SANS ISC: Information Security News

• SANS Site Network
  • Current Site
  • Internet Storm Center
  • Other SANS Sites Help
  • Graduate Degree Programs
  • Security Training
  • Security Certification
  • Security Awareness Training
  • Penetration Testing
  • Industrial Control Systems
  • Cyber Defense Foundations
  • DFIR
  • Software Security
  • Government OnSite Training

Information Security News

10 hours ago Microsoft to Patch Internet Explorer Vulnerability Exploited in Targeted Attacks

Microsoft announced on Friday that it's in the process of developing a patch for a zero-day vulnerability in Internet Explorer that has been exploited in targeted attacks. Until a fix becomes available, the company has shared some workarounds and mitigations.

10 hours ago This new startup aims to make developers love security

Commentary: As more workloads move to the cloud, developers need help with security. Find out how the startup Cyral is helping to improve data security in the cloud.

7 hours ago The Role of Satellites in Quantum Key Distribution

Could satellites play a role in distributing next-generation encryption keys? Robert Bedington, CTO and co-founder at Singapore-based SpeQtral, describes quantum communications via satellites in this in-depth interview.

4 hours ago Hospital hacker spared prison after plod find almost 9,000 cardiac images at his home

NHS working with cops and ICO to determine if patients must be told

A Stoke-on-Trent hospital administrator has avoided prison after hacking his NHS trust and helping himself to almost 9,000 heart scan images.…

1 day ago Hacker leaks passwords for more than 500,000 servers, routers, and IoT devices

The list was shared by the operator of a DDoS booter service.

31 minutes ago Apple Received Tens of Thousands of Government Requests in H1 2019

Apple has published its latest transparency report, which provides details on the number of government requests the tech company received during the first half of 2019.

31 minutes ago Bill Would Create State Cybersecurity Leader Positions

DHS Would Fund Coordinators for Every StateA bipartisan group of U.S. senators has introduced legislation that would require the Department of Homeland Security to appoint cybersecurity leaders in each state to help combat growing cyberthreats against units of local government.

44 minutes ago Live Webinar | Targeted Attacks: How Sophisticated Criminals Bypass Enterprise Security Measures

1 hour ago This free ransomware decryption tool just got a handy update

Victims of Paradise ransomware can now retrieve even more encrypted files because researchers have updated a tool which is already denying cyber criminals ransom payments.

2 hours ago NIST Releases Framework for Privacy Risk Management

The National Institute of Standards and Technology (NIST) last week announced version 1.0 of its Privacy Framework, a tool designed to help organizations manage privacy risks.

2 hours ago Citrix Releases First Patches for Critical ADC Vulnerability

Citrix has started rolling out security patches for the recently revealed Citrix Application Delivery Controller (ADC) and Citrix Gateway vulnerability.

2 hours ago LastPass stores passwords so securely, not even its users can access them

Login management service sulks in days-long TITSUP* for some

Password manager LastPass appears to have had a big night out on Friday, to the point where the service needed a lenghty lie down over the weekend. In fact, for some users it is still horizontal.…

2 hours ago Money laundering: This startup thinks its tech can prevent another banking scandal

An Estonian startup says it can stop a repeat of the multi-billion Scandinavian bank money-laundering scandal.

3 hours ago Microsoft Warns of Zero-Day Internet Explorer Exploits

Patch Promised for Flaw Allegedly Exploited by 'DarkHotel' APT GangMicrosoft says it's prepping a patch to fix a memory corruption flaw in multiple versions of Internet Explorer that is being actively exploited by in-the-wild attackers, and issued mitigation guidance in the meantime. China's Qihoo 360 says the zero-day flaw has been exploited by the DarkHotel APT gang.

4 hours ago Mitsubishi Electric discloses security breach, China is main suspect

Mitsubishi Electric says hackers did not obtain sensitive information about defense contracts.