Threat Level: green Handler on Duty: Manuel Humberto Santander Pelaez

SANS ISC: Information Security News - Internet Security | DShield Information Security News


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Popular News

15 hours ago No stars for Internet of Things security

ZDNet View Synopsis+1
At this week's AusCERT 2016 conference, an embedded device security specialist proposed a 'Security Star' rating for consumer IoT devices. It's a great idea, but it'll never happen.

14 hours ago If Microsoft is banning stupid passwords, why does it still allow "Pa$$w0rd1"?

ArsTechnica View Synopsis+1
Sadly, there's not much services can do to save users from their own poor habits.

10 hours ago Push for encryption law falters despite Apple case spotlight

Yahoo Security View Synopsis+1

By Dustin Volz, Mark Hosenball and Joseph Menn WASHINGTON/ SAN FRANCISCO (Reuters) - After a rampage that left 14 people dead in San Bernardino, key U.S. lawmakers pledged to seek a law requiring technology companies to give law enforcement agencies a "back door" to encrypted communications and electronic devices, such as the iPhone used by one of the shooters. Draft legislation that Senators Richard Burr and Dianne Feinstein, the Republican and Democratic leaders of the Intelligence Committee, had circulated weeks ago likely will not be introduced this year and, even if it were, would stand no chance of advancing, the sources said. Key among the problems was the lack of White House support for legislation in spite of a high-profile court showdown between the Justice Department and Apple Inc over the suspect iPhone, according to Congressional and Obama Administration officials and outside observers.

9 hours ago What's a backlog for anyway?

IT Toolbox Blogs View Synopsis+1

In my job, we have a good ideas go to die.  It's called "The Backlog".  I don't like it.  I don't think it's a good thing.  But it's true and real.

 

In practice our backlog has become a parking lot for anything we forgot, couldn't get done or came up after it was too late to do.  It's a bone yard for ideas.  Our backlog contains partial solutions

6 hours ago Reddit forces password reset of 100,000 users

ZDNet View Synopsis+1
A flurry of hacked accounts has forced Reddit to take action.

Top News

12 hours ago Quiet cryptologist Bill Duane's war with Beijing's best

The Register View Synopsis+1
The co-developer of RSA's SecureID explains how he fought against Chinese crack

AusCERT In March 2011, a suspected-to-be-Beijing-backed hacking unit infiltrated security giant RSA, successfully subverted its SecureID product and hacked top American defence contractor Lockheed Martin.

7 hours ago ISMG Security Report: To Whom Should CISO Report?

InfoRiskToday View Synopsis+1
The U.S. Congress delves into the issue of whether CISOs should report to CIOs, a topic that leads the Friday, May 27, 2016, edition of the ISMG Security Report, an on-demand audio report offered every Tuesday and Friday.

4 hours ago TorrentLocker Detected Targeting Computers in Sweden

SecurityWeek View Synopsis+1

A new TorrentLocker campaign has been detected by Heimdal Security that is geographically focused on Sweden. And like earlier campaigns, this ransomware threat is delivered by email spam - this one spoofing an invoice from the international Telia communications firm headquartered in Stockholm, Sweden.

3 hours ago 5 ways to secure OS X

TechRepublic View Synopsis+1
With OS X security exploits on the rise, Jesus Vigo takes a look at 5 ways to better protect your Mac from malware infections and data loss.

2 hours ago Under The Ocean of the Internet - The Deep Web

SANS Reading Room View Synopsis+1
The Internet was a revolutionary invention, and its use continues to evolve. People around the world use the Internet every day for things such as social media, shopping, email, reading news, and much more. However, this only makes up a very small piece of the Internet, and the rest is filled by an area called The Deep Web.

22 hours ago The Second Reformation: Transitioning To The Economic Era

Forbes View Synopsis+1
This article was originally published at Stratfor.com. Editor's Note: The Global Affairs column is curated by Stratfor's editorial board, a diverse group of thinkers whose expertise inspires rigorous and innovative thought in our analyses. Though their opinions are their own, they inform and sometimes even challenge our beliefs. We welcome that [...]

