SANS NewsBites

Syndicate content SANS NewsBites
All Stories From Vol: 16 - Issue: 73
Updated: 3 days 51 min ago

Mozilla Retires 1,024-bit Certificates; 100,000+ Websites Now "Untrusted" (September 8, 2014)

Wed, 2014-09-10 17:00

Because Mozilla allowed its 1,024-bit certificates to expire, more than 100,000 websites are now considered untrusted by that company's browsers.......

Categories: security

New Zealand ISP Outage Blamed on Poorly-Configured Modems and DDoS (September 7, 2014)

Wed, 2014-09-10 17:00

New Zealand Internet service provider (ISP) Spark says that service outages over the weekend were the result of poorly-configured home modems that had been hijacked.......

Categories: security

Windows Cyber Espionage Malware Ported to Mac (September 5, 2014)

Wed, 2014-09-10 17:00

A variant of backdoor malware used to infect systems with advanced persistent threats (APTs) on Windows systems has now been found targeting Mac systems.......

Categories: security

NIST Seeks to Determine Awareness and Effectiveness of Cyber Security Framework (August 26 & September 8, 2014)

Wed, 2014-09-10 17:00

The National Institute of Standards and Technology (NIST) has released a request for information (RFI) regarding the level of awareness about the cyber security framework among companies that operate elements of the country's critical infrastructure, NIST also wants to know what effect the framework is having on their security postures.......

Categories: security

Intruder Installs Malware on HealthCare.gov Server (September 4, 2014)

Sat, 2014-09-06 21:00

Malware installed on a HealthCare.......

Categories: security

Home Depot Investigating Reports of Payment Card Data Breach (September 2, 2014)

Sat, 2014-09-06 21:00

Home improvement retailer Home Depot has confirmed that it is working with its "banking partners and law enforcement to investigate" reports of a data breach.......

Categories: security

Goodwill Acknowledges Customer Payment Card Data Compromised (September 4, 2014)

Sat, 2014-09-06 21:00

Goodwill Industries International has disclosed that an attack on a third-party payment card processing vendor's system compromised Goodwill customer payment card data.......

Categories: security

Second Healthcare Sector Cyber Security Exercise Scheduled to Start in October (September 4, 2014)

Sat, 2014-09-06 21:00

According to a press release from the Health Information Trust Alliance (HITRUST), the second cyber security exercise for the healthcare sector, CyberRX 2.......

Categories: security

Microsoft Will Issue Four Security Bulletins on September 9 (September 4, 2014)

Sat, 2014-09-06 21:00

According to Microsoft, the company will issue four bulletins on Tuesday, September 9, to address vulnerabilities in Windows, Internet Explorer (IE), Microsoft .......

Categories: security

NATO to Ratify Policy Adding Serious Cyber Attacks to Invoke Collective Defense Clause (August 31 & September 3, 2014)

Sat, 2014-09-06 21:00

NATO (North Atlantic Treaty Organization) is close to ratifying a policy that would see all members responding to a cyber attack on any one member.......

Categories: security

Software Piracy Arrests (September 3, 2014)

Sat, 2014-09-06 21:00

Police in London, UK have arrested two people in connection with a software piracy ring.......

Categories: security

Verizon Fined for Customer Privacy Violations (September 3, 2014)

Sat, 2014-09-06 21:00

Verizon has agreed to pay US $7.......

Categories: security

Firefox 32 Includes Public Key Pinning to Enhance SSL Security (September 3, 2014)

Sat, 2014-09-06 21:00

Mozilla has released the stable version of Firefox 32.......

Categories: security

Apple Says iCloud Accounts Were Breached in Targeted Attack (September 2, 2014)

Sat, 2014-09-06 21:00

Apple has acknowledged that several celebrities' iCloud accounts were compromised, but the company said it was done by guessing or stealing login credentials rather than breaching Apple's iCloud security.......

Categories: security

Europol's Cyber Crime Task Force (September 1, 2014)

Sat, 2014-09-06 21:00

Europol has launched the Joint Cybercrime Action Taskforce (J-CAT), which will work to coordinate international investigations in the fight against cyber crime.......

Categories: security

Apple Patches Flaw in Find My iPhone (September 1 & 2, 2014)

Thu, 2014-09-04 19:00

Apple has fixed a vulnerability in its Find My iPhone service that was reportedly exploited to steal personal photos of celebrities from iCloud accounts.......

Categories: security

Watering Hole Attack Targets Industrial Software Company Website Visitors (September 1, 2014)

Thu, 2014-09-04 19:00

A watering hole attack on the website of an unnamed industrial software company used reconnaissance malware to gather information about site visitors, possibly for use in future attacks.......

Categories: security

Phishing Attack Targets Norwegian Oil and Gas Industry (August 27 & 31, 2014)

Thu, 2014-09-04 19:00

Norway's oil and gas industry has been targeted in a coordinated attack that has targeted computers at as many as 300 companies in that industry there.......

Categories: security

Mozilla Stepping Up Security in Wake of Two Data Exposure Incidents (August 30, 2014)

Thu, 2014-09-04 19:00

Following a pair of incidents earlier this year that exposed the personal data of people who use the Mozilla Developer Network and the Bugzilla testing system data, Mozilla is taking steps to ensure that the data are more secure.......

Categories: security

College Professor Clarifies Medical Center Data Exposure Story (August 29, 2014)

Thu, 2014-09-04 19:00

A City College San Francisco professor who was described in reports as having demonstrated to a class how to break into a medical center's server has clarified his actions.......

Categories: security