SANS NewsBites

Syndicate content SANS NewsBites
All Stories From Vol: 16 - Issue: 60
Updated: 2 hours 53 min ago

Russian Government Seeking Technology to Break Tor Anonymity (July 25 & 28, 2014)

2 hours 53 min ago

The Russian government is offering a 3.......

Categories: security

Court Fines Phony Antivirus Purveyors US $5.1 Million (July 28, 2014)

2 hours 53 min ago

A federal court in New York has issued default judgments against 14 companies for selling phony antivirus products.......

Categories: security

Dept. of Commerce IG Report Finds "Significant" Security Issues at NOAA (July 28, 2014)

2 hours 53 min ago

According to a report from the US Department of Commerce's office of inspector general, satellite data were stolen from a National Oceanic and Atmospheric Administration (NOAA) contractor's personal computer last year, but there has not been an investigation because the employee refused to allow NOAA to conduct a forensic investigation on the laptop.......

Categories: security

Attackers Exploiting Flaws in Elasticsearch to Use Amazon's Cloud Service for DDoS Attacks (July 28, 2014)

2 hours 53 min ago

Attackers have discovered a way to use Amazon cloud services to launch distributed denial-of-service (DDoS) attacks on other websites by exploiting flaws in Elasticsearch, an open-source analytics application.......

Categories: security

Siemens Releases Updates to Fix Flaws in Two SIMATIC Builds (July 25, 2014)

2 hours 53 min ago

Siemens has released security updates for two SIMATIC builds to address five vulnerabilities, four of which can be exploited remotely.......

Categories: security

Apple iOS Diagnostics Tool Could be Exploited to Access Personal Data (July 25, 2014)

2 hours 53 min ago

Diagnostic services built into Apple's iOS mobile operating system could be used to access personal data in iPhones.......

Categories: security

Cloud Services Can Impede Forensic Investigations (July 24, 2014)

2 hours 53 min ago

As governments have moved to cloud services, they have saved money and improved efficiency, but the technology holds some challenges to forensic investigations.......

Categories: security

Pentagon's Cyber Warfare Lexicon (July 23, 2014)

2 hours 53 min ago

The Cyber Warfare Lexicon, published by the US Strategic Command in 2009, defines terms normally used to describe physical combat in ways that make sense in the context of cyber warfare.......

Categories: security

Company Informs Customers of Breach Three Years After the Fact (July 19, 2014)

2 hours 53 min ago

Australian daily bargain website Catch of the Day recently revealed that it suffered a security breach in 2011.......

Categories: security

European Central Bank Breach (July 24, 2014)

Fri, 2014-07-25 15:00

An attacker broke into the network of the European Central Bank (ECB) and took personal information belonging to people who had registered for conferences and visits, which was held for ransom.......

Categories: security

Six Charged in Connection with StubHub Fraud (July 23 & 24, 2014)

Fri, 2014-07-25 15:00

US authorities have charged six people in connection with a fraud scheme that targeted eBay's StubHub ticket reselling service.......

Categories: security

Is the Internet of Things Getting Too Big? (July 24, 2014)

Fri, 2014-07-25 15:00

US presidential policy advisers are concerned that the Internet of Things is simply too large.......

Categories: security

Wisconsin Supreme Court Allows Stingray Use in Murder Case (July 24, 2014)

Fri, 2014-07-25 15:00

In a narrow decision, the Supreme Court of Wisconsin upheld a lower court decision permitting the warrantless use of devices known as stingrays, which can track cell phone locations.......

Categories: security

UK Travel Agency Fined for Violating Data Protection Act (July 24, 2014)

Fri, 2014-07-25 15:00

The UK Information Commissioner's Office (ICO) has fined a travel company GBP 150,000 (US $255,000) for failing to adequately protect customer data.......

Categories: security

WordPress MailPoet Plug-in Flaw is Being Actively Exploited (July 23 & 24, 2014)

Fri, 2014-07-25 15:00

Attackers have been exploiting a known vulnerability in a WordPress plug-in to compromise websites.......

Categories: security

Mozilla Releases Firefox 31 (July 24, 2014)

Fri, 2014-07-25 15:00

Mozilla has released an update for Firefox to version 31.......

Categories: security

Microsoft to "Unify" Windows Development (July 23, 2014)

Fri, 2014-07-25 15:00

Microsoft CEO Satya Nadella says the company is working on unifying portions of different Windows operating systems.......

Categories: security

Wall Street Journal Acknowledges Breach (July 23, 2014)

Fri, 2014-07-25 15:00

The Wall Street Journal has acknowledged that someone was able to access at least one of the newspaper's databases by exploiting a vulnerability in a web-based graphics system using an SDQL injection attack.......

Categories: security

Swiss Bank Accounts Targeted in DNS and Malware Attacks (July 22 & 23, 2014)

Fri, 2014-07-25 15:00

Attackers have been targeting Swiss bank accounts by intercepting SMS tokens and changing domain name system (DNS) settings.......

Categories: security

US-CERT Warns of Flaw in Huawei Routers (July 22, 2014)

Fri, 2014-07-25 15:00

According to a warning from the US Computer Emergency Response Team (US-CERT), a vulnerability in the Huawei E355 wireless broadband modem could be exploited to launch cross-site scripting attacks.......

Categories: security