SANS NewsBites

Syndicate content SANS NewsBites
All Stories From Vol: 16 - Issue: 32
Updated: 6 hours 56 min ago

Sally Beauty Acknowledges Payment Card Data Were Taken in Breach (March 17, 2014)

Tue, 2014-03-18 15:00

US retailer Sally Beauty has now confirmed that its networks were breached and that the intruders took payment card data.......

Categories: security

US Federal Judge Approves Unusual Class Action Settlement in Breach Case (March 14 & 17, 2014)

Tue, 2014-03-18 15:00

While US courts have usually dismissed class action data breach lawsuits in which there are no demonstrable financial damages, a federal judge in Florida has approved a US $3 million settlement that includes compensation for people whose data were on stolen laptops, even if they did not experience identity fraud as a result.......

Categories: security

Indictments in Online Bank Account Theft Scheme (March 17, 2014)

Tue, 2014-03-18 15:00

A federal grand jury in New Jersey has indicted three men in connection with an attempt to steal US $15 million by breaking into accounts at US financial institutions and the Department of Defense's payroll service.......

Categories: security

IBM Says it Provided No Data to NSA (March 16 & 17, 2014)

Tue, 2014-03-18 15:00

IBM says it is not involved with National Security Agency (NSA) surveillance programs and that it has not provided customer data to government entities, or to any other third parties.......

Categories: security

Employee Arrested in UK Grocery Store Payroll Data Theft (March 14 & 17, 2014)

Tue, 2014-03-18 15:00

Police in West Yorkshire, UK have arrested a man in connection with the theft of employee payroll data from the UK supermarket chain Morrisons.......

Categories: security

Apple's iOS7 PRNG Weaker Than Previous Version (March 14 & 16, 2014)

Tue, 2014-03-18 15:00

Apple changes its internal pseudorandom number generator (PRNG) with iOS 7 and researchers are saying that it is weaker than the previous version.......

Categories: security

US to Cede Control of DNS Root Zone (March 14, 2014)

Tue, 2014-03-18 15:00

The US government says it will relinquish control of the Internet Corporation for Assigned Names and Numbers (ICANN) to a new, global oversight body.......

Categories: security

California Police Departments Have Been Secretly Using StingRay Devices (March 13, 2014)

Tue, 2014-03-18 15:00

Police departments in California have secretly been using cellphone interception technology that tricks devices into connecting to it instead of to the actual phone towers.......

Categories: security

More Details on Why The Target Breach Happened (March 13, 2014)

Sat, 2014-03-15 15:00

This article offers new details of the attack on Target's point-of-sale system.......

Categories: security

Retailers Say Migrating to EMV Alone Will Not Provide Adequate Security (March 13, 2014)

Sat, 2014-03-15 15:00

The National Retail Federation (NRF) has expressed its dissatisfaction with MasterCard and Visa's plan to accelerate adoption of EMV chip technology.......

Categories: security

Samsung Devices May Have Backdoor (March 13, 2014)

Sat, 2014-03-15 15:00

Certain Samsung Galaxy devices may contain a backdoor that allows remote access to user data.......

Categories: security

EU Legislators Approve New Cybersecurity Law (March 13, 2014)

Sat, 2014-03-15 15:00

Members of European Parliament have approved the Network and Information Security directive by a significant majority.......

Categories: security

Adobe Patches Critical Shockwave Flaw (March 13, 2014)

Sat, 2014-03-15 15:00

Adobe has released a security update for a critical flaw in Shockwave Player.......

Categories: security

Google Encrypting Searches by Default, Even in China (March 12, 2014)

Sat, 2014-03-15 15:00

In an effort to strengthen privacy technology to help prevent surveillance by governments, law enforcement, and attackers, Google now encrypts web searches by default.......

Categories: security

Microsoft Security Updates Include Fix for Critical IE Flaw (March 11, 2014)

Sat, 2014-03-15 15:00

Microsoft's security update for March 2014 includes five bulletins addressing a total of 23 vulnerabilities.......

Categories: security

WordPress "Pingback" Feature Exploited to Amplify DDoS Attack (March 11 & 13, 2014)

Sat, 2014-03-15 15:00

Attackers exploited the pingback feature in more than 162,000 WordPress websites to help launch a distributed denial-of-service (DDoS) attack against another website.......

Categories: security

Retailers Considering Forming Own Information Sharing and Analysis Center (March 11, 2014)

Sat, 2014-03-15 15:00

Officials in the retail industry are considering forming of a Merchant and Retail Industry Information Sharing and Analysis Center (MRI-ISAC) to help them defend their systems from attacks.......

Categories: security

Judge Freezes Mt. Gox Bitcoin's US Assets (March 11, 2014)

Sat, 2014-03-15 15:00

A US federal judge has frozen the American assets of Mt.......

Categories: security

Old School "Hacking" Fed Innovation (March 13, 2014)

Sat, 2014-03-15 15:00

Some successful technology innovators started out as hackers when the word did not carry the negative connotation that it does today.......

Categories: security