SANS NewsBites

Subscribe to SANS NewsBites feed SANS NewsBites
All Stories From Vol: 17 - Issue: 7
Updated: 1 day 3 hours ago

Tor Exit Nodes Offline (December 22, 2014)

Mon, 2014-12-29 15:24

A cluster of Tor exit nodes was taken offline over the weekend of December 20-21.......

Categories: security

Obama Wants Congress to Introduce Information Sharing Legislation (December 22, 2014)

Mon, 2014-12-29 15:24

At his end-of-year press conference, President Obama indicated that he would like to see the reintroduction of an intelligence-sharing bill in this legislative session.......

Categories: security

Patch Available for Git Vulnerability (December 19 & 20, 2014)

Mon, 2014-12-29 15:24

There is a patch available for a flaw in the Git open-source development tool.......

Categories: security

Staples Breach (December 19, 2014)

Mon, 2014-12-29 15:24

US office supply chain Staples has acknowledged a breach that exposed the payment card data of 1.......

Categories: security

ICANN Says IANA Unaffected by Breach (December 19, 2014)

Mon, 2014-12-29 15:24

ICANN says that a recent phishing attack that targeted the organization did not affect the IANA, which allocates IP addresses and manages global DNS.......

Categories: security

FBI Accuses North Korea of Sony Pictures Attack (December 19, 2014)

Sat, 2014-12-20 20:54

Citing "similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks" as well as classified pieces of evidence, the FBI today issued a statement saying that it "now has enough information to conclude that the North Korean government is responsible for" the attack.......

Categories: security

US Points Finger at North Korea in Sony Pictures Attack (December 17, 2014)

Sat, 2014-12-20 20:54

US officials say that law enforcement and intelligence agencies have gathered sufficient evidence to indicate that North Korea is behind the attack on Sony Pictures.......

Categories: security

Breach Attribution is No Easy Task (December 17 & 18, 2014)

Sat, 2014-12-20 20:54

Not everyone agrees that the Sony Pictures attack emanated from North Korea.......

Categories: security

Sony Hack Code Not Sophisticated (December 17, 2014)

Sat, 2014-12-20 20:54

The malware used in the attack that erased data from hard drives at Sony Pictures was unsophisticated and riddled with bugs.......

Categories: security

US Government Personnel Data May Have Been Compromised in Breach (December 18, 2014)

Sat, 2014-12-20 20:54

A breach at KeyPoint Government Solutions may have left personally identifiable information about nearly 50,000 US government employees exposed to possible theft.......

Categories: security

New York Financial Institutions Will be Evaluated on Cyber Security (December 18, 2014)

Sat, 2014-12-20 20:54

The Superintendent of New York's Department of Financial Services has asked member organizations to consider cyber security "an integral aspect of their overall risk management strategy" instead of an issue for just information technology.......

Categories: security

Misfortune Cookie Affects Millions of Routers (December 18, 2014)

Sat, 2014-12-20 20:54

A critical flaw in more than 200 models of residential gateway devices and small office home routers could be exploited to gain administrative privileges.......

Categories: security

Backdoor in Coolpad Android Devices (December 18, 2014)

Sat, 2014-12-20 20:54

A backdoor in certain Android devices made by Chinese smartphone manufacturer Coolpad could be exploited to download, install, and activate applications without user interaction; disable other applications; remove data from the device; and receive updates that install applications.......

Categories: security

ICANN Accounts Hijacked Through Phishing Attack (December 17 & 18, 2014)

Sat, 2014-12-20 20:54

The ICANN was the target of a data breach following a phishing campaign.......

Categories: security

Google Tightens Security for Gmail Extensions (December 16 & 17, 2014)

Sat, 2014-12-20 20:54

Google has implemented the W3C's Content Security Policy (CSP) standard for Gmail extensions.......

Categories: security

Google Plans to Warn Chrome Users on All HTTP Connections (December 16, 2014)

Sat, 2014-12-20 20:54

Google plans to flag all HTTP traffic as unsecure in its Chrome browser.......

Categories: security

Indications of Breach at Park-n-Fly (December 16, 2014)

Sat, 2014-12-20 20:54

Financial institutions are noting a pattern of fraud suggesting that Park-n-Fly, a company operates parking lots near airports, experienced a security breach, exposing customers' payment card data, according to KrebsOnSecurity.......

Categories: security

Dutch Privacy Watchdog Hounds Google and Facebook (December 16 & 17, 2014)

Sat, 2014-12-20 20:54

The Dutch data protection authority College Bescherming Persoonsgegevens (CBP) has ordered Google to abide by that country's privacy rules or be subject to penalties of as much as 15 million euros (US $18.......

Categories: security

Senator Argues Against Back Doors for Government (December 15, 2014)

Thu, 2014-12-18 19:07

Noting that a back door placed in software and electronic communication devices to allow government access is also a backdoor that could be exploited by entities with malicious intents, US Senator Ron Wyden (D-Oregon) has proposed legislation that would prohibit government agencies from requiring back doors in digital products.......

Categories: security

Agencies Encourage Adoption of Cyber Security Standards (December 15, 2014)

Thu, 2014-12-18 19:07

Government agencies have begun encouraging industries that they oversee to adopt applicable cyber security guidelines from the US National Institute of Standards and Technology (NIST).......

Categories: security

Pages