SANS NewsBites

Syndicate content SANS NewsBites
All Stories From Vol: 16 - Issue: 66
Updated: 2 days 13 hours ago

The Internet of Things: Smart Lightbulb Exposes Wi-Fi Password (July 7, 2014)

Thu, 2014-07-10 15:00

In a proof-of-concept attack, Internet connected LED lightbulbs were used to gain access to the Wi-Fi network that controls them.......

Categories: security

Proposed Law Would Require Russian Citizens' Data to Be Stored on Servers There (July 4, 2014)

Thu, 2014-07-10 15:00

Russian legislators have passed a bill that would require Internet companies that collect personal data to store Russian citizens' data on servers in that country.......

Categories: security

NSA Retains Data Belonging to Non-Suspects (July 5, 6, & 7, 2014)

Thu, 2014-07-10 15:00

The Washington Post conducted analysis on 160,000 intercepted conversations intercepted by the National Security Agency (NSA) and found that the majority of the people whose personal information was stored by the NSA (according to information provided by Snowden) were not suspects in investigations.......

Categories: security

Australian Teen Won't Face Charges for Finding Transportation Site Flaw (July 7, 2014)

Thu, 2014-07-10 15:00

A Melbourne, Australian teen who discovered a security flaw in a public transportation authority website will not face charges.......

Categories: security

Man Arrested in Connection with Point-of-Sale Data Theft Scheme (July 7, 2014)

Thu, 2014-07-10 15:00

US law enforcement authorities have announced the arrest of Roman Valerevich Seleznev, a Russian man who allegedly had a role in a scheme that included breaking into point-of-sale systems at several US companies.......

Categories: security

Invisible IM Project Aims to Leave No Forensic Trail (July 4 & 7, 2014)

Thu, 2014-07-10 15:00

The Invisible IM project aims to develop a means for people to communicate "without leaving a retrospectively recoverable forensic trail behind on third-party servers.......

Categories: security

German Authorities Arrest Alleged Double Agent (July 4 & 7, 2014)

Thu, 2014-07-10 15:00

German authorities have arrested a man who is allegedly an NSA mole; the man had been working for German intelligence agency BND.......

Categories: security

Ruby on Rails Patches Two Vulnerabilities (July 4, 2014)

Thu, 2014-07-10 15:00

Ruby on Rails developers have released fixes for a pair of vulnerabilities in the open source web development framework that can be exploited through SQL injection attacks.......

Categories: security

Malicious iframe on Dailymotion Redirects Users to Malicious Site (July 4 & 7, 2014)

Thu, 2014-07-10 15:00

A malicious code injection attack on file sharing site Dailymotion redirected site visitors to another website that downloaded malware into their computers.......

Categories: security

Corporate Boards Taking Cyber Security More Seriously (June 30, 2014)

Tue, 2014-07-01 15:00

Boards at prominent US companies are starting to take cyber security seriously.......

Categories: security

Microsoft No-IP.com Domain Seizure Affects Legitimate Servers (June 30, 2014)

Tue, 2014-07-01 15:00

When Microsoft seized 22 domain names from No-IP.......

Categories: security

Malware Targets Online Bank Transactions (June 27 & 30, 2014)

Tue, 2014-07-01 15:00

Malware known as Emotet is targeting online banking customers.......

Categories: security

Women in Security (June 30, 2014)

Tue, 2014-07-01 15:00

The numbers of women at security conferences like Black Hat and DefCon is up from nearly none in 2000 to hundreds or even more.......

Categories: security

UK Teen Charged in Connection with Spamhaus DDoS Attacks (June 30, 2014)

Tue, 2014-07-01 15:00

British authorities have charged a teenager with computer misuse, fraud, and money laundering for his alleged role in distributed denial-of-service (DDoS) attacks against Spamhaus in March 2013 that caused problems for Internet exchanges and services worldwide.......

Categories: security

Microsoft's eMail Security Notifications Will Continue (June 28, 28, & 30, 2014)

Tue, 2014-07-01 15:00

After announcing on June 27 that it was discontinuing its security email notification service due to "changing governmental policies concerning the issuance of automated electronic messaging," Microsoft has now said that it will resume the service as of Tuesday, July 3, the date of its next scheduled Advanced Notification of security bulletins.......

Categories: security

PlugX Remote Access Trojan Uses Dropbox to Communicate with Infected Machines (June 27 & 30, 2014)

Tue, 2014-07-01 15:00

Researchers at Trend Micro say that the group behind PlugX remote access Trojan (RAT) used a Dropbox account to transmit command-and-control updates to infected computers.......

Categories: security

Study Says Cyber Security Professional Shortage Will Fix Itself (June 27, 2014)

Tue, 2014-07-01 15:00

Jobs in cyber security are among the most difficult to fill.......

Categories: security

Privacy Groups Concerned About Cybersecurity Information Sharing Bill (June 27, 2014)

Tue, 2014-07-01 15:00

Cyber security legislation currently being considered in the US Senate could result in the NSA having access to even more personal data.......

Categories: security

Android Malware Selfmite Spreads Through SMS Messages (June 27, 2014)

Tue, 2014-07-01 15:00

Android malware known as Selfmite spreads through links in text messages.......

Categories: security

US Director of National Intelligence Transparency Report (June 27, 2014)

Tue, 2014-07-01 15:00

A transparency report from the US Office of the Director of National Intelligence says that the intelligence community targeted 89,000 foreigners and/or organizations in 2013.......

Categories: security