SANS NewsBites

Syndicate content SANS NewsBites
All Stories From Vol: 16 - Issue: 86
Updated: 2 days 12 hours ago

Shellshock May Further Marginalize Open Source Software (September 25, 2014)

Fri, 2014-09-26 15:00

Nicole Perlroth's article in the New York Times tells the story of how Bash and its flaw came to be.......

Categories: security

New Scripting Language Will Limit Permissions (September 25, 2014)

Fri, 2014-09-26 15:00

Researchers at Harvard University are developing a scripting language called Shill that is based on the principle of least privilege.......

Categories: security

FBI Director Critical of Default Encryption on Mobile Phones (September 25, 2014)

Fri, 2014-09-26 15:00

FBI Director James Comey has expressed concerns about Apple's and Google's decisions to increase encryption on mobile devices.......

Categories: security

Mozilla Fixes Network Security Services Library Flaw in Several Products (September 25,2014)

Fri, 2014-09-26 15:00

Mozilla has fixed a vulnerability in its Network Security Services (NSS) libraries that could have been exploited to launch man-in-the-middle attacks.......

Categories: security

TripAdvisor Customer Data Compromised (September 23 & 25, 2014)

Fri, 2014-09-26 15:00

Viator, a website recently acquired by TripAdvisor, has learned that a breach of a payment card service provider's system exposed customer data.......

Categories: security

US Will Adopt Chip-and-PIN (September 25, 2014)

Fri, 2014-09-26 15:00

The idea of storing credit card account information on a magnetic stripe, while innovative in 1960 when it was first conceived, is now vulnerable to theft, particularly because the data encoded on the magnetic stripes are static.......

Categories: security

Internet Crime Complaint Center Warns of Spoofed Messages (September 24 & 25, 2014)

Fri, 2014-09-26 15:00

The FBI's Internet Crime Complaint Center (IC3) is warning that it is being impersonated in an attempted cyber extortion attack.......

Categories: security

Jimmy John's Confirms Data Breach (September 24, 2014)

Fri, 2014-09-26 15:00

US sandwich restaurant chain Jimmy John's has acknowledged that a payment vendor's data breach compromised customer payment card information.......

Categories: security

Japan Airlines Data Breach (September 24 & 25, 2014)

Fri, 2014-09-26 15:00

Japan Airlines (JAL) has confirmed that a cyber attack compromised personal information of as many as 750,000 customers.......

Categories: security

UK Banks to Get Real-Time Threat Alerts (September 23, 2014)

Fri, 2014-09-26 15:00

British banking industry association BBA will now offer member financial institutions access to real-time threat warnings that affect customer data and the general integrity of their systems as a whole.......

Categories: security

Medical Device and Healthcare Cyber Security Workshop (September 23, 2014)

Fri, 2014-09-26 15:00

The US Food and Drug Administration (FDA) is holding a workshop on October 21-22.......

Categories: security

Cyber Security as a Matter of Resilience (September 22, 2014)

Tue, 2014-09-23 17:00

Experts say that the cyber security conversation is better served by focusing on resilience rather than on prevention.......

Categories: security

Home Depot Ignored Security Concerns (September 19, 20 & 22, 2014)

Tue, 2014-09-23 17:00

Former Home Depot employees say that management ignored warnings from the company's computer security team that its systems were vulnerable to attack.......

Categories: security

Former Home Depot Security Architect in Prison For Sabotaging Previous Employer's Network (September 22, 2014)

Tue, 2014-09-23 17:00

Ricky Joe Mitchell, a former Home Depot security architect, is currently serving a four-year sentence for sabotaging his previous employer's network.......

Categories: security

Can the US Power Grid Succumb To Cyber Attacks Alone?

Tue, 2014-09-23 17:00

Last week we covered a story in which observers say that cyber attacks alone could not take down the US power grid.......

Categories: security

Four MIT Students Fighting Subpoenas Over Hackathon Bitcoin Mining Tool (September 22, 2014)

Tue, 2014-09-23 17:00

Four Massachusetts Institute of Technology (MIT) students are fighting a subpoena demanding they surrender the source code for a Bitcoin mining tool they created for a hackathon.......

Categories: security

Google Shuts Down Malvertising Attack (September 22, 2014)

Tue, 2014-09-23 17:00

On September 19, Google shut down a malvertising campaign that affected visitors to several different websites, including Last.......

Categories: security

Senate Bill Would Limit Power of US Warrants for Data Stored in Other Countries (September 19, 2014)

Tue, 2014-09-23 17:00

A bill proposed in the US Senate last week would limit the type of data that US authorities could obtain from foreign servers with a warrant.......

Categories: security

Senate Bill Would Expedite DHS's Hiring of Cyber Security Experts (September 20, 2014)

Tue, 2014-09-23 17:00

The US Senate has passed a bill that would increase the authority of the defense secretary to hire and retain cyber security professionals.......

Categories: security

eBay Vulnerability Has Been Present for at Least Six Months (September 19, 2014)

Tue, 2014-09-23 17:00

A vulnerability in some eBay postings has been present for months.......

Categories: security