Threat Level: green Handler on Duty: Tom Webb

SANS ISC: Information Security News - Internet Security | DShield Information Security News


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Popular News

12 hours ago Attacker Uses Virtual Machine to Hide Malicious Activity

SecurityWeek View Synopsis+1

Cybercriminals have discovered a new method of hiding their nefarious activity on compromised machines, by using virtual machines (VMs), SecureWorks researchers warn.

1 day ago Two Model S cars were stolen despite Tesla's advanced tech

Yahoo Security View Synopsis+1
You'd have thought that nobody can steal your Tesla thanks to its advanced tracking system. Thieves foolish enough to try to get away with it could be easily caught with the help of the on-board GPS. However, that's not really the case. Tesla cars are incredibly valuable, which means thieves will do whatever it takes to grab one and leave no traces behind. In fact, at least two such thefts have already been reported in Europe. DON'T MISS: This is our first look at one of the two brand new PS4 consoles launching next month Two Tesla owners in Germany discovered that their Tesla Model S cars were stolen, Electrek reports . One of them is a brand new Tesla Model S P90D that was picked up on August 2nd, and another model disappeared on June 11th. Neither car has turned up yet, and it's not clear how it happened or whether their owners will ever get them back. It's believed that hackers were able to breach the owners' Tesla accounts and then use iPhone or Android apps to access and drive the cars away. One of the drivers said he still has the keys to the car. They also had to jam the GPS signal on the cars, although it's not clear how they did it. Last year, a Model S was briefly stolen in Vancouver, but the owner was able to direct the police to the location of the car by using tracking data from his account. It would certainly be interesting to hear how the thieves plan to use these stolen Teslas. Simply painting the cars over and changing their plates won't suffice. To take advantage of Tesla's features, you also have to use the car's software. And we all know Tesla keeps track of what happens with each car, so it might be able to find these stolen vehicles if they ever reconnect to the system. Tesla has yet to comment on the matter, but it's likely that the company is looking at ways to retrieve the stolen cars, and prevent similar thefts in the future.

16 hours ago Juniper Confirms Leaked Implants Target Its Products

SecurityWeek View Synopsis+1

Juniper Networks has analyzed the implants leaked by Shadow Brokers and while it has confirmed that some of them target its products, the company has not found any evidence that they exploit a vulnerability.

1 day ago Australia Post says use blockchain for voting. Expert: you're kidding

The Register View Synopsis+1
Centralise the decentralised. Magic happens, then profit

A prominent privacy consultant has criticised Australia Post's intervention in the Australian State of Victoria's inquiry into electronic voting.

23 hours ago Is 'Pokémon GO' Keeping Tabs on Your Children?

Forbes View Synopsis+1
Just as the characters in the game pop up in unexpected places, so have "real world" issues.

Top News

1 hour ago Federal government claims DCNS data leak has 'no bearing' on Australia

ZDNet View Synopsis+1
Australia has not been affected by leaked documents revealing details around the combat capability of submarines that French company DCNS built for the Indian Navy, the government has said.

1 hour ago Hacked hookup site Ashley Madison's security was laughable

The Register View Synopsis+1
Canadian and Australian privacy watchdogs bite, hard

Ruby Corp, the rebranded parent company of illicit-affair-arranging outfit Ashley Madison, has had to enter into court-enforceable orders with privacy authorities in Canada and Australia, following the findings of a joint investigation in the two countries.

19 seconds ago New York Times says suspected Russian hackers targeted Moscow bureau

Yahoo Security View Synopsis+1

The New York Times said on Tuesday its Moscow bureau was targeted by a cyber attack this month but that there was no evidence the hackers, believed to be Russian, were successful. "We are constantly monitoring our systems with the latest available intelligence and tools," Times spokeswoman Eileen Murphy told the newspaper. "We have seen no evidence that any of our internal systems, including our systems in the Moscow bureau, have been breached or compromised." Earlier on Tuesday, CNN, citing unnamed U.S. officials, reported that the Federal Bureau of Investigation and other U.S. security agencies were investigating cyber breaches targeting reporters at the Times and other U.S. news organizations that were thought to have been carried out by hackers working for Russian intelligence.

12 hours ago Ransomware Gets Pokémon Go Treatment

InfoRiskToday View Synopsis+1
Crypto-Locking Ransomware Victims: Gotta Catch 'Em AllNew DetoxCrypto ransomware encrypts dozens of different file types with AES-256, adds a backdoor and admin-level account to Windows, then locks systems and demands a ransom, often using Pokémon-themed graphics and music.

10 hours ago Report: 82% of hospitals fear they aren't prepared for mobile cyberattacks

TechRepublic View Synopsis+1
As more hospitals deploy mobile devices for clinical communications, staff and IT leaders worry that cybercriminals will hack them and steal medical records.

6 hours ago NSA-linked Cisco exploit poses bigger threat than previously thought

ArsTechnica View Synopsis+1
With only a small amount of work, ExtraBacon will commandeer new versions of ASA.

4 hours ago NASA CIO Lets Network Cybersecurity Authorization Expire (August 22, 2016)

SANS Newsbites View Synopsis+1

NASA's CIO has allowed cybersecurity authorization for one of the agency's main networks to expire.......

Latest News

9 hours ago Researchers Bypass Modern Face Authentication Systems

SecurityWeek View Synopsis+1

Researchers with the University of North Carolina at Chapel Hill have demonstrated a new method of successfully bypassing modern face authentication systems.

