SANS NewsBites

Subscribe to SANS NewsBites feed SANS NewsBites
All Stories From Vol: 17 - Issue: 51
Updated: 2 hours 20 min ago

Hedge Funds Targeted by Cyber Extortionists (May 8, 2015)

Thu, 2015-05-21 09:57

Cyber extortionists have targeted several hedge funds.......

Categories: security

Cyber Security a Growing Concern for Financial Services Companies (May 15, 2015)

Thu, 2015-05-21 09:57

Close to 50 percent of US financial institutions rank cyber security as their number one concern, according to a survey from the Depository Trust & Clearing Corporation (DTCC), topping geo-political risks and new regulations.......

Categories: security

Address Spoofing Flaw Affects Safari for OS X and iOS (May 18, 2015)

Thu, 2015-05-21 09:57

Proof-of-concept code has been released for a vulnerability in Safari for OS X and iOS.......

Categories: security

Oracle Releases Patch for VENOM Vulnerability (May 18, 2015)

Thu, 2015-05-21 09:57

Oracle has released a fix for a critical overflow vulnerability known as VENOM.......

Categories: security

Penn State College of Engineering Takes Systems Offline After Attacks (May 15 and 18, 2015)

Thu, 2015-05-21 09:57

In November 2014, the FBI notified Penn State University that attackers had breached systems at its College of Engineering.......

Categories: security

Idaho Students Face Charges Related to DDoS Attack Against District System (May 18, 2015)

Thu, 2015-05-21 09:57

Two Idaho school students are facing charges related to their alleged involvement in a distributed denial-of-service (DDoS) attack against their school district's network.......

Categories: security

Panda Labs: Attack Targeted Organizations in Oil Industry (May 18, 2015)

Thu, 2015-05-21 09:57

Panda Labs has uncovered evidence of a series of attacks targeting the oil industry.......

Categories: security

Naikon Cyber Attack Group Targets Countries in South China Sea Area (May 18, 2015)

Thu, 2015-05-21 09:57

Researchers at Kaspersky Lab say a cyber espionage group known as Naikon targets systems belonging to government, military and civilian organizations in the South China Sea area, including Malaysia, Indonesia, Myanmar, and the Philippines.......

Categories: security

mSpy Database Posted on Dark Web (May 14 and 15, 2015)

Thu, 2015-05-21 09:57

A database belonging to mSpy, a company that makes spyware for mobile devices, has been leaked to the dark web, on a web page accessible only through Tor.......

Categories: security

Responsible Disclosure, or Two Can Play at That Game, Google (May 15, 2015)

Thu, 2015-05-21 09:57

A Polish company has released details about seven security flaws in Google's App Engine (GAE) cloud software.......

Categories: security

FBI Says it Does Not Prevent Local law Enforcement from Disclosing StingRay Use (May 14 and 15, 2015)

Thu, 2015-05-21 09:57

The FBI has issued a statement regarding US law enforcement use of cell-site simulators, known colloquially as StingRay, the brand name of a particular device.......

Categories: security

Two Indicted in Photobucket Case (May 8, 2015)

Thu, 2015-05-21 09:57

The US Justice Department (DOJ) has released a statements revealing that two people have been indicted on charges stemming from allegations that they breached systems of image and video-hosting website Photobucket.......

Categories: security

May's Patch Tuesday (May 12, 2015)

Sun, 2015-05-17 02:31

On Tuesday, May 12, Microsoft issued 13 security bulletins to address a total of 46 flaws in Windows, Internet Explorer (IE), Office and other products.......

Categories: security

House Passes Bill That Would End Some NSA Data Collection Practices (May 13 & 14, 2015)

Sun, 2015-05-17 02:31

The US House of Representatives has passed the USA Freedom Act, which would stop the National Security Agency's (NSA's) bulk data collection of cell phone communication data.......

Categories: security

Additional Vulnerabilities Found in Medical Infusion Pumps (May 14, 2015)

Sun, 2015-05-17 02:31

The US Department of Homeland Security's ICS-CERT has amended an advisory released last week regarding remotely exploitable security issues in drug infusion pumps; the new information is about additional vulnerabilities affecting the Hospira LifeCare PCA Infusion System.......

Categories: security

Google Requires Windows and Mac Extensions to be Hosted on Chrome Store (May 14, 2015)

Sun, 2015-05-17 02:31

Google is taking aim at malicious browser extensions by requiring that they be hosted on the Chrome Web Store.......

Categories: security

Microsoft Stops Chinese Group from Using TechNet Site for Attacks (May 14, 2015)

Sun, 2015-05-17 02:31

Microsoft and FireEye have taken steps to prevent a group of Chinese cyber criminals known as APT17 from using the company's TechNet website in its attacks.......

Categories: security

Thieves Steal Funds Through Starbucks Mobile App (May 11, 13 & 14, 2015)

Sun, 2015-05-17 02:31

Thieves are exploiting a weakness in Starbucks' mobile app to steal money from users' bank accounts.......

Categories: security

Venom Vulnerability Affects Virtualization Software (May 13 & 14, 2015)

Sun, 2015-05-17 02:31

A vulnerability in the open source QEMU hypervisor could be exploited to take control of all virtual machines on a server hosting multiple VMs.......

Categories: security

Home Routers Used in DDoS Botnets (May 13, 2015)

Sun, 2015-05-17 02:31

Thousands of routers used in homes and small businesses have been compromised and are being used in botnets to conduct distributed denial-of-service (DDoS).......

Categories: security

Pages