Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Information Security News - Internet Security | DShield Information Security News


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Popular News

17 hours ago Uber is watching your smartphone's battery charge

The Register View Synopsis+1
Browser vendors' Battery API deprecation can't come soon enough

Browser authors are abandoning the invasive Battery API W3C specification, but not everybody's got the memo: Uber, for example, still watches battery status.

13 hours ago Windows 10 Creators Update Brings New Security Capabilities

SecurityWeek View Synopsis+1

Microsoft Introduces New Enterprise Security Capabilities With Windows 10 Creators Update

Microsoft announced on Tuesday that the Windows 10 Creators Update, which it plans on releasing free of charge next spring, will include several new security capabilities designed to help IT teams protect their networks and devices.

10 hours ago Prison For Hacker Who Stole Scripts And Nudes From Celebs

Forbes View Synopsis+1
Alonzo Knowles took a keen interest in what celebrities and pro athletes were up to, but it went beyond following them on Twitter or Instagram. Knowles preferred to hack their email accounts and drop malware onto their computers.

2 days ago Thieves can guess your secret Visa card details in just seconds

ArsTechnica View Synopsis+1
Distributed guessing attacks are surprisingly effective.

1 day ago 1.4bn records from HaveIBeenPwned offered for your analytical pleasure

The Register View Synopsis+1
Troy Hunt's Christmas trove is a splendid gift for security and data nerds

Security researcher Troy Hunt had better hope his anonymisation works: he's decided to offer up most of his "HaveIBeenPwned" data set for other security researchers to analyse.

Top News

6 hours ago IoT Botnet Plague: Coming Soon to an ISP Near You

InfoRiskToday View Synopsis+1
Mirai Malware Targets TalkTalk Routers, Hides TracksComing soon to an internet service provider near you: routers infected by IoT device botnet-building malware such as Mirai. The latest victim is ISP TalkTalk, which is updating routers to block DDoS attackers who have been seizing control of the devices.

6 hours ago Suspects arrested in Russia central bank cyberheist: bank official

Yahoo Security View Synopsis+1

By Alexander Winning and Elena Fabrichnaya MOSCOW (Reuters) - Russian authorities arrested a large number of suspects in May in connection with the recently revealed electronic theft of $19 million from accounts held at the Russian central bank, an official said on Wednesday. The bank said last week that hackers had this year used fake client credentials to steal money from correspondent accounts -- used to handle transactions on behalf of another bank -- at the Bank of Russia. ...

6 hours ago These college students were behind BBC, Trump cyberattacks

ZDNet View Synopsis+1
One of the hacktivists who used distributed denial-of-service attacks to target major websites is still a teenager.

5 hours ago Learn cybersecurity basics with these essential YouTube videos

TechRepublic View Synopsis+1
A hand-picked list of must-watch cybersecurity videos to help you learn the fundamentals of encryption, how hackers penetrate systems, and strong cyber-defense tactics for business.

1 day ago SANS 2016 Security Analytics Survey

SANS Reading Room View Synopsis+1
Analyst Papers, Analytics, Intelligence

1 day ago Millions exposed to malvertising that hid attack code in banner pixels

ArsTechnica View Synopsis+1
Manipulated images are almost impossible to detect by the untrained eye.

Latest News

22 minutes ago Sigh... 'Hundreds of thousands' of... sigh... web CCTV cams still at risk of... sigh, hijacking

The Register View Synopsis+1
It's been two years and no patches, say researchers

Vid Amid ongoing malware infections of IoT gadgets and armies of commandeered gizmos attacking server, glaring security holes in web-connected CCTV cameras are going unpatched.

50 minutes ago Could this be you? Really Offensive Security Engineer sought by Facebook

The Register View Synopsis+1
'Here's your new password, champ - GoF***Urs3lf'

Facebook is hiring an Offensive Security Engineer, and not the sort inclined to disparage the length of your keys or your choice of encryption algorithm.

