SANS NewsBites

Subscribe to SANS NewsBites feed SANS NewsBites
All Stories From Vol: 17 - Issue: 31
Updated: 1 day 1 hour ago

Advanced Persistent Threat (APT) Wars (April 14 & 15s, 2015)

Fri, 2015-04-17 17:51

While investigating the operations of the Naikon advanced persistent threat (APT) group, researchers at Kaspersky discovered that one of the groups phishing emails had been sent to an email address belonging to another APT group.......

Categories: security

Millions of Health Records Compromised Over Past Four Years (April 15, 2015)

Fri, 2015-04-17 17:51

A study published in the Journal of the American Medical Association (JAMA) says that between 2010 and 2013, data breaches compromised more than 29 million health records.......

Categories: security

Veterans Affairs Contractors Violated Security Practices (April 15, 2015)

Fri, 2015-04-17 17:51

According to a report from the VA Assistant Inspector for Investigations, contractors working for the Department of Veterans Affairs used their personal laptops to access the agency's network while they were abroad in China and India.......

Categories: security

Incredible: Hacked French Network Exposed Its Own Passwords During TV Interview (April 9, 2015)

Wed, 2015-04-15 16:36

In an interview about the satellite hack, TV5Monde reporter David Delos unwittingly revealed at least one password for the station's social media presence.......

Categories: security

Carder Gets 12-Year Prison Sentence (April 9 & 10, 2015)

Wed, 2015-04-15 16:36

Jermaine Smith has been sentenced to more than 12 years in prison for his role in an online underground payment card fraud operation.......

Categories: security

Middle School Student Facing Felony Charge for Accessing School's Network (April 13, 2015)

Wed, 2015-04-15 16:36

A 14-year-old middle school student in Florida is facing a felony charge for accessing his school's computer network and changing a teacher's wallpaper.......

Categories: security

Re-Direct to SMB Vulnerability Affects All Versions of Windows (April 13, 2015)

Wed, 2015-04-15 16:36

A flaw affecting all versions of Windows as well as products from more than 30 other software vendors allows attackers to steal encrypted login data from Windows PC users.......

Categories: security

Simda Botnet Takedown (April 13, 2015)

Wed, 2015-04-15 16:36

Interpol, working together with Japan's Cyber Defense Institute and several technology companies, has taken down a botnet known as Simda.......

Categories: security

Intel Report Focuses on Importance of Rapid Incident Detection and Response (April 13, 2015)

Wed, 2015-04-15 16:36

According to a report from Intel, organizations that respond to cyber attacks within an hour of their detection stand a better chance of retaining control of the situation.......

Categories: security

Alleged Svpeng Creator Arrested in Russia (April 13, 2015)

Wed, 2015-04-15 16:36

Russian authorities have arrested a man believed to be the creator of malware known as Svpeng, which is believed to have infected up to 350,000 Android-based devices in 2014.......

Categories: security

APT30 Espionage Campaign Has Been Operating Since 2005 (April 12 & 13, 2015)

Wed, 2015-04-15 16:36

According to the FireEye Intelligence Report, an espionage campaign known as APT30, has been targeting governments and businesses for 10 years.......

Categories: security

"Great Cannon" Attack Tool Used in DDoS Attacks Against GreatFire and GitHub (April 10 & 12, 2015)

Wed, 2015-04-15 16:36

The distributed denial-of-service (DDoS) attacks that targeted GreatFire and GitHub in March were likely launched by a Chinese attack tool called "Great Cannon.......

Categories: security

US Bans Export of Intel Xeon Processors to China (April 10, 2015)

Wed, 2015-04-15 16:36

The US Department of Commerce has refused to grant Intel a license to export Xeon processors to China.......

Categories: security

Apple OS Updates Address Darwin Nuke Vulnerability (April 10, 2015)

Wed, 2015-04-15 16:36

Among the issues patched in Apple's most recent versions of iOS and OS X is a vulnerability that can be exploited for denial-of-service attacks.......

Categories: security

Critical Infrastructure Systems are Often Targets of Destructive Cyber Attacks (April 7, 2015)

Sat, 2015-04-11 06:07

According to a survey conducted by the Organization of American States, destructive attacks happen more often than expected at organizations that operate elements of national critical infrastructure in both North and South America.......

Categories: security

White House Data Breach (April 8, 2015)

Sat, 2015-04-11 06:07

Attackers breached an unclassified White House computer system last fall.......

Categories: security

AT&T to Pay US $25 Million Settlement Over Call Center Data Breaches (April 8 & 9, 2015)

Sat, 2015-04-11 06:07

The US Federal Communications Commission (FCC) has reached a settlement with AT&T for data breaches that compromised customer information at call centers in Mexico, Colombia, and the Philippines.......

Categories: security

Apple Updates Available for OS X, iOS (April 9, 2015)

Sat, 2015-04-11 06:07

Apple has released updates for its operating systems.......

Categories: security

Drug Pump Vulnerability Could be Exploited to Alter Dosage Limits (April 9, 2015)

Sat, 2015-04-11 06:07

Some drug-infusion pumps do not use authentication for internal drug libraries, which establish upper and lower limits for dosages.......

Categories: security

Google Pulls Deceptive Extension from Online Store (April 8 & 9, 2015)

Sat, 2015-04-11 06:07

Google has pulled a Chrome add-on from the online app store because the extension, called Webpage Screenshot, was found to be stealing users' data and sending them back to an IP address in the US.......

Categories: security

Pages