SANS NewsBites

Syndicate content SANS NewsBites
All Stories From Vol: 16 - Issue: 31
Updated: 2 days 20 min ago

OpenSSL President Says Entities That Use the Technology Should Help Fund It (April 14, 2014)

Tue, 2014-04-15 15:00

Steve Marquess, co-founder and president of the OpenSSL Software Foundation is critical of governments and companies that use the software but do not contribute to the foundation's funding.......

Categories: security

White House Policy Encourages Vulnerability Disclosure, Except When it Doesn't (April 12, 13 & 14, 2014)

Tue, 2014-04-15 15:00

According to a statement from the Office of the Director of National Intelligence, the Obama administration supports NSA disclosure of vulnerabilities in commercial and open source software with the exception of cases in which there is "a clear national security or law enforcement need" to keep them a secret.......

Categories: security

Training Cyber Warriors Takes Time (April 14, 2014)

Tue, 2014-04-15 15:00

To qualify for the US Cyber Command force, service members must obtain credentials at their schools, attend Cyber Command training, and have their knowledge tested to see if they qualify.......

Categories: security

Cloud Security Deadline Approaching for US Government Agencies (April 14, 2014)

Tue, 2014-04-15 15:00

US agencies have until June 5 to make sure that they are in compliance with the government's cloud security standards.......

Categories: security

Target Breach Prompts Formation of Retail ISAC (April 14, 2014)

Tue, 2014-04-15 15:00

The Target breach has prompted the National Retail Federation to establish an industry Information Sharing and Analysis Center (ISAC).......

Categories: security

Paramedic Faces Charges Based on Evidence from Warrantless Database Search (April 14, 2014)

Tue, 2014-04-15 15:00

In the course of investigating the theft of morphine from emergency vehicles, Utah law enforcement officials searched without a warrant a state database that holds records of all controlled substances that pharmacists dispense.......

Categories: security

Three Indicted in Connection with Theft of Apache Helicopter Simulation Software (April 11 & 14, 2014)

Tue, 2014-04-15 15:00

Three men have been indicted for allegedly stealing a top-secret US Army helicopter simulator.......

Categories: security

IRS Will Pay for Extended XP Support While Completing Migration to Windows 7 (April 11, 2014)

Tue, 2014-04-15 15:00

The US Internal Revenue Service (IRS) is still running Windows XP on roughly half of its Windows-based computers.......

Categories: security

Auernheimer Conviction Overturned on Technicality (April 11, 2014)

Tue, 2014-04-15 15:00

The Third US Circuit Court of Appeals has reversed and vacated the conviction of Andrew Auernheimer because the case was tried in an improper venue.......

Categories: security

West Point Wins Cyber Defense Exercise (April 10 & 11, 2014)

Tue, 2014-04-15 15:00

The team from West Point, the US military academy, had taken top honors in this year's Cyber Defense Exercise.......

Categories: security

House Subcommittee Pushes Through Bill to Stop Transfer of ICANN Oversight (April 7 & 10, 2014)

Tue, 2014-04-15 15:00

The US House Energy and Commerce Committee's Technology Subcommittee has approved a bill that would delay the Obama administration's plan to relinquish control of ICANN.......

Categories: security

Patch Available for Heartbleed Flaw (April 10, 2014)

Fri, 2014-04-11 15:00

OpenSSL has released a patch for a critical flaw in its implementation of the Transport Security Layer protocol's "heartbeat" extension that threatens the security of passwords, source code, and encryption keys.......

Categories: security

Governments Take Steps to Address Heartbleed (April 10, 2014)

Fri, 2014-04-11 15:00

Government agencies in the US and Canada are taking steps to help protect people from the risks of the Heartbleed OpenSSL vulnerability.......

Categories: security

Heartbleed Affects More Than Websites (April 10, 2014)

Fri, 2014-04-11 15:00

The Heartbleed vulnerability affects client side OpenSSL installations as well.......

Categories: security

Report Says Most UK Police Forces Not Equipped to Handle Cyber Crime (April 10, 2014)

Fri, 2014-04-11 15:00

According to a report from Her Majesty's Inspectorate of Constabulary (HMIC), just three of 43 police forces in England and Wales "have developed comprehensive cyber crime strategies.......

Categories: security

Threat Info Sharing Does Not Violate Antitrust Laws (April 10, 2014)

Fri, 2014-04-11 15:00

The US Justice Department (DOJ) and the Federal Trade Commission (FTC) have issued a joint policy statement clarifying that companies are allowed to share cyber threat information with each other without violating antitrust laws.......

Categories: security

Health Sector Cyber Security Drill (April 10, 2014)

Fri, 2014-04-11 15:00

On April 1, the US Department of Health and Human Services (HHS) conducted a cyber security drill for 13 participating companies in the healthcare sector.......

Categories: security

Google Android Update Will Improve App Security (April 10, 2014)

Fri, 2014-04-11 15:00

Google's Android team will release an upgrade that includes a feature to constantly monitor devices to ensure that apps are secure, even after they have been installed.......

Categories: security

BlackBerry OS 10 Update (April 9 & 10, 2014)

Fri, 2014-04-11 15:00

BlackBerry has issued a security update for BlackBerry 10 to address a remote code execution vulnerability.......

Categories: security

Second Univ. of Maryland Intrusion the Work of Frustrated Software Engineer (April 9 & 10, 2014)

Fri, 2014-04-11 15:00

The most recent cyber intrusion at the University of Maryland was the work of a software engineer who knew about the flaw that was later exploited in the earlier, larger intrusion.......

Categories: security