat, 2015-01-24 14:33

Domain registrar GoDaddy has fixed a vulnerability that could be exploited through a cross-site forgery (CRSF) attack to manipulate domain settings and take control of the sites.......

Categories: security

My Conversation with Edward Snowden

Schneier on Security - Fri, 2015-01-23 17:57
Today, as part of a Harvard computer science symposium, I had a public conversation with Edward Snowden. The topics were largely technical, ranging from cryptography to hacking to surveillance to what to do now. Here's the video. EDITED TO ADD (1/24): News article....
Categories: security

Friday Squid Blogging: Giggling Squid Restaurant

Schneier on Security - Fri, 2015-01-23 17:22
Giggling Squid is a Thai restaurant chain in the UK. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....
Categories: security

When Thinking Machines Break the Law

Schneier on Security - Fri, 2015-01-23 05:55
Last year, two Swiss artists programmed a Random Botnot Shopper, which every week would spend $100 in bitcoin to buy a random item from an anonymous Internet black market...all for an art project on display in Switzerland. It was a clever concept, except there was a problem. Most of the stuff the bot purchased was benign­fake Diesel jeans, a baseball...
Categories: security

UK and US to Conduct Joint Cyber Attack Simulation (January 16 & 19, 2015)

SANS NewsBites - Thu, 2015-01-22 03:27

US and UK Intelligence agencies will collaborate on a simulated cyber attack against financial sector companies.......

Categories: security

US Infiltrated North Korea's Networks in 2010 (January 18 & 19, 2015)

SANS NewsBites - Thu, 2015-01-22 03:27

According to reports in The New York Times and Der Spiegel, US officials' confidence in blaming North Korea for the attacks against Sony Pictures' networks is due to the fact that the NSA infiltrated North Korean computers in November 2010.......

Categories: security

New Documents On China Theft of F-35 Fighter Jet Data (January 19, 2015)

SANS NewsBites - Thu, 2015-01-22 03:27

The BBC reports that Chine stole 50 terabytes of data regarding the US military's F-35 fighter jet.......

Categories: security

Chinese Government Allegedly Responsible for Attack Against Outlook.com (January 19, 2015)

SANS NewsBites - Thu, 2015-01-22 03:27

A company that monitors censorship in China says that the country's government may be responsible for an attack on Microsoft's Outlook email system there.......

Categories: security

Verizon Fixes Data Exposure Vulnerability in My FiOS (January 18 & 19, 2015)

SANS NewsBites - Thu, 2015-01-22 03:27

Verizon has fixed a security flaw in its My FiOS mobile application that exposed inboxes and private messages of as many as five million user accounts.......

Categories: security

Proposed Changes to US Laws Could Have Chilling Effect on Research (January 18, 2015)

SANS NewsBites - Thu, 2015-01-22 03:27

Proposed changes to the US Computer Fraud and Abuse Act (CFAA) and the Racketeering Influenced and Corrupt Organizations (RICO) Act could make the law more open to interpretation and could potentially criminalize certain research activity.......

Categories: security

Google Discloses More Unpatched Windows Flaws (January 16, 2015)

SANS NewsBites - Thu, 2015-01-22 03:27

Google has disclosed two additional vulnerabilities in Windows 90 days after alerting Microsoft to their presence.......

Categories: security

UK Police Make Arrest in Connection with Sony Attacks (January 16, 2015)

SANS NewsBites - Thu, 2015-01-22 03:27

UK police have arrested one person in connection with the December attacks on Sony's PlayStation Network and Microsoft's Xbox Live.......

Categories: security

Pages