SANS NewsBites

Subscribe to SANS NewsBites feed SANS NewsBites
All Stories From Vol: 17 - Issue: 41
Updated: 1 day 5 hours ago

South Korea Says it Has Code Linking North Korea to Cyber Attacks (April 23, 2015)

Tue, 2015-04-28 22:08

Investigators in South Korea say they have obtained the actual code used in attacks against the country's banks, media outlets, and nuclear operator, allegedly by North Korea.......

Categories: security

Technology Detects Malware on Medical Devices by Monitoring AC Power Consumption (April 27, 2015)

Tue, 2015-04-28 22:08

Two large, unnamed US hospitals will pilot the use of technology that monitors AC power consumption to detect malware on their equipment.......

Categories: security

US Military Using Tests To Identify Future Cyber Warriors (April 24, 2015)

Sun, 2015-04-26 10:37

The services are slowly expanding their use of "psychometric" testing to help identify who is best suited to join the military's growing cyber force.......

Categories: security

Both Houses Introduce Legislation to Update Computer Fraud and Abuse Act (April 23, 2015)

Sun, 2015-04-26 10:37

Legislation aimed at updating the Computer Fraud and Abuse Act (CFAA) has been introduced in both US houses.......

Categories: security

DOD Says it May Respond to Threats With Offensive Cyber Measures (April 23, 2015)

Sun, 2015-04-26 10:37

The US Defense Department announced on Thursday, April 23 that while it is looking to strengthen its cyber security defense posture, it would also use offensive cyber measures in response to threats from other countries.......

Categories: security

Auditors Tell Nuclear Plant Operator to Migrate 48,000 PCs Still Running Windows XP (April 23, 2015)

Sun, 2015-04-26 10:37

Japan's Board of Audit has instructed the Tokyo Electric Power Company (TEPCO) to move its 48,000 PCs still running Windows XP to a more current and more secure operating system.......

Categories: security

Many eCommerce Sites Have Not Yet Patched Magento Flaw (April 23, 2015)

Sun, 2015-04-26 10:37

Attackers are actively exploiting a vulnerability in a widely-used content management system for online shopping sites.......

Categories: security

Detecting NSA Quantum Insert Attacks (April 22 & 23, 2015)

Sun, 2015-04-26 10:37

Researchers have found a method for detecting NSA Quantum Insert attacks.......

Categories: security

FBI Warns Airlines to be Aware of Unusual Computer Activity on Planes (April 22 & 23, 2015)

Sun, 2015-04-26 10:37

The FBI has issued a formal alert regarding the threat of cyber attacks against aircraft navigation networks.......

Categories: security

US House Passes Cyber Security Information Sharing Bill (April 22, 2015)

Sun, 2015-04-26 10:37

The US House of Representatives has passed the Protecting Cyber Networks Act that aims to pave the way for private companies and the government to share threat information.......

Categories: security

CozyDuke APT Likely Behind Attacks on US State Department and White House (April 22, 2015)

Sun, 2015-04-26 10:37

The advanced persistent attack (APT) intrusions of networks at the US State Department and the White House are believed to have been perpetrated by a group known as CozyDuke.......

Categories: security

WordPress and Plugins Patched Against Cross-Site Scripting Attacks (April 21 & 22, 2015)

Sun, 2015-04-26 10:37

WordPress pushed out an updated version of its content management system to address four security issues, including two flaws that could be exploited through cross-site scripting attacks.......

Categories: security

DHS to Open Satellite Office in Silicon Valley (April 21, 2015)

Sun, 2015-04-26 10:37

The US Department of Homeland Security (DHS) plans to open an office in Silicon Valley as part of a push to improve public/private cooperation, improve agency cyber security, and hire security experts.......

Categories: security

US Government Lagging in Cyber Workforce (April 14, 2015)

Wed, 2015-04-22 00:20

According to a report from the Partnership for Public Service, the US government faces several obstacles to establishing a strong cyber workforce capable of defending the country's systems from attacks.......

Categories: security

Bill Would Exempt Researchers from Prosecution Under DMCA (April 16 & 17, 2015)

Wed, 2015-04-22 00:20

US legislators in both houses have introduced a bill that would protect security researchers from prosecution under the Digital Millennium Copyright Act (DMCA), which prohibits circumvention of digital protection on copyrighted works.......

Categories: security

Robbery Case Dropped to Protect Stingray Use Information (April 20 & 21, 2015)

Wed, 2015-04-22 00:20

Prosecutors in Missouri have dropped a criminal case against three suspects who allegedly robbed seven people, at least one of whom was injured, rather than disclose information about law enforcement's use of cell-site simulator technology often referred to as stingray.......

Categories: security

Cook County, Illinois Subpoenas Suggests Misunderstanding of Tor (April 20, 2015)

Wed, 2015-04-22 00:20

Cook County, Illinois has subpoenaed a Romanian security company, demanding the "real IP address" that used a Tor exit node to access Cook County systems.......

Categories: security

Russian Doll Campaign Targeting Foreign Governments (April 19 & 20, 2015)

Wed, 2015-04-22 00:20

A group of cyber attackers with apparent links to Russia has been exploiting known vulnerabilities in Windows and Flash to seek out information about other governments, militaries, and security organizations.......

Categories: security

"Researcher" Who Tweeted Joke About Security Plane Security Barred From United Flight (April 19 & 20, 2015)

Wed, 2015-04-22 00:20

A "researcher" who tweeted a joke about airline communications system security during a United Airlines flight was detained by the FBI for several hours after that flight landed.......

Categories: security

IBM's Threat Intelligence Sharing Platform (April 16 & 20, 2015)

Wed, 2015-04-22 00:20

IBM has launched a threat intelligence sharing platform called IBM X-Force Exchange.......

Categories: security

Pages