SANS NewsBites

Syndicate content SANS NewsBites
All Stories From Vol: 16 - Issue: 84
Updated: 1 day 17 hours ago

Home Depot Confirms Payment System Breach (September 8, 2014)

Wed, 2014-09-10 17:00

Home Depot has confirmed that its payment system was breached, compromising customer payment card data.......

Categories: security

Home Depot Breach Launched With Same Malware Used in Target Breach (September 7 & 8, 2014)

Wed, 2014-09-10 17:00

The malware used to steal customers' payment card data from point-of-sale systems at Home Depot is a variant of that used in last year's Target breach.......

Categories: security

Dyre Malware Targeting Salesforce Users (September 8, 2014)

Wed, 2014-09-10 17:00

Salesforce is warning that malware known as Dyre or Dyreza is being used to target its customers.......

Categories: security

OpenSSL Project Announces Vulnerability Management Policy (September 8, 2014)

Wed, 2014-09-10 17:00

The OpenSSL Project has released its vulnerability management policy.......

Categories: security

China Snooping on Scholars' Google Searches (September 5 & 8, 2014)

Wed, 2014-09-10 17:00

People conducting research in China are being watched by authorities when they conduct Google searches.......

Categories: security

FBI Says Silk Road Server Located Through Data Generated by Misconfigured Login Window (September 6 & 8, 2014)

Wed, 2014-09-10 17:00

The FBI says it was able to exploit a leaky CAPTCHA tool to detect the location of Silk Road servers and ultimately arrest the online black marketplace's founder Ross William Ulbricht.......

Categories: security

Mozilla Retires 1,024-bit Certificates; 100,000+ Websites Now "Untrusted" (September 8, 2014)

Wed, 2014-09-10 17:00

Because Mozilla allowed its 1,024-bit certificates to expire, more than 100,000 websites are now considered untrusted by that company's browsers.......

Categories: security

New Zealand ISP Outage Blamed on Poorly-Configured Modems and DDoS (September 7, 2014)

Wed, 2014-09-10 17:00

New Zealand Internet service provider (ISP) Spark says that service outages over the weekend were the result of poorly-configured home modems that had been hijacked.......

Categories: security

Windows Cyber Espionage Malware Ported to Mac (September 5, 2014)

Wed, 2014-09-10 17:00

A variant of backdoor malware used to infect systems with advanced persistent threats (APTs) on Windows systems has now been found targeting Mac systems.......

Categories: security

NIST Seeks to Determine Awareness and Effectiveness of Cyber Security Framework (August 26 & September 8, 2014)

Wed, 2014-09-10 17:00

The National Institute of Standards and Technology (NIST) has released a request for information (RFI) regarding the level of awareness about the cyber security framework among companies that operate elements of the country's critical infrastructure, NIST also wants to know what effect the framework is having on their security postures.......

Categories: security

Intruder Installs Malware on HealthCare.gov Server (September 4, 2014)

Sat, 2014-09-06 21:00

Malware installed on a HealthCare.......

Categories: security

Home Depot Investigating Reports of Payment Card Data Breach (September 2, 2014)

Sat, 2014-09-06 21:00

Home improvement retailer Home Depot has confirmed that it is working with its "banking partners and law enforcement to investigate" reports of a data breach.......

Categories: security

Goodwill Acknowledges Customer Payment Card Data Compromised (September 4, 2014)

Sat, 2014-09-06 21:00

Goodwill Industries International has disclosed that an attack on a third-party payment card processing vendor's system compromised Goodwill customer payment card data.......

Categories: security

Second Healthcare Sector Cyber Security Exercise Scheduled to Start in October (September 4, 2014)

Sat, 2014-09-06 21:00

According to a press release from the Health Information Trust Alliance (HITRUST), the second cyber security exercise for the healthcare sector, CyberRX 2.......

Categories: security

Microsoft Will Issue Four Security Bulletins on September 9 (September 4, 2014)

Sat, 2014-09-06 21:00

According to Microsoft, the company will issue four bulletins on Tuesday, September 9, to address vulnerabilities in Windows, Internet Explorer (IE), Microsoft .......

Categories: security

NATO to Ratify Policy Adding Serious Cyber Attacks to Invoke Collective Defense Clause (August 31 & September 3, 2014)

Sat, 2014-09-06 21:00

NATO (North Atlantic Treaty Organization) is close to ratifying a policy that would see all members responding to a cyber attack on any one member.......

Categories: security

Software Piracy Arrests (September 3, 2014)

Sat, 2014-09-06 21:00

Police in London, UK have arrested two people in connection with a software piracy ring.......

Categories: security

Verizon Fined for Customer Privacy Violations (September 3, 2014)

Sat, 2014-09-06 21:00

Verizon has agreed to pay US $7.......

Categories: security

Firefox 32 Includes Public Key Pinning to Enhance SSL Security (September 3, 2014)

Sat, 2014-09-06 21:00

Mozilla has released the stable version of Firefox 32.......

Categories: security

Apple Says iCloud Accounts Were Breached in Targeted Attack (September 2, 2014)

Sat, 2014-09-06 21:00

Apple has acknowledged that several celebrities' iCloud accounts were compromised, but the company said it was done by guessing or stealing login credentials rather than breaching Apple's iCloud security.......

Categories: security