Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Information Security News - Internet Security | DShield Information Security News


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Popular News

1 day ago WPA2 security in trouble as Belgian boffins tease key reinstallation bug

The Register View Synopsis+1
Strap yourselves in readers, WiFi may be cooked

A promo for the upcoming Association for Computing Machinery security conference has set infosec types all a-Twitter over the apparent cryptographic death of the WPA2 authentication scheme widely used to secure WiFi connections.

1 day ago "‹Review asks for tighter Medicare card privacy controls from Human Services

ZDNet View Synopsis+1
Moving the authentication platform, educating citizens, and stricter privacy controls were among the steps recommended to the Department of Human Services by a review into heath providers' access to the Health Professional Online Services system.

22 hours ago Payment Cards Stolen in Pizza Hut Website Hack

SecurityWeek View Synopsis+1

Pizza Hut U.S. informed customers over the weekend that their payment card and contact information may have been compromised after cybercriminals breached its website.

Emails sent out by the restaurant chain to affected individuals describe the incident as a "temporary security intrusion" on PizzaHut.com.

19 hours ago WPA2 security in trouble as KRACK Belgian boffins tease key reinstallation bug

The Register View Synopsis+1
Strap yourselves in readers, Wi-Fi may be cooked

Updated A promo for the upcoming Association for Computing Machinery security conference has set infosec types all a-Twitter over the apparent cryptographic death of the WPA2 authentication scheme widely used to secure Wi-Fi connections.

17 hours ago WPA2 security flaw puts almost every Wi-Fi device at risk of hijack, eavesdropping

ZDNet View Synopsis+1
Security experts have said the bug is a total breakdown of the WPA2 security protocol.

Top News

2 hours ago "‹Australian government details Govpass digital ID

ZDNet View Synopsis+1
The government's digital identification system will match a user's photograph, as well as Medicare, driver's licence, and birth certificate details, with information already held by various departments.

47 minutes ago Russia tweaks Telegram with tiny fine for decryption denial

The Register View Synopsis+1
FSB wanted keys, messaging outfit said Nyet

Encrypted messaging app Telegram must pay 800,000 roubles for resisting Russia's FSB's demand that it help decrypt user messages.

17 hours ago Scary KRACK Hack Means Your Wi-Fi Is Probably Open To 'Devastating' Attacks

Forbes View Synopsis+1
Time to update your Wi-Fi router and devices as major vulnerability lands.

15 hours ago WiFi Security Shredded via KRACK Attack

InfoRiskToday View Synopsis+1
Most WiFi Devices Vulnerable to WPA2-Targeting ExploitsA Belgian security researcher has discovered a "serious weakness" in the WPA2 security protocols used to encrypt many WiFi communications. Attackers can exploit the flaws to eavesdrop as well as potentially inject code such as malware or ransomware into WiFi-connected systems. Prepare for patches.

1 day ago Novell Netware - A history Part 3

IT Toolbox Blogs View Synopsis+1
Portable NetWare represented a substantial departure for Novell, in that it was designed to allow the porting of server functions to a wide variety of operating systems and machines.

15 hours ago IBM taps blockchain to speed global payments across international borders

TechRepublic View Synopsis+1
IBM's new blockchain banking solution aims to make the process of international banking more simple and cost effective.

Latest News

5 hours ago Colossus veteran salutes Bletchley Park's first cyber-security graduates

ZDNet View Synopsis+1
Some of the first students to complete Qufaro's cyber-security course were presented with their certificates by a 94-year-old Colossus code-breaking veteran. The online course is a step towards setting up a cyber-security college at Bletchley Park.

5 hours ago Never mind the WPA2 drama... Details emerge of TPM key cockup that hits tonnes of devices

The Register View Synopsis+1
About a third of all crypto modules globally generate weak, crackable RSA pairs

RSA keys produced by smartcards, security tokens, laptops, and other devices using cryptography chips made by Infineon Technologies are weak and crackable - and should be regenerated with stronger algorithms.

6 hours ago Blood Test Results Exposed in Cloud Repository

InfoRiskToday View Synopsis+1
What Other Entities Should Do to Prevent Similar MishapsAn apparently misconfigured Amazon repository that exposed on the web medical data for approximately 150,000 patients serves as another important reminder of the need to protect cloud-based health information from being inadvertently accessible to the public.

