SANS NewsBites

Subscribe to SANS NewsBites feed SANS NewsBites
All Stories From Vol: 17 - Issue: 51
Updated: 1 hour 35 min ago

Some US Navy Workstations Still Running Windows XP (June 23, 2015)

Sun, 2015-06-28 12:58

The US Navy is still running Windows XP on some of its computers, paying Microsoft millions of dollars in fees to support the retired operating system.......

Categories: security

LOT Airline Grounding Due to DDoS (June 23, 2015)

Sun, 2015-06-28 12:58

Polish airline LOT says that the computer problems that grounded its flights over the weekend were due to a distributed denial-of-service (DDoS) attack that prevented flight plans from being delivered on time.......

Categories: security

Polish Airline LOT Flights Cancelled Due to Cyber Attack (June 22, 2015)

Wed, 2015-06-24 06:52

Polish airline LOT cancelled 10 flights from Chopin Airport in Warsaw on Sunday, June 21, after a cyber attack made it impossible to file flight plans.......

Categories: security

Vulnerable Flight Plan Protocol Widely Used (June 22, 2015)

Wed, 2015-06-24 06:52

The flight plan delivery protocol is used by virtually every airline.......

Categories: security

NSA and GCHQ Sought to Reverse Engineer Security Software (June 22, 2015)

Wed, 2015-06-24 06:52

According to a recent report in The Intercept, intelligence agencies in the US and UK made efforts to reverse engineer antivirus and security software, as it hindered their secret investigations.......

Categories: security

OPM: Attackers Had Access to OPM Database for a Year (June 18 & 20, 2015)

Wed, 2015-06-24 06:52

According to a report in The Washington Post, the attackers who breached the security of a database at the US Office of Personnel Management (OPM) had access to the data for at least a year.......

Categories: security

OPM: Fraud Protection Service Security Concerns (June 19, 2015)

Wed, 2015-06-24 06:52

People whose personal information was compromised have complained that they have been required to provide sensitive personal information to the company that will provide fraud protection services to verify their identities.......

Categories: security

OPM: Breach Affected Two Different Systems (June 22, 2015)

Wed, 2015-06-24 06:52

Two different systems were breached at OPM: the Electronic Official Personnel Folder system and the central database for EPIC, the software suite that OPM's Federal Investigative Service uses to gather information for employee background investigations.......

Categories: security

Competition Aims to Identify Cyber Security Talent with $30,000 Scholarships (June 19, 2015)

Wed, 2015-06-24 06:52

The SANS Institute's Cyber Aptitude Assessment competition offers top performers scholarships to the SANS Cyber Academy, an eight-week cyber security training boot camp.......

Categories: security

Pentagon May Hold IT Users More Accountable for Cyber Security (June 18, 2015)

Wed, 2015-06-24 06:52

DOD CIO Terry Halvorsen said that there are few if any consequences for users whose online behavior creates security problems for DOD systems.......

Categories: security

eBay Patches Vulnerabilities in Magento (June 22, 2015)

Wed, 2015-06-24 06:52

eBay has fixed a trio of vulnerabilities in its e-commerce system, Magento.......

Categories: security

Flaw in Google Analyticator WordPress Plugin Fixed (June 22, 2015)

Wed, 2015-06-24 06:52

A flaw in the Google Analyticator WordPress plugin that could be exploited to allow Cross-Site request Forgery has been fixed.......

Categories: security

The Dark Side of Proxy Servers (June 22, 2015)

Wed, 2015-06-24 06:52

One researcher tested nearly 450 open web proxies and found that 79 percent forced users to load pages in
-http://,
or unencrypted mode, which means that the proxy owners could view the traffic in plain text.......

Categories: security

HP Releases Proof-of-Concept Code for Unpatched IE Flaw (June 22, 2015)

Wed, 2015-06-24 06:52

HP has released proof-of-concept code for an unpatched vulnerability in Internet Explorer (IE) that can be exploited to bypass Address Space Layout Randomization (ASLR) on 32-bit systems.......

Categories: security

European Police Aim to Take Down Social Media Accounts Linked to IS (June 22, 2015)

Wed, 2015-06-24 06:52

Police across Europe will soon be working together to find and block social media accounts with ties to the Islamic State.......

Categories: security

OPM Chiefs Face Congress Over Breach (June 16, 2015)

Fri, 2015-06-19 16:09

A Department of Homeland Security Official said that encryption would not have helped protect the data exposed in the OPM breach because the intruders managed to obtain valid user credentials.......

Categories: security

Legacy Systems Are Not the Only Reason for OPM Breach (June 17, 2015)

Fri, 2015-06-19 16:09

Office of Personnel Management (OPM) officials pointed to legacy systems as a central reason for the attacks on the OPM's network.......

Categories: security

Drupal Updates (June 18, 2015)

Fri, 2015-06-19 16:09

Updates for the Drupal content management system are available.......

Categories: security

Samsung Will Release Fix for Galaxy Smartphones (June 17 7& 18, 2015)

Fri, 2015-06-19 16:09

Samsung plans to release a fix for a critical security flaw that affects more than 600 million of its mobile phones.......

Categories: security

Allegations of Unauthorized System Access in MLB (June 16, 17, & 18, 2015)

Fri, 2015-06-19 16:09

The FBI is investigating allegations that front office employees of the St.......

Categories: security

Pages