3 hours ago Don't have a (Dirty) COW, man: Android gets kernel hijack patch

The Register View Synopsis+1
Meanwhile, another nasty Linux bug surfaces

Google has posted an update for Android that, among other fixes, finally closes the Dirty COW vulnerability.

3 hours ago 21st Century Cures Act Awaits President's Signature

InfoRiskToday View Synopsis+1
Senate Enacts Bill Containing Several Privacy, Security ProvisionsPresident Obama is expected to soon sign the 21st Century Cures Act, which the Senate passed on Dec. 7. Among its long list of provisions, the bill lays out a number of privacy and security-related projects for HHS, including imposing fines on those that intentionally block health data information sharing.

4 hours ago Worried about identity theft? Then you should avoid these password pitfalls

TechRepublic View Synopsis+1
We're constantly reminded of the risks that come with bad passwords, yet many people persist in using obvious and easy-to-crack names, words, and patterns. Want to know if you're at risk?

5 hours ago Floki Bot Developer Imports Cybercrime Tools to Brazil

SecurityWeek View Synopsis+1

Cisco Talos and Flashpoint have teamed up to conduct an in-depth analysis of Floki Bot, a Zeus-based banking Trojan that has been sold on cybercrime marketplaces since September 2016.

6 hours ago Massive Stealthy Malvertising Campaign Uncovered

SecurityWeek View Synopsis+1

A stealthy malvertising campaign has been flying under the radar for the last few months, targeting millions of readers visiting popular and mainstream news sites. The campaign is notable for stealth bordering on paranoia from the threat group, probably AdGholas.

7 hours ago NIST's Cybersecurity Framework offers small businesses a vital information security toolset

TechRepublic View Synopsis+1
Small businesses run lean, and bad guys know that means security may be less than adequate. NIST researchers share ways that small businesses can protect their information.

7 hours ago The cloud security advantage

ZDNet View Synopsis+1
Is the cloud about to shed its reputation for decreasing enterprise security - and will instead enhance it?

7 hours ago Fighting Fraud with Behavioral Biometrics and Cognitive Fraud Detection

InfoRiskToday View Synopsis+1
As fraudsters continually refine their techniques to steal banking customers' credentials, IBM fights back with new tools that use behavioral biometrics and cognitive fraud detection. IBM's Brooke Satti Charles offers a preview.

8 hours ago Nintendo Will Pay You Up To $20,000 To Hack The 3DS

Forbes View Synopsis+1
Nintendo has joined the long list of companies that are turning to independent researchers for help plugging security holes. They're looking for helping securing their 3DS portable console, and they'll pay up to $20,000 to anyone who finds a bug.

8 hours ago Trump Is Time Magazine's Person of the Year

Yahoo Security View Synopsis+1

WASHINGTON (AP) - Time magazine on Wednesday named Donald Trump its Person of the Year, bestowing what the president-elect called an "honor" even as he derided the idea that he'll lead "the Divided States of America."

9 hours ago Researchers Devise New Dirty COW Attack Against Android

SecurityWeek View Synopsis+1

A newly discovered attack that abuses the Dirty COW vulnerability in the Linux kernel can be leveraged to write malicious code directly into processes, Trend Micro security researchers say.

10 hours ago The smart city security nightmare: How cities can stay awake

TechRepublic View Synopsis+1
One of the elephants in the room at the 2016 Smart Cities Summit in Boston was cybersecurity. It threatens to derail the most optimistic plans for making cities more efficient and more responsive.

10 hours ago Trump is Time magazine's Person of the Year

Yahoo Security View Synopsis+1

WASHINGTON (AP) - Time magazine on Wednesday named President-elect Donald Trump its Person of the Year.

10 hours ago Does 2016 Mark the End of Cyber Pearl Harbor Hysteria?

Forbes View Synopsis+1
Since 1991, proponents of greater cybersecurity have warned of an impending "cyber Pearl Harbor"--or sometimes its sibling, the cyber 9/11--to motivate a response to the cyber threats facing the United States. For years, I have been a critic of such cyber-doom rhetoric, arguing that it is a potentially dangerous distraction [...]