SANS NewsBites

Subscribe to SANS NewsBites feed SANS NewsBites
All Stories From Vol: 17 - Issue: 24
Updated: 1 day 23 hours ago

WordPress Slimstat Plug-in Vulnerability (February 25 & 26, 2015)

Sun, 2015-03-01 07:57

A vulnerability affecting the WordPress WP-Slimstat plugin could be exploited through SQL injection attacks to steal data from vulnerable sites.......

Categories: security

Gemalto Admits Breach, Says SIM-card Encryption Keys Not Stolen (February 25, 2015)

Sun, 2015-03-01 07:57

SIM-card maker Gemalto says that it appears that US and UK intelligence agencies did breach its systems, but denies that the cards' encryption keys were stolen.......

Categories: security

RAMNIT Botnet Taken Down (February 25, 2015)

Sun, 2015-03-01 07:57

Law enforcement agents across Europe have worked together to take down the RAMNIT botnet, which is believed to have infected 3.......

Categories: security

UK's Information Commissioner's Office Fines Travel Insurance Company Over Breach (February 25, 2015)

Sun, 2015-03-01 07:57

The UK Information Commissioner's Office (ICO) has fined travel insurance company Staysure GBP 175,000 (US $270,000) for lax website security that resulted in 100,000 payment cards being compromised.......

Categories: security

Senator Questions Stingray Use (February 25, 2015)

Sun, 2015-03-01 07:57

US Senator Bill Nelson (D-Florida) is asking why the Federal Communications Commission (FCC) approved the use of cell phone surveillance technology commonly referred to as StingRay.......

Categories: security

Feds Offer US $3 Million Reward for Gameover ZeuS Botnet Admin (February 24 & 25, 2015)

Sun, 2015-03-01 07:57

The FBI and the US State Department are offering a US $3 million reward for information leading to the arrest and/or conviction of Evgeniy Mikhailovich Bogachev, who allegedly stole more than US $100 million through the Gameover ZeuS botnet.......

Categories: security

Breach Detection Time is Decreasing (February 24, 2015)

Sun, 2015-03-01 07:57

According to FireEye, the time it takes for breaches to be detected is dropping.......

Categories: security

Gemalto Investigating Reports of SIM Card Encryption Key Thefts (February 20, 2015)

Fri, 2015-02-27 01:16

SIM card maker Gemalto is looking into reports that government intelligence agents stole card encryption keys.......

Categories: security

State Department Replaced 30,000 Login Fobs After Network Intrusion (February 20 & 23, 2015)

Fri, 2015-02-27 01:16

The US State Department revoked and replaced 30,000 network login fobs after an unclassified network at the agency was infiltrated.......

Categories: security

Alleged Cyber Criminal Will Not Give Up Encryption Keys (February 20, 2015)

Fri, 2015-02-27 01:16

A British man accused of breaching systems at NASA, the FBI, and the US Federal Reserve is refusing to surrender cryptographic keys that would allow authorities in the UK to access devices seized after his October 2013 arrest.......

Categories: security

Hewlett-Packard's 2015 Cyber Risk Report Says Companies Not Patching Properly (February 23, 2015)

Fri, 2015-02-27 01:16

Hewlett-Packard's 2015 Cyber Risk Report, released on February 23, found that nearly 45 percent of breaches could be attributed to vulnerabilities for which patches have been available for two or more years.......

Categories: security

Samba Vulnerability Could Allow Remote Code Execution with Root Privileges (February 24, 2015)

Fri, 2015-02-27 01:16

A critical flaw in Samba could be exploited to allow remote code execution with root privileges.......

Categories: security

Chrome Will Warn Users When They Try to Visit Sketchy Sites (February 23 & 24, 2015)

Fri, 2015-02-27 01:16

Google's Chrome browser will warn users when they try to visit sites that may harm their computers through surreptitiously changing the browser's home page or placing certain ads on pages.......

Categories: security

Norton and Symantec Updates Crash Internet Explorer (February 21 & 23, 2015)

Fri, 2015-02-27 01:16

Several Norton and Symantec security products have been found to crash 32-bit versions on Internet Explorer (IE).......

Categories: security

Medical Identity Theft on the Rise (February 23, 2015)

Fri, 2015-02-27 01:16

According to a study from the Ponemon Institute, medical identity theft increased by 22 percent in 2014.......

Categories: security

Fishy Code Bundled on Lenovo Laptops Found in Other Programs (February 20 & 22, 2015)

Fri, 2015-02-27 01:16

Malicious code in the Superfish adware that came bundled on certain Lenovo laptops has been found in at least a dozen apps.......

Categories: security

Lenovo Releases Superfish Removal Tool (February 21, 2015)

Fri, 2015-02-27 01:16

Lenovo has released a tool that removes the malicious adware known as Superfish that cane pre-installed on some of its laptops.......

Categories: security

Police Pay Ransomware Demand in Bitcoins (February 21, 2015)

Fri, 2015-02-27 01:16

A suburban Chicago police department paid US $500 in bitcoins to cyber criminals who locked up the department's computer system with ransomware.......

Categories: security

Cyber Attack Risk Requires $1 Billion Insurance Coverage, Per Company (February 19, 2015)

Sat, 2015-02-21 23:37

Companies will need as much as $1bn in cyber insurance coverage as the costs of hacking attacks mount, but some businesses are struggling to secure even a tenth of that.......

Categories: security

Lenovo Laptops Shipped with Adware and Persistent Vulnerability (February 19, 2015)

Sat, 2015-02-21 23:37

Lenovo has been shipping laptops loaded with Superfish, adware designed to steal Internet traffic.......

Categories: security

Pages