SANS NewsBites

Subscribe to SANS NewsBites feed SANS NewsBites
All Stories From Vol: 17 - Issue: 51
Updated: 14 hours 44 min ago

Encryption is Often Implemented Incorrectly (June 26, 2015)

Tue, 2015-06-30 16:39

According to a report from Veracode, many software developers are not implementing encryption correctly.......

Categories: security

Ransomware Exploits Flash Flaw (June 29, 2015)

Tue, 2015-06-30 16:39

Ransomware known as CryptoWall is being used in attacks that exploit a flaw in Adobe Flash Player for which Adobe issued a patch just last week.......

Categories: security

OPM System Taken Offline (June 29, 2015)

Tue, 2015-06-30 16:39

The Office of Personnel Management has taken its Electronic Questionnaires for Investigations Processing (e-QIP) system offline temporarily.......

Categories: security

App Secretly Mined Cryptocurrencies (June 29, 2015)

Tue, 2015-06-30 16:39

The Federal Trade Commission has settled a case against a man who created an app that secretly mines for Dogecoin and other less-well-known cryptocurrencies in the background.......

Categories: security

Malwarebytes Will Trade Pirated License Keys for Legitimate Ones (June 29, 2015)

Tue, 2015-06-30 16:39

People who are using counterfeit versions of Malwarebytes antivirus license keys can trade them for legitimate keys that will remain valid for one year.......

Categories: security

Two Plead Guilty to Charges Related to Intrusions at State Department (June 26 & 29, 2015)

Tue, 2015-06-30 16:39

Two men have pleaded guilty to breaking into computer systems at the US State Department.......

Categories: security

Magento Vulnerability is Being Exploited (June 26 & 29, 2015)

Tue, 2015-06-30 16:39

Data thieves are exploiting a vulnerability in Magento, eBay's ecommerce platform, to steal customer billing information.......

Categories: security

Ikea Addressed Shellshock Efficiently (June 28, 2015)

Tue, 2015-06-30 16:39

Swedish furniture and housewares retailer Ikea managed to remove the Shellshock vulnerability from its systems in less than three hours.......

Categories: security

Documents Show US's Zero Day Exploit Policy Dates to 2010 (June 26, 2015)

Tue, 2015-06-30 16:39

Newly released documents show that the US government's policy regarding the use of zero-day vulnerabilities was established in February 2010, about five months before Stuxnet was discovered.......

Categories: security

Findikoglu Extradited to US, Pleads Not Guilty (June 24, 25, & 27, 2015)

Tue, 2015-06-30 16:39

The US Secret Service has extradited Ercan Findikoglu to face charges that include conspiracy to commit computer intrusion.......

Categories: security

OPM: Systems Lacked Logs (June 25, 2015)

Sun, 2015-06-28 12:58

Investigators say it is difficult to assess the breadth and depth of the attack on OPM's systems and those of its contractors because the agency and the contractors lacked adequate computer logs.......

Categories: security

OPM: Security Measures Improperly Managed (June 24, 2015)

Sun, 2015-06-28 12:58

According to the Office of Personnel Management's (OPM's) inspector general, steps the agency was taking to improve the security of its computer systems actually put the systems at greater risk.......

Categories: security

Cisco Issues Fix for Hardcoded SSH Key Issue (June 25 & 26, 2015)

Sun, 2015-06-28 12:58

Cisco has pushed out a fix for several security appliances that shipped with hard-coded SSH keys.......

Categories: security

Samsung Disables Microsoft Update (June 24 & 25, 2015)

Sun, 2015-06-28 12:58

Microsoft has issued a statement "condemning" Samsung's decision to download software that keeps Windows Update from updating in the background on Samsung devices.......

Categories: security

BlackShades Purveyor Sentenced to Prison (June 23 & 25, 2015)

Sun, 2015-06-28 12:58

Alex Yucel has been sentenced to 57 months in US prison for selling the BlackShades remote access Trojan (RAT).......

Categories: security

Call Center Customer Data Breached (June 25, 2015)

Sun, 2015-06-28 12:58

A computer tech support call center, Advanced Tech Support, has acknowledged that customer data have been misused.......

Categories: security

Google Removes Eavesdropping Extension from Chromium (June 24 & 25, 2015)

Sun, 2015-06-28 12:58

Google has removed an extension from its Chromium open source browser that allowed it to continuously listen to the computer's microphone.......

Categories: security

Dyre an Emerging Threat (June 24 & 25, 2015)

Sun, 2015-06-28 12:58

According to a report from Symantec, criminals are using Dyre malware to target users of more than 1,000 banks.......

Categories: security

New Zealand Aircraft Grounded for Two Hours Due to Radar System Outage (June 24, 2015)

Sun, 2015-06-28 12:58

All aircraft in New Zealand were grounded for two hours on Tuesday, June 23 after a radar system failed.......

Categories: security

Emergency Patch for Adobe Flash (June 23 & 24, 2015)

Sun, 2015-06-28 12:58

Adobe has released an emergency fix for a critical flaw in its Flash Player browser plugin that is being actively exploited in "limited, targeted attacks.......

Categories: security

Pages