SANS NewsBites

Syndicate content SANS NewsBites
All Stories From Vol: 16 - Issue: 30
Updated: 4 days 5 hours ago

Heartbleed Affects More Than Websites (April 10, 2014)

Fri, 2014-04-11 15:00

The Heartbleed vulnerability affects client side OpenSSL installations as well.......

Categories: security

Report Says Most UK Police Forces Not Equipped to Handle Cyber Crime (April 10, 2014)

Fri, 2014-04-11 15:00

According to a report from Her Majesty's Inspectorate of Constabulary (HMIC), just three of 43 police forces in England and Wales "have developed comprehensive cyber crime strategies.......

Categories: security

Threat Info Sharing Does Not Violate Antitrust Laws (April 10, 2014)

Fri, 2014-04-11 15:00

The US Justice Department (DOJ) and the Federal Trade Commission (FTC) have issued a joint policy statement clarifying that companies are allowed to share cyber threat information with each other without violating antitrust laws.......

Categories: security

Health Sector Cyber Security Drill (April 10, 2014)

Fri, 2014-04-11 15:00

On April 1, the US Department of Health and Human Services (HHS) conducted a cyber security drill for 13 participating companies in the healthcare sector.......

Categories: security

Google Android Update Will Improve App Security (April 10, 2014)

Fri, 2014-04-11 15:00

Google's Android team will release an upgrade that includes a feature to constantly monitor devices to ensure that apps are secure, even after they have been installed.......

Categories: security

BlackBerry OS 10 Update (April 9 & 10, 2014)

Fri, 2014-04-11 15:00

BlackBerry has issued a security update for BlackBerry 10 to address a remote code execution vulnerability.......

Categories: security

Second Univ. of Maryland Intrusion the Work of Frustrated Software Engineer (April 9 & 10, 2014)

Fri, 2014-04-11 15:00

The most recent cyber intrusion at the University of Maryland was the work of a software engineer who knew about the flaw that was later exploited in the earlier, larger intrusion.......

Categories: security

In-Flight Wi-Fi Provider Gogo Goes Above and Beyond CALEA (April 9 & 10, 2014)

Fri, 2014-04-11 15:00

In-flight wi-fi provider Gogo apparently exceeds baseline requirements regarding sharing user data with the US law enforcement.......

Categories: security

Man Involved in Carder Forum Pleads Guilty to Racketeering Charges (April 9 &10, 2014)

Fri, 2014-04-11 15:00

Cameron Harrison has pleaded guilty to federal racketeering charges for his role in a payment card fraud scheme.......

Categories: security

DelTek Breach Exposes 80,000 Contractor Employees' Data (April 9, 2014)

Fri, 2014-04-11 15:00

A breach of the GovWin IQ system at Deltek compromised the sensitive information of 80,000 federal contractor employees.......

Categories: security

Orbit Open Ad Server Fixes SQL Injection Vulnerability (April 9, 2014)

Fri, 2014-04-11 15:00

Orbit Open Ad Server has fixed an SQL injection vulnerability that placed website visitors in danger of having their data stolen.......

Categories: security

Microsoft and Adobe Release Security Updates (April 8 & 9, 2014)

Fri, 2014-04-11 15:00

On Tuesday, April 8, Microsoft released four security bulletins to address a total of 11 flaws in Windows, Internet Explorer (IE), Microsoft Office, and Microsoft Publisher.......

Categories: security

Judge Denies Wyndham Motion to Dismiss FTC Suit (April 8, 2014)

Fri, 2014-04-11 15:00

A US District Court judge has dismissed Wyndham Hotels request to dismiss an FTC lawsuit, supporting the Federal Trade Commission's (FTC's) authority to sue companies that do not adequately protect customer data.......

Categories: security

GAO Report Says Government Agency Incident Response is Inconsistent, Ineffective (April 3 & 7, 2014)

Tue, 2014-04-08 15:00

A forthcoming report from the US Government Accountability Office (GAO) says that in most cases, government agencies have not responded to cyber incidents in effective ways.......

Categories: security

DHS Preparing to Revamp its Security Operations Center (April 4, 2014)

Tue, 2014-04-08 15:00

The US Department of Homeland Security (DHS) is getting ready to overhaul its security operations center (SOC).......

Categories: security

HHS OIG Report Describes Serious Security Issues at State Medicaid Agencies (April 7, 2014)

Tue, 2014-04-08 15:00

A report from the US Department of Health and Human Services (HHS) Office of Inspector general (OIG) itemizes high-risk security issues that affect 10 state Medicaid agencies.......

Categories: security

EU Data Retention Directive Ruled Invalid (April 8, 2014)

Tue, 2014-04-08 15:00

Major breaking news in Europe today is the European Court of Justice ruling the EU Data Retention Directive from 2006 is "invalid".......

Categories: security

Some Governments Paying for Extended Custom Windows XP Support (April 7, 2014)

Tue, 2014-04-08 15:00

After Tuesday, April 8, Microsoft will no longer offer security updates for Windows XP.......

Categories: security

Heartbleed Vulnerability in OpenSSL Cryptographic Library (April 7 & 8, 2014)

Tue, 2014-04-08 15:00

A newly detected vulnerability in the OpenSSL cryptographic library can be exploited to reveal contents of secured messages as well as primary and secondary SSL keys.......

Categories: security

Booz Allen Hamilton CIO Reports to CISO (April 7, 2014)

Tue, 2014-04-08 15:00

At Booz Allen Hamilton, the chief information officer (CIO) reports to the chief information security officer (CISO).......

Categories: security