7 hours ago Google isn't saying Microsoft security sucks but Chrome for Windows has its own antivirus

The Register View Synopsis+1
ESET scanning engine now bolted on, plus other defenses

In its ongoing effort to improve browser security, school Microsoft on security, and retain its search audience, Google is today rolling out several Chrome for Windows fortifications.

8 hours ago Security Flaw Prompts Fears on Wi-Fi Connections

SecurityWeek View Synopsis+1

A newly discovered flaw in the widely used Wi-Fi encryption protocol could leave millions of users vulnerable to attacks, prompting warnings Monday from the US government and security researchers worldwide.

8 hours ago Businesses should update Adobe Flash immediately to avoid this exploit

TechRepublic View Synopsis+1
Kaspersky Lab recently identified an Adobe Flash zero day exploit that has already been used in an attack in the wild.

8 hours ago Firm Backs Vulnerability Management Service With $1 Million Guarantee

SecurityWeek View Synopsis+1

San Francisco-based consulting firm AsTech has today announced a $1 million guarantee for its Qualys Managed Services offering. AsTech is one of a small but growing number of vendors applying a different approach to cyber insurance: a monetary guarantee against failure of their own products.

9 hours ago Here's a timeless headline: Adobe rushes out emergency Flash fix after hacker exploits bug

The Register View Synopsis+1
So much for that security-patch-free October

Adobe today issued an emergency security patch for Flash, which squashes a bug being used in the wild right now by hackers to infect Windows PCs with spyware.

9 hours ago Mobile Edge Computing on 5G Networks: Don't Forget About Security and Testing

SecurityWeek View Synopsis+1

5G is here. New cellular networks are being planned and rolled out around the world, exciting consumers and enterprises alike with the promise of huge jumps in performance. However, speed isn't the only benefit of 5G. The new network protocol is also giving rise to Mobile Edge Computing (MEC) - the ability to push applications and content to the edge of the cellular network.

9 hours ago Here's every patch for KRACK Wi-Fi vulnerability available right now

ZDNet View Synopsis+1
Vendors are reacting swiftly to a vulnerability which lets attackers eavesdrop on your network traffic.

10 hours ago Russia Fines Cryptocurrency World's Preferred Messaging App, Telegram

Forbes View Synopsis+1
Russia's government is gunning for Telegram. Why?

10 hours ago 5 Steps to a Successful ERP Project

IT Toolbox Blogs View Synopsis+1

Enterprise resource planning (ERP) can help your company plan, organize, and regulate the flow of information more productively and efficiently. But, ERP implementations can often be frustrating, leaving many project managers feeling like they're wasting their time.

At the beginning of any ERP project, you must consider many issues and concerns. Prerequisites to an actual ERP

10 hours ago Six ERP API Mistakes to Avoid

IT Toolbox Blogs View Synopsis+1

Application programmer interfaces matter.

 

A recent study by CA Technologies, formerly Computer Associates, found that 88 percent of enterprises currently use APIs, and a third of them drive revenue from them. More than half of executives

10 hours ago 5 Strategies to Attract Millennial Customers to Your Ecommerce Store

IT Toolbox Blogs View Synopsis+1
The millennial generation, which is made up individuals born between the 1980s and 2000s, is an influencing force in today's world. They carry an annual purchasing power of over $200 million and are trendsetters across all industries. As companies embrace digital marketing and e-commerce stores, the pressure to market to this generation and increase sales is exceedingly high.

10 hours ago RSA Conference Abu Dhabi: A Preview

InfoRiskToday View Synopsis+1
The RSA Conference returns to Abu Dhabi in November, and event organizers Linda Gray Martin and Britta Glade say this year's agenda is packed with new speakers and topics unique to this growing annual event.

10 hours ago Russia Reportedly Tried To Enflame US Politics With Pokémon Go, Too

Forbes View Synopsis+1
Along with Facebook, YouTube, Google, and Twitter, it seems that the most popular augmented reality game was also used to exert foreign influence over American voters last year.

11 hours ago Finding The Right Balance For Cloud Security

Forbes View Synopsis+1
Cloud security seems a bit overwhelming, but effective cloud security is really not that difficult if you embrace cloud-native solutions and find the right balance to effectively minimize risk without impeding productivity.