Threat Level: green Handler on Duty: Bojan Zdrnja

SANS ISC: Information Security News Information Security News


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Popular News

2 days ago Critical Cisco DCNM flaws: Patch right now as PoC exploits are released

ZDNet View Synopsis+1
The need to patch Cisco Data Center Network Manager for Nexus switches becomes even more urgent.

2 days ago Equifax Settles Mega-Breach Lawsuit for $1.38 Billion

InfoRiskToday View Synopsis+1
Federal Judge Gives Final Approval to Class-Action Settlement Over 2017 BreachA federal judge in Atlanta has given final approval to a settlement that resolves a class-action lawsuit against credit bureau Equifax, which in 2017 suffered one of the largest data breaches in history. The minimum cost to Equifax will be $1.38 billion.

2 days ago Middle East tech's biggest trends in 2019? Startups, 5G - and internet shutdowns

ZDNet View Synopsis+1
It was the year of unicorn sales, the launch of 5G, and enthusiasm for e-commerce, amid government crackdowns.

Top News

1 day ago Google removes WhatsGap from app store

ZDNet View Synopsis+1
The search engine giant claims the 'sensitive content' on WhatsGap violated the company's content policy.

1 day ago Top Euro court tells cops, spies that yelling 'national security' isn't enough to force ISPs to hand over massive piles of people's private data

The Register View Synopsis+1
Decision is preliminary and unenforced, though a good start

Analysis In a massive win for privacy rights, a preliminary ruling from the European Court of Justice (ECJ) has made clear that national security concerns do not override citizens' data privacy. Thus, ISPs should not be forced to hand over personal information without clear justification.…

1 day ago Senators Field Legislation to Build Huawei 5G Alternatives

InfoRiskToday View Synopsis+1
Proposed Fund Would Drive More Than $1 Billion Into Western-Based AlternativesOne gaping hole in the U.S. government's push to counter Chinese-built 5G telecommunications gear remains the lack of alternatives. But a bipartisan group of senators is seeking a $1 billion fund to create trusted, Western-built options.

1 day ago PoC Exploits Released for Crypto Vulnerability Found by NSA

SecurityWeek View Synopsis+1

Several proof-of-concept (PoC) exploits have already been created - and some of them have been made public - for CVE-2020-0601, the crypto-related Windows vulnerability that Microsoft patched recently after being notified by the U.S. National Security Agency.

1 day ago How to add a host to Observium

TechRepublic View Synopsis+1
Now that you have the Observium network monitoring platform installed, it's time to add a host.

Latest News

48 minutes ago Microsoft warns about Internet Explorer zero-day, but no patch yet

ZDNet View Synopsis+1
IE zero-day connected to last week's Firefox zero-day.

3 hours ago 'Friendly' hackers are seemingly fixing the Citrix server hole - and leaving a nasty present behind

The Register View Synopsis+1
Congratulations, you've won a secret backdoor

Hackers exploiting the high-profile Citrix CVE-2019-19781 flaw to compromise VPN gateways are now patching the servers to keep others out.…

3 hours ago FBI Takes Down Site Selling Subscriptions to Stolen Data

SecurityWeek View Synopsis+1

WeLeakInfo Website Taken Down in International Law Enforcement Operation

3 hours ago Microsoft Introduces Free Source Code Analyzer

SecurityWeek View Synopsis+1

Microsoft this week announced a new source code analyzer designed to identify interesting characteristics of code. 

3 hours ago Attacker Installs Backdoor, Blocks Others From Exploiting Citrix ADC Vulnerability

SecurityWeek View Synopsis+1

A threat group targeting the recently disclosed critical vulnerability in Citrix Application Delivery Controller (ADC) is installing their own backdoor while cleaning up other malware infections and blocking others from exploiting the vulnerability, FireEye has discovered.

3 hours ago 'Nice guy' hackers are seemingly fixing the Citrix server hole, but leaving a nasty present behind

The Register View Synopsis+1
Leave the backdoor. Take the exploit.

Hackers exploiting the high-profile Citrix CVE-2019-19781 flaw are now patching the servers to keep others out.…

3 hours ago Visa's plan against Magecart attacks: Devalue and disrupt

ZDNet View Synopsis+1
Visa is actively going after Magecart groups, but also deploying new technologies to safeguard payment card data.

4 hours ago 'WeLeakInfo' Website Shut Down

InfoRiskToday View Synopsis+1
Site Provided Access to 12 Billion Personal Records, Police AllegeLaw enforcement agencies in five countries have shut down WeLeakInfo.com, which allegedly provided cybercriminals with access to over 12 billion personal records culled from 10,000 data breaches.

4 hours ago Why baby boomers are looking to IoT and analytics to stay safe

TechRepublic View Synopsis+1
IoT security is becoming a top-of-mind priority in the personal care industry. Essence group believes it has the solution and had it on display at CES 2020.

4 hours ago Why blockchain-based cybersecurity may be the answer for vulnerable IoT networks

TechRepublic View Synopsis+1
CES 2020: A "hacked" robot was on display to demonstrate how SigmaDots serverless architecture is poised to fend off IoT security threats.

6 hours ago OnDemand Webinar | The Ripple Effect - An Examination of Multi-Party Security Incidents

InfoRiskToday View Synopsis+1
How Another Firm's Breach Could Impact Your Organization.Recommendations for protecting your organization from ripple events.

7 hours ago New phishing attack hijacks email conversations: How companies can protect employees

TechRepublic View Synopsis+1
By inserting themselves into business emails among employees, cybercriminals can trick victims into wiring money or sharing payment information, says security firm Barracuda Networks.

7 hours ago Singapore public sector called out for recurring IT lapses

ZDNet View Synopsis+1
Country's government agencies must resolve repeated lapses and plug weaknesses in IT controls, especially given the speed at which new IT systems are implemented, says government committee responsible for assessing how public funds are used.

9 hours ago Stolen creds site WeLeakInfo busted by multinational cop op for data reselling

The Register View Synopsis+1
One Irishman and one Dutchman both nicked

Two men have been arrested after Britain's National Crime Agency and its international pals claimed the takedown of breached credentials-reselling website WeLeakInfo.…