SANS NewsBites

Syndicate content SANS NewsBites
All Stories From Vol: 16 - Issue: 58
Updated: 2 days 5 hours ago

VA Audit Finds Security Control Problems Persist (May 29, 2014)

Mon, 2014-06-02 17:00

A third-party audit of the Veterans Affairs Department (VA) systems found that the agency is still having difficulty protecting critical systems.......

Categories: security

Backdoor in Wiretap Kit (May 28 & 29, 2014)

Mon, 2014-06-02 17:00

Researchers in Austria have found a vulnerability in a widely used wiretap kit that could be exploited to access recordings as well as the names and email addresses of suspects being monitored by law enforcement agencies.......

Categories: security

Microsoft's myBulletins Dashboard (May 28 & 29, 2014)

Mon, 2014-06-02 17:00

Microsoft has launched a dashboard for systems administrators that displays which Microsoft patches are available for the products their company currently uses.......

Categories: security

Eleven Arrested in Skimming Case (May 28, 2014)

Mon, 2014-06-02 17:00

Law enforcement agents in Bulgaria have arrested 11 people in connection with a scheme that involved skimming ATM card data.......

Categories: security

Avast User Support Forum Breached (May 27, 2014)

Mon, 2014-06-02 17:00

The user support forum of security company Avast suffered a breach last week that compromised usernames, email addresses, and hashed passwords.......

Categories: security

LulzSec Member Turned FBI Informant Sentenced to Time Served (May 27, 2014)

Mon, 2014-06-02 17:00

LulzSec member turned FBI informant Hector Xavier Monsegur has been given a sentence of time served for his role in several high profile attacks, including those on HBGary, InfraGard, and government systems around the world.......

Categories: security

eBay Facing Investigations Over Breach (May 23, 2014)

Tue, 2014-05-27 17:00

Attorneys general in three US states are launching a joint investigation into the eBay breach.......

Categories: security

Bill Would Eliminate Requirement for NIST to Consult with NSA on Encryption Standards Development (May 26, 2014)

Tue, 2014-05-27 17:00

US legislators have passed a bill that would remove the requirement that the National Institution of Standards and Technology (NIST) consult with the National Security Agency on the development of encryption standards.......

Categories: security

London Police Report Rise in Electronically-Enabled Car Break-ins (May 20, 2014)

Tue, 2014-05-27 17:00

According to London's Metropolitan Police, nearly half of the 89,000 car break-ins reported last year were facilitated with electronic devices.......

Categories: security

Zberp Trojan Targets 450 Financial Institutions (May 26, 2014)

Tue, 2014-05-27 17:00

A newly detected Trojan horse program appears to combine the strengths of ZeuS and Carberp to target online banking accounts.......

Categories: security

WordPress Sends Browser Cookie in Plaintext (May 26, 2014)

Tue, 2014-05-27 17:00

If users log in to a blog hosted by WordPress from public Wi-Fi or other unsecured connections, the site could be hijacked even if two-factor authentication is in place.......

Categories: security

New Zealand Supercomputer Intrusion (May 26, 2014)

Tue, 2014-05-27 17:00

A supercomputer at New Zealand's National institute of Water and Atmospheric Research (NIWA) is back online after an intrusion.......

Categories: security

Federal Prosecutors Seek Light Sentence for LulzSec Member Turned Informant (May 24 & 25, 2014)

Tue, 2014-05-27 17:00

US federal prosecutors are pushing for a light sentence for a member of the LulzSec group who turned informant and helped the FBI thwart more than 300 attacks against private companies, military systems, Congress and other entities.......

Categories: security

Proposed Legislation Aims to Punish Those Who Benefit from Economic Cyber Espionage (May 22 & 23, 2014)

Tue, 2014-05-27 17:00

The same week that the US Justice Department (DOJ) indicted five members of China's people's Liberation Army (PLA) for alleged economic espionage, US legislators have introduced a bill that would impose penalties on people who gain from such activity.......

Categories: security

Shockwave Player Contains Outdated Version of Flash (May 21 & 23, 2014)

Tue, 2014-05-27 17:00

The most recent version of Adobe Shockwave Player contains 18 known vulnerabilities.......

Categories: security

Apple Issues Safari Updates (May 22 & 23, 2014)

Tue, 2014-05-27 17:00

Apple has released updates for Safari to address 21 vulnerabilities in the browser, several of them critical.......

Categories: security

Nemanja Malware Botnet (May 22 & 23, 2014)

Tue, 2014-05-27 17:00

Malware known as Nemanja is believed to have infected nearly 1,500 point-of-sale machines, accounting systems, and other back-office systems around the world.......

Categories: security

Microsoft Technically Won the Battle, but FBI Got the Information Anyway (May 22, 2014)

Tue, 2014-05-27 17:00

A story last week reported that Microsoft successfully challenged an FBI National Security Letter (NSL) requesting information about an account belonging to one of the company's enterprise customers.......

Categories: security

Cyber Security Requirements and US Government Procurement (May 22, 2014)

Tue, 2014-05-27 17:00

Acquisitions experts speaking at a Coalition for Government Procurement panel last week said that while some initiatives have helped industry and government develop cyber security requirements, the government still "isn't speaking with one voice" regarding cyber security requirements and acquisition; there are still many different sources of guidance on the subject, and they do not all agree.......

Categories: security

eBay Criticized for Handling of Breach (May 21 & 22, 2014)

Sat, 2014-05-24 15:00

eBay has met with widespread criticism for the way it handled a breach that exposed user data.......

Categories: security