SANS NewsBites

Syndicate content SANS NewsBites
All Stories From Vol: 16 - Issue: 58
Updated: 1 day 2 hours ago

UK Government Can Intercept Social Media Posts Without Warrant (June 17, 2014)

Tue, 2014-06-24 15:00

The British government can collect posts from social media sites like Google, Twitter, and Facebook without a warrant because the content is considered "external communications.......

Categories: security

Do You Remember Where You Put Your Keys? (June 19, 2014)

Tue, 2014-06-24 15:00

Researchers at Columbia University have found that many Android app developers hide secret authentication keys in their code.......

Categories: security

Code Spaces Hit with Multi-Pronged Attack, Shuts Down (June 18 & 19, 2014)

Tue, 2014-06-24 15:00

Code hosting company Codespaces.......

Categories: security

Bill Would Amend ECPA, Require Warrant to Search eMail (June 18 & 19, 2014)

Tue, 2014-06-24 15:00

A bill that would require the government to obtain a warrant before searching people's email and other stored communications now has majority support in the US House of Representatives.......

Categories: security

Chinese-Made Cell Phone Star N9500 Ships with Malware Pre-Installed (June 19, 2014)

Tue, 2014-06-24 15:00

Certain Smartphones made in China ship with malware already installed.......

Categories: security

FBI Arrests Alleged NullCrew Member (June 17, 18 & 19, 2014)

Tue, 2014-06-24 15:00

Federal authorities in the US have arrested a man in connection with attacks on computer systems at universities and private companies.......

Categories: security

Fake Google Play App Steals Online Banking Credentials (June 18, 2014)

Tue, 2014-06-24 15:00

A malicious app that claims to be Google Play actually steals online banking information.......

Categories: security

Network Attached Storage Devices Compromised to Mine Dogecoin (June 17 & 18, 2014)

Tue, 2014-06-24 15:00

An attacker or attackers took control of Synology Network Attached Storage (NAS) devices and used their computing resources to mine more than US $620,000 in Dogecoin over two months.......

Categories: security

Girls Who Code Summer Program Expands (June 17, 2014)

Tue, 2014-06-24 15:00

The Girls Who Code organization aims to "inspire, educate, and equip girls with the computing skills to pursue 21st century opportunities.......

Categories: security

Google's Hard Line on Chrome Extensions Gets Some Grumbles (June 16, 2014)

Tue, 2014-06-24 15:00

Google has drawn a hard line regarding extensions for its Chrome browser; extensions that are not hosted by the Chrome Web Store are no longer supported.......

Categories: security

Ten Ideas for Improving Cyber Security (June 30, Forbes)

Tue, 2014-06-24 15:00

Ten cyber experts' best ideas for thwarting digital security threats include changing the way we think about security and being proactive about protecting sensitive data; encouraging transparency from cloud services about data handling; making better use of encryption; developing systems that present smaller attack surfaces; developing a new secure network for critical infrastructure; and establishing privacy and data security regulation and enforcement for companies.......

Categories: security

Another Critical Flaw in OpenSSL (June 5, 2014)

Sun, 2014-06-08 15:00

The OpenSSL Project has released an update to address six new vulnerabilities.......

Categories: security

UK Legislators Plan to Increase Penalties for Certain Computer Crimes (June 4 & 5, 2014)

Sun, 2014-06-08 15:00

In her speech marking the start of a new session of Parliament, Queen Elizabeth noted that the government would seek to amend the Computer Misuse Act "to ensure sentences for attacks on computer systems fully reflect the damage they cause.......

Categories: security

NIST Provides Guidance to Help Agencies Make Shift to Continuous Monitoring (June 4, 2014)

Sun, 2014-06-08 15:00

NIST's "Supplemental Guidance on Ongoing Authorization: Transitioning to Near Real-Time Risk Management," aims to help agencies move to continuous monitoring for their information systems.......

Categories: security

Database Compromise Affects South Korean Employees of US Military (June 5, 2014)

Sun, 2014-06-08 15:00

Information stored in The Korean National Recruitment System, which contains data about South Koreans employed by the US military, has been compromised, according to a notification letter from the Commander of US Forces Korea General Curtis M.......

Categories: security

Microsoft Will Release Seven Bulletins on June 10 (June 5 & 6, 2014)

Sun, 2014-06-08 15:00

Microsoft plans to issue seven security bulletins on Tuesday, June 10.......

Categories: security

Hardcoded Passwords Make Electronic Billboards Vulnerable to Attacks (June 5, 2014)

Sun, 2014-06-08 15:00

The presence of a hard-coded password, also known as a backdoor, in some electronic billboards that provide information to drivers could be exploited to display phony messages.......

Categories: security

Google's Transparency Report Lists Providers that Do and Do Not Support eMail Encryption (June 4, 2014)

Sun, 2014-06-08 15:00

Google's transparency report will now include a list of which service providers encrypt email to and from Gmail and which do not.......

Categories: security

Google Testing eMail Encryption Plug-in (June 3 & 4, 2014)

Sun, 2014-06-08 15:00

Google is testing a tool for its Chrome browser that allows users to encrypt their email.......

Categories: security

Software Updates for Cars (June 4, 2014)

Sun, 2014-06-08 15:00

In the not-too-distant future, cars will be receiving software updates, much as computers and other electronic devices already do.......

Categories: security