SANS NewsBites

Syndicate content SANS NewsBites
All Stories From Vol: 16 - Issue: 58
Updated: 1 day 8 hours ago

UK Information Commissioner's Office Investigated Internal Breach (July 16, 2014)

Fri, 2014-07-18 21:00

The UK Information Commissioner's Office (ICO) has acknowledged an internal data breach, but the agency has not been forthcoming with details about the incident.......

Categories: security

Microsoft Says Active Directory Vulnerability is a Known Limitation (July 15, 2014)

Fri, 2014-07-18 21:00

A vulnerability in Microsoft's Active Directory could be exploited to change users' network passwords.......

Categories: security

Despite Breaches, Most Critical Infrastructure Executives Say Security is Not a Priority (July 11, 2014)

Wed, 2014-07-16 19:00

According to a study that compiles responses from nearly 600 IT and IT security executives around the world, two-thirds of those responding said that their infrastructure had been compromised in the preceding 12 months, but just over a quarter said that security is a top priority.......

Categories: security

US Justice Dept. Charges Chinese Businessman In Connection With Boeing Data Theft (July 11, 12, 13, & 14, 2014)

Wed, 2014-07-16 19:00

The owner of a Chinese aviation company has been charged in connection the theft of data from computer systems at Boeing.......

Categories: security

Suspect in US $14 Million ATM Heist Scheme Agrees to Plea Deal (July 14, 2014)

Wed, 2014-07-16 19:00

A man has pleaded guilty to bank fraud for his part in a highly coordinated scheme that stole US $14 million from ATMs in 20 countries over a period of two days.......

Categories: security

Hotels Urged to Check Business Center Computers for Malware (July 14, 2014)

Wed, 2014-07-16 19:00

An advisory from the US Secret Service and the National Cybersecurity and Communications Integration Center warns organizations in the country's hospitality sector that computers available for hotel guests' use in their hotels are likely being infected with keystroke loggers.......

Categories: security

New GameOver ZeuS Variant Detected (July 14, 2014)

Wed, 2014-07-16 19:00

A new variant of the GameOver Zeus malware is rearing its head.......

Categories: security

More Details About Effort to Derail Shylock Botnet (July 11 & 14, 2014)

Wed, 2014-07-16 19:00

The UK's National Crime Agency said that law enforcement authorities and security experts around the world joined forces to disrupt the Shylock botnet.......

Categories: security

Java Updates Should Continue to Work on Windows XP (July 14, 2014)

Wed, 2014-07-16 19:00

In response to earlier reports to the contrary, Oracle's vice-president of product management in the Java Platform Group says that Java updates will be pushed out to machines running Windows XP, and that the patches should continue to work.......

Categories: security

Microsoft Patches Causing Problems With Some Dell Data Protection Products (July 14, 2014)

Wed, 2014-07-16 19:00

Some patches included in Microsoft's monthly update that was released last week are causing problems on machines encrypted with Dell Data Protection-Encryption and on those protected by CMGShield.......

Categories: security

Oracle's Quarterly Security Update Will Fix 115 Flaws (July 11, 2014)

Wed, 2014-07-16 19:00

Oracle's quarterly critical patch update, due out on July 15, is expected to include fixes for 115 vulnerabilities.......

Categories: security

PayPal Fixes Application-Side Filter Vulnerability (July 14, 2014)

Wed, 2014-07-16 19:00

PayPal has fixed a vulnerability on its internal portal that could have been exploited to place malicious scripts onto the company's systems.......

Categories: security

Apple Blocks Outdated Versions of Flash Plug-ins in Safari (July 11, 2014)

Wed, 2014-07-16 19:00

People who use Apple's Safari browser will find themselves unable to view Flash-enabled sites unless they have updated Adobe Flash Player.......

Categories: security

17-Year-Old Responsible for Attacks on Banks and Other Companies in Norway (July 11, 2014)

Wed, 2014-07-16 19:00

The multiple attacks that hit bank, airline, and insurance company websites in Norway are now believed to be the work of a single teenager.......

Categories: security

Malware Found on Inventory Scanners Used by Shipping Companies (July 10 & 11, 2014)

Wed, 2014-07-16 19:00

Certain handheld scanners used in the international shipping industry have been found to be infected with malware that steals information and exfiltrates it to a database.......

Categories: security

Intruders Accessed US Government Databases Containing Security Clearance Data (July 9 & 10, 2014)

Mon, 2014-07-14 17:00

Senior US officials say that an attack that has been traced to China managed to gain access to databases at the Office of Personnel Management, which contain information about people who have applied for top-secret security clearances.......

Categories: security

Simultaneous Cyber Attacks Target Norwegian Banks, Airlines, Insurance Companies (July 9, 2014)

Mon, 2014-07-14 17:00

Earlier this week, attackers targeted the websites and payment systems of DNB, Danske Bank, Nordea, and several other companies, including airlines and insurance companies.......

Categories: security

Code Spaces Attack Demonstrates Need for Multifactor Authentication for Cloud Services (July 8, 2014)

Mon, 2014-07-14 17:00

The attack on the Amazon Web Services' control panel of Code Spaces that resulted in the shutdown of the code-hosting provider has raised questions about how organizations that depend on cloud services should be protecting themselves.......

Categories: security

UK Parliament Fast Tracking Emergency Data Retention Law (July 10, 2014)

Mon, 2014-07-14 17:00

The UK government is pushing emergency legislation through Parliament that will require telecommunications service providers to store communications metadata for up to one year.......

Categories: security

Microsoft Settles No-IP Civil Case (July 9 & 10, 2014)

Mon, 2014-07-14 17:00

Microsoft and dynamic domain name provider No-IP have reached a settlement that calls for No-IP to disable certain domains.......

Categories: security