6 hours ago Ashley Madison parent broke Canada, Australia privacy laws

Yahoo Security View Synopsis+1

The parent company of infidelity dating website Ashley Madison was responsible for numerous violations of privacy laws at the time of a massive release of customer data in a cyber attack last year, privacy watchdogs in Canada and Australia said on Tuesday. The two countries launched an investigation after the 2015 breach of Avid Life Media Inc's computer network, when hackers exposed the personal details of millions who signed up for the site with the slogan "Life is short. Have an affair." The probe found the Toronto-based company had inadequate safeguards in place, including poor password management and a fabricated security trustmark on the website's home page.

7 hours ago Blizzard blighted by another DDoS storm

The Register View Synopsis+1
Someone like fragging servers

Blizzard, the game developer behind World of Warcraft and Overwatch, was hit by another DDoS attack on Tuesday.

8 hours ago US faces pushback on proposals to collect tourists' social media handles

ZDNet View Synopsis+1
Rights groups worry that a refusal to disclose may hurt visa applications.

10 hours ago EU ministers look to tighten up privacy - JUST KIDDING - surveillance laws

The Register View Synopsis+1
No phone taps on WhatsApp is whack, moan spymasters

European ministers are debating a clampdown on encryption and a further increase in surveillance in response to mounting terrorist threats.

1 hour ago Boffins design security chip to spot hidden hardware trojans in processors

The Register View Synopsis+1
When fabs go rogue

Scientists at the NYU Tandon School of Engineering have designed a new form of application-specific integrated circuit (ASIC) designed to spot hidden vulnerabilities deep within a processor's design.

3 hours ago France, Germany push for access to encrypted messages after wave of terror attacks

ZDNet View Synopsis+1
But it conflicts with a recent review of EU privacy rules, which concluded that the use of encryption should be encouraged.

3 hours ago The Details Behind HHS Breach Investigation Ramp-Up

InfoRiskToday View Synopsis+1
In this in-depth interview, Iliana Peters of the HHS Office for Civil Rights explains the agency's strategy for ramping up investigations of health data breaches affecting fewer than 500 individuals.

3 hours ago Cheating site had inadequate security, privacy officials say

Yahoo Security View Synopsis+1
TORONTO (AP) - Privacy officials in Canada and Australia have found that cheating website Ashley Madison had inadequate security safeguards and policies despite marketing itself as a discreet and secure service

4 hours ago The Details Behind HHS's Breach Investigation Ramp-Up

InfoRiskToday View Synopsis+1
In this in-depth interview, Iliana Peters of the HHS Office for Civil Rights explains the agency's strategy for ramping up investigations of health data breaches affecting fewer than 500 individuals.

4 hours ago Report: Which Android Manufacturers Push Out Updates Most Quickly? (August 19, 2016)

SANS Newsbites View Synopsis+1

According to a report from Apteligent, Motorola pushed out Android fixes more quickly than any other manufacturer except for Google's Nexus devices, which receive the updates the day they are released.......

4 hours ago Some Healthcare Providers Not Encrypting Data in Transit (August 22, 2016)

SANS Newsbites View Synopsis+1

According to a survey from the Healthcare Information Management Systems Society (HIMSS), roughly one-third of hospitals, and more than half of non-acute healthcare providers do not encrypt patient data while in transit.......

4 hours ago Australian Teen Will Not be Jailed for DDoS Attacks (August 21 and 22, 2016)

SANS Newsbites View Synopsis+1

An Australian teenager who pleaded guilty to launching distributed denial-of-service (DDoS) attacks against a bank, a school and the Australian Cybercrime Reporting network, will not go to jail.......

6 hours ago FBI Probing Possible Russian Hack of US Newsrooms: CNN

SecurityWeek View Synopsis+1

Hackers with apparent ties to Russia have conducted a series of cyber attacks on US media outlets including the New York Times, CNN reported Tuesday.

6 hours ago Russians suspected in hack of New York Times, other U.S. media: CNN

Yahoo Security View Synopsis+1

The FBI and other U.S. security agencies are investigating cyber breaches targeting reporters at the New York Times and other U.S. news organizations that are thought to have been carried out by hackers working for Russian intelligence, CNN reported on Tuesday, citing unnamed U.S. officials. "Investigators so far believe that Russian intelligence is likely behind the attacks and that Russian hackers are targeting news organizations as part of a broader series of hacks that also have focused on Democratic Party organizations, the officials said," CNN said. The FBI declined to comment, and representatives for the U.S. Secret Service, which has a role in protecting the country from cyber crime, did not immediately reply to a request for comment.

8 hours ago Euro Police Arrest 75 in Major Online Child Abuse Swoop

SecurityWeek View Synopsis+1

The Hague - Police swooped in 28 European countries and arrested 75 suspects for sharing child sex images on the internet while investigating 207 cases across the continent, Europe's policing agency said Tuesday.

8 hours ago Malware Targets Hillary-Haters With False Promise of Video Showing ISIS Payoff

Forbes View Synopsis+1
A malicious email tries to lure people into following a link that downloads malware into their computer by promising to reveal a nonexistent video showing Hillary Clinton exchanging money with an ISIS leader.

8 hours ago Wikileaks Publishes Details Of Rape Victims: Exposing Tyranny, Or A Tyrant Itself?

Forbes View Synopsis+1
Wikileaks has been accused of routinely exposing highly sensitive personal information, including the identities of teenage rape victims and a gay Saudi man. But its brief is to expose information involving 'war, spying and corruption' - not simply whatever official documents it happens to get its hands on.

9 hours ago Singapore to review VPN role in copyright infringement

ZDNet View Synopsis+1
Government seeks public feedback on proposed changes to the country's copyright laws to keep pace with technological developments, including a review of VPN's role in circumventing geo-blocks.