SANS NewsBites

Syndicate content SANS NewsBites
All Stories From Vol: 16 - Issue: 84
Updated: 7 hours 53 min ago

Sandworm (October 13, 2014)

Fri, 2014-10-17 17:00

A malware attack/espionage attack known as Sandworm targeted systems belonging to the North Atlantic Treaty Organization (NATO), government agencies in Poland and Ukraine, and several European industries over the past five years.......

Categories: security

Mozilla Updates Firefox to Version 33 (October 14, 2014)

Fri, 2014-10-17 17:00

The newest version of Mozilla's Firefox browser, Firefox 33, addresses eight security issues.......

Categories: security

FBI Warns US Companies of Cyber Attacks Linked to China (October 15 & 16, 2014)

Fri, 2014-10-17 17:00

The FBI has issued a private warning to US organizations about cyber attacks being launched by groups with links to the Chinese government.......

Categories: security

Dropbox Says Account Credentials Taken from Other Services (October 13, 2014)

Wed, 2014-10-15 15:00

Several Pastebin posts claim to contain hundreds of sets of login credentials for Dropbox.......

Categories: security

US Manufacturing Company Under Attack for Months (October 10, 2014)

Wed, 2014-10-15 15:00

In a quarterly newsletter, the US Department of Homeland Security (DHS) Industrial Control Systems Cyber Emergency Response Team disclosed that a US manufacturing company experienced a cyber attack that lasted several months.......

Categories: security

White House Considering Options for Cyber Security Legislation (October 9, 2014)

Wed, 2014-10-15 15:00

White House Cybersecurity Coordinator Michael Daniel says that instead of trying to push a single, comprehensive cyber security bill through the legislature, the administration will instead focus on supporting a series of smaller bills that will address the necessary issues.......

Categories: security

Vulnerable Code in CyanogenMod Android Build (October 13, 2014)

Wed, 2014-10-15 15:00

Android users running the CyanogenMod build may find their devices vulnerable to man-in-the-middle (MitM) attacks.......

Categories: security

Kmart Discloses Breach (October 13, 2014)

Wed, 2014-10-15 15:00

Kmart has acknowledged that customers' payment card data were compromised in a breach that affected cash registers at 1,200 stores.......

Categories: security

Dairy Queen Acknowledges Breach (October 10, 2014)

Wed, 2014-10-15 15:00

Dairy Queen has disclosed that a data security breach affected nearly 400 of its stores across the US.......

Categories: security

Oracle to Address 150+ Vulnerabilities (October 12 & 13, 2014)

Wed, 2014-10-15 15:00

This month, Oracle's quarterly security updates will coincide with Microsoft's and Adobe's monthly fixes.......

Categories: security

Judge Dismisses Ulbricht's Motion to Suppress Evidence (October 10 & 12, 2014)

Wed, 2014-10-15 15:00

US District Judge Katherine Forrest has dismissed a defense motion to suppress evidence against Silk Road defendant Ross Ulbricht.......

Categories: security

Malicious Android App Steals Data (October 10, 2014)

Wed, 2014-10-15 15:00

An Android app that appears to be a simple game is actually malware capable of recording audio with infected devices, as well as stealing messages and device data, gaining root privileges.......

Categories: security

HP Will Revoke Certificate Inadvertently Used to Sign Malware (October 9 & 10, 2014)

Wed, 2014-10-15 15:00

On October 21, HP will revoke a digital certificate that was found to have been used to sign malware.......

Categories: security

Locked Shields Cyber War Simulation (October 10, 2014)

Wed, 2014-10-15 15:00

The Locked Shields cyber war simulation is "a technical cyber defense exercise" that ran from May 20-24, 2014, that drew nearly 300 participants from 17 countries.......

Categories: security

Government Says Accessing Foreign Servers Without a Warrant is Legal (October 7 & 8, 2014)

Sun, 2014-10-12 17:00

The US Justice Department maintains that the government can break into servers outside the country without a warrant.......

Categories: security

Bruce Schneier, CTO of Incident Response Startup, Says Incident Response is Failing In All Areas (October 9, 2014)

Sun, 2014-10-12 17:00

In a keynote speech at the IP Expo conference in London, Bruce Schneier said that while preventing and detecting attacks is necessary, organizations need to pay more attention to incident response, because attacks are inevitable, and the ability to recover quickly is essential to an organization's integrity.......

Categories: security

UK Police Say Some Smartphones Have Been Remotely Wiped After Seizure (October 9, 2014)

Sun, 2014-10-12 17:00

Police in the UK have reported that several mobile phones in their possession as evidence have been remotely wiped.......

Categories: security

Microsoft Will Release Nine Security Bulletins on October 14 (October 9, 2014)

Sun, 2014-10-12 17:00

On Tuesday, October 14, Microsoft plans to release nine security bulletins to address issues in Internet Explorer (IE), Windows, SharePoint Server, and Web app development tools/kit.......

Categories: security

MBIA Acknowledges Customer Data Compromised (October 7, 8, & 9, 2014)

Sun, 2014-10-12 17:00

US bond insurer MBIA has acknowledged that a misconfigured server was exposing customers' personal information, including account numbers and balances.......

Categories: security

Whistleblower Alleges Northrup Grumman Falsified GPS Tests (October 8, 2014)

Sun, 2014-10-12 17:00

A Northrup Grumman employee has accused the military contractor of falsifying tests of its LN-100 Inertial Navigation System/Global Positioning System (INS/GPS), which is used in the company's aircraft, missiles, and submarines.......

Categories: security