Latest News

1 hour ago SYS SQL Script Security

IT Toolbox Blogs View Synopsis+1
SYS on demand for Oracle developers

1 hour ago Another Look at Tuning Big Data Queries - The Queries

IT Toolbox Blogs View Synopsis+1

Most DBMSs have a feature for analyzing query access paths called explain. Explain inputs a query, analyzes the multiple possible data access paths, assigns a cost to each one, and reports the final access path with the lowest cost. Here, cost is a function of CPU usage and disk I/O required for data retrieval.

 

This query path optimization requires that the DBMS have a statistical

1 hour ago Android Trojans Exploit Marshmallow's Permission Model

SecurityWeek View Synopsis+1

The authors of Android Trojans have adapted their attack models to target the permission-granting model that Google has introduced in Android 6.0 Marshmallow, security firm Symantec has discovered.

3 hours ago Reddit Counters Account Takeover Surge with Password Resets

SecurityWeek View Synopsis+1

In the light of several recent data breaches and account compromises, Reddit has decided to kick off a service-wide hunt for account takeovers and is prompting users to reset their passwords when such an issue is detected.

3 hours ago Mandatory Breach Notifications: Europe's Countdown Begins

InfoRiskToday View Synopsis+1
Start preparing immediately for the EU's new General Data Protection Regulation - even though it doesn't go into force for two more years - because it mandates a number of new privacy and security requirements, warns cybersecurity expert Brian Honan.

4 hours ago FOURTH bank hit by SWIFT hackers

The Register View Synopsis+1
Has Sony Pics' Lazarus crew come back from the dead?

A fourth bank, this time in the Philippines, has been attacked by hackers targeting the SWIFT inter-bank transfer system.

4 hours ago Dedupe, dedupe, dedupe dedupe dedupe... Who snuck in to attack Microsoft Edge?

The Register View Synopsis+1
DRAM, dude! Rowhammer brings down secure browser

Security researchers have discovered a means to use previously unknown vulnerabilities found in in-memory deduplication to attack otherwise well-defended systems.

4 hours ago SWIFT eyes new technology to spot cyber theft

Yahoo Security View Synopsis+1

By Tom Bergin LONDON (Reuters) - The SWIFT secure messaging service, which banks use to transfer money around the world, outlined on Friday areas in which it hopes to improve security, following attacks in which hackers stole millions of dollars from banks in Bangladesh and Ecuador. SWIFT said on Friday it would consult its users, which are also its owners, about new measures, including the potential to develop new tools that could allow it to spot fraudulent payment instructions. Historically, the Society for Worldwide Interbank Financial Telecommunication's (SWIFT) core business has focused on simply passing authenticated messages between banks.

5 hours ago Troy Hunt: The Delicate Balance in Data Breach Reporting

InfoRiskToday View Synopsis+1
'Have I Been Pwned?' Walks the Line Between Notification, PrivacyTroy Hunt, who runs one of the most prominent services for discovering if your data has been exposed in a data breach, shares his thoughts on LinkedIn's recent breach and how his approach to disseminating data breach details continues to evolve.

5 hours ago Key issues at G-7: Global economy, terrorism, women

Yahoo Security View Synopsis+1

The leaders of the Group of Seven industrialized economies pledged to tackle major economic and political risks including terrorism, floods of refugees, climate change and cyber-attacks. Here are highlights ...

5 hours ago EU member states should stress-test banks' cyber risks: European Banking Authority chairman

Yahoo Security View Synopsis+1

By Matthew Miller BEIJING (Reuters) - Domestic authorities in European Union member states should stress-test their financial institutions for cyber risks, a top E.U. supervisor said, warning banks might be required to hold extra capital as a buffer against what is an emerging threat. Speaking to Reuters in Beijing on Friday, Andrea Enria, chairman of the European Banking Authority (EBA), said cyber security had become an important issue for E.U. member states. "But if you ask me would I recommend competent authorities to think more on this and consider running this type of stress test?

10 hours ago Symantec pins Philippines bank attack on Bangladesh Bank heist group

ZDNet View Synopsis+1
Code similarities between two pieces of malware has led to security vendor Symantec saying the group responsible for the $81 million Bangladesh Bank heist hit a bank in the Philippines beforehand.