Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: Information Security News Information Security News

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Popular News

2 days ago 455,000 Turkish card details put up for sale, web skimmers suspected

ZDNet View Synopsis+1
Biggest dump of Turkish payment card details recorded in recent years.

2 days ago iOS 13.3 brings bug fixes and a new security feature, but does it bring new bugs

ZDNet View Synopsis+1
iOS 13.3 and iPadOS 13.3 landed last night, and as well as bringing with them a whole array of bug fixes, but also a new security feature to help protect users from attacks.

2 days ago Joker's Stash Celebrates Turkey Day With Stolen Card Data

InfoRiskToday View Synopsis+1
Fraudsters Invited to Dine Out on 460,000 Stolen Turkish Payment CardsThe notorious Joker's Stash carding forum has recently listed for sale 460,000 records, including never-before-seen payment card data that traces to Turkey's 10 largest banks, in four "Turkey-Mix" batches, says cybersecurity firm Group-IB.

2 days ago Beware of bad Santas this Xmas: Piles of insecure smart toys fill retailers' shelves

The Register View Synopsis+1
Latest Which? study with NCC Group highlights toys it ain't smart to buy

It seems to come around quicker every year - the failure of so-called smart toys to meet the most basic of security requirements. Which? has discovered a bunch of sack fillers that dirtbags can use to chat to your kids this Christmas.…

2 days ago Adobe patches 17 critical code execution bugs in Photoshop, Reader, Brackets

ZDNet View Synopsis+1
Other vulnerabilities resolved include privilege escalation and information leaks.

Top News

1 day ago Analysts find connection between North Korean military and crimeware organization TrickBot

TechRepublic View Synopsis+1
Researchers with SentinelLabs say they have found one of "the first known links between cybercrime groups and nation-state actors."

1 day ago FBI shares security advice for online shopping

ZDNet View Synopsis+1
FBI: Use credit cards rather than debit cards, don't use public WiFi, keep your devices updated, and more.

1 day ago McAfee Considers Purchase of NortonLifeLock: Report

InfoRiskToday View Synopsis+1
Former Symantec Consumer Business Unit Continues to Attract InterestMcAfee's ownership team is exploring a deal to acquire NortonLifeLock, the renamed, publicly traded firm that was formerly the consumer and small business security division of Symantec, according to the Wall Street Journal, which cites "people familiar with the matter."

1 day ago Iran Says Repelled a 'Highly Organized Cyber Attack'

SecurityWeek View Synopsis+1

An Iranian minster said Wednesday the Islamic republic had recently thwarted a "highly organiz ed cyber attack" targeting its e-government infrastructure.

1 day ago Google Chrome will check for leaked credentials every time you sign in anywhere

The Register View Synopsis+1
Double-encrypted. That said, if you're worried about over-sharing, what are you doing on Chrome?

A new feature in Google's Chrome browser will warn you if your username and password matches a known combination in a security breach every time you type credentials into any website.…

Latest News

22 minutes ago FireEye Launches New OT Threat Intelligence Service

SecurityWeek View Synopsis+1

FireEye this week unveiled a new threat intelligence service focusing on operational technology (OT) and other systems that manage physical processes.

The company says its Cyber Physical Threat Intelligence service provides organizations context, data and actionable analysis on threats targeting OT, ICS and IoT systems.

1 hour ago North Korean Hackers Tapping Into TrickBot: Report

InfoRiskToday View Synopsis+1
Researchers See Connections Between Lazarus Group and Crimeware DevelopersNew research finds that hackers linked to the North Korean government are now renting the botnet created by TrickBot malware, as well as access to a highly customized malicious framework, to help further their goals - including targeting payment systems.

1 hour ago Is your Organization Suffering From Third-Party "Compliance Drift"?

InfoRiskToday View Synopsis+1
Countermeasures to Keep your Compliance On Track and as Originally Designed

Third-party vendors accessing your most critical systems and networks can also bring in security incidents along with all those wonderful things they promised in the sales presentation.

1 hour ago WhatsApp Will Take Legal Action Against Automated or Bulk Messaging

SecurityWeek View Synopsis+1

Messaging platform WhatsApp this week announced plans to take legal action against individuals and companies that abuse the platform for bulk messaging.

2 hours ago Twitter Funding New Blockchain-Based Social Media Platform

SecurityWeek View Synopsis+1

Twitter Funds Team to Develop an Open and Decentralized Standard for Social Media

2 hours ago Mozilla to force all add-on devs to use 2FA to prevent supply-chain attacks

ZDNet View Synopsis+1
New rule to enter effect starting next year, in 2020.

2 hours ago Georgia Wire Manufacturer Struck by Ransomware

InfoRiskToday View Synopsis+1
Southwire Says It's Bringing Systems Back OnlineA large Atlanta-area manufacturer of wire and cable says it has brought some systems back online after what appears to be a ransomware infection. Southwire Co., based in Carrollton, Georgia, tweeted on Thursday that "we are doing all we can to minimize and resolve this disruption."

4 hours ago Spammers force Keybase to stop Stellar Space Drop cryptocurrency handouts

ZDNet View Synopsis+1
A rush of new fake accounts has forced Keybase to rethink its free Lumen drops.

4 hours ago Ransomware: Cybercriminals are adding a new twist to their demands

ZDNet View Synopsis+1
Pay the ransom or we'll leak your data is the latest trend, warns cybersecurity company.

6 hours ago Ever wonder how hackers could possibly pwn power plants? Here are 54 Siemens bugs that could explain things

The Register View Synopsis+1
Arbitrary code execution in a controller, what could go wrong?

Siemens industrial control systems designed specifically for energy plant gear are riddled with dozens of security vulnerabilities that are, luckily enough, tricky to exploit from the outside.…