security

Target Reaches Settlement With MasterCard Over Breach (April 15 & 16, 2015)

SANS NewsBites - Fri, 2015-04-17 17:51

Target has agreed to pay MasterCard US $19 million.......

Categories: security

Advanced Persistent Threat (APT) Wars (April 14 & 15s, 2015)

SANS NewsBites - Fri, 2015-04-17 17:51

While investigating the operations of the Naikon advanced persistent threat (APT) group, researchers at Kaspersky discovered that one of the groups phishing emails had been sent to an email address belonging to another APT group.......

Categories: security

Millions of Health Records Compromised Over Past Four Years (April 15, 2015)

SANS NewsBites - Fri, 2015-04-17 17:51

A study published in the Journal of the American Medical Association (JAMA) says that between 2010 and 2013, data breaches compromised more than 29 million health records.......

Categories: security

Veterans Affairs Contractors Violated Security Practices (April 15, 2015)

SANS NewsBites - Fri, 2015-04-17 17:51

According to a report from the VA Assistant Inspector for Investigations, contractors working for the Department of Veterans Affairs used their personal laptops to access the agency's network while they were abroad in China and India.......

Categories: security

Friday Squid Blogging: Squid Hoodie

Schneier on Security - Fri, 2015-04-17 17:31
This is neat. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....
Categories: security

The No-Fly List and Due Process

Schneier on Security - Fri, 2015-04-17 07:54
The Congressional Research Service has released a report on the no-fly list and current litigation that it violates due process....
Categories: security

Security pros name their must-have tools

LinuxSecurity.com - Fri, 2015-04-17 05:15
LinuxSecurity.com: Secure file sharing is imperative for Lawyers Without Borders, a group that works with volunteer lawyers to advance human rights law in conflict-ridden regions. The nonprofit organization, headquartered in Hartford, Conn., uses Intralinks VIA to protect confidential legal documents and court papers from unsanctioned access.
Categories: linux, news, security

WikiLeaks releases entire trove of Sony Hack including confidential emails

LinuxSecurity.com - Fri, 2015-04-17 04:51
LinuxSecurity.com: Wikileaks has just now released the entire trove from the Sony hack. According to a press release on WikiLeaks, the entire archive which contains 30,287 documents from Sony Pictures Entertainment (SPE) and 173,132 emails, to and from more than 2,200 SPE email addresses has been leaked because "This archive shows the inner workings of an influential multinational corporation.
Categories: linux, news, security

Setting Security Professionals Up For Success

LinuxSecurity.com - Fri, 2015-04-17 04:49
LinuxSecurity.com: People, process, and technology are all integral to a successful infosec program. What's too often missing involves the concept of workflow.
Categories: linux, news, security

Red Hat: 2015:0854-01: java-1.8.0-oracle: Critical Advisory

LinuxSecurity.com - Fri, 2015-04-17 03:28
LinuxSecurity.com: Updated java-1.8.0-oracle packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Critical security [More...]
Categories: linux, news, security

Fedora 22 qt5-qtwebkit-5.4.1-4.fc22

LinuxSecurity.com - Thu, 2015-04-16 18:31
LinuxSecurity.com: QtWebKit logs visited URLs to WebpageIcons.db in private browsing mode.
Categories: linux, news, security

Fedora 22 firefox-37.0.1-1.fc22

LinuxSecurity.com - Thu, 2015-04-16 18:30
LinuxSecurity.com: New upstream version - 37.0.1
Categories: linux, news, security

Fedora 22 libzip-0.11.2-5.fc22

LinuxSecurity.com - Thu, 2015-04-16 18:30
LinuxSecurity.com: CVE-2015-2331: integer overflow when processing ZIP archives (#1204676,#1204677)
Categories: linux, news, security

Red Hat: 2015:0844-01: openstack-nova: Important Advisory

LinuxSecurity.com - Thu, 2015-04-16 11:42
LinuxSecurity.com: Updated OpenStack Compute (nova) packages that fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 6. [More...]
Categories: linux, news, security

Red Hat: 2015:0843-01: openstack-nova: Important Advisory

LinuxSecurity.com - Thu, 2015-04-16 11:41
LinuxSecurity.com: Updated OpenStack Compute (nova) packages that fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. [More...]
Categories: linux, news, security

How Many Vulnerabilities Are there in Software?

Schneier on Security - Thu, 2015-04-16 07:27
Dan Geer proposes some techniques for answering this question....
Categories: security

Chrome starts pushing Java off the Web by disabling plugins

LinuxSecurity.com - Thu, 2015-04-16 05:21
LinuxSecurity.com: Chrome 42, released to the stable channel today, will take a big step toward pushing old browser plugins, including Java and Silverlight, off the Web. Those plugins use a 1990s-era API called NPAPI ("Netscape Plugin API") to extend the browser, and with Chrome 42, that API is now off by default.
Categories: linux, news, security

To Secure Modern Networks: Close The Visibility Gap

LinuxSecurity.com - Thu, 2015-04-16 05:18
LinuxSecurity.com: Modern networks now go beyond traditional walls to include data centers, endpoints, virtual, mobile and the cloud. These extended networks and their components constantly evolve and span new attack vectors including: mobile devices, web- enabled and mobile applications, hypervisors, social media, web browsers, home computers, and even vehicles.
Categories: linux, news, security

APT group hacks cyber-spy gang in spy-on-spy pwnage

LinuxSecurity.com - Thu, 2015-04-16 05:16
LinuxSecurity.com: Cyber-spy groups, whose numbers are growing with little constraint, have begun hacking each other. Hellsing, a small and technically unremarkable cyber-espionage group, was subjected to a spear-phishing attack by another threat actor last year, before deciding to strike back with its own malware-infected emails.
Categories: linux, news, security

Debian: 3228-1: ppp: Summary

LinuxSecurity.com - Thu, 2015-04-16 03:01
LinuxSecurity.com: Security Report Summary
Categories: linux, news, security

Pages