SANS ISC: Information Security News - Internet Security | DShield

• SANS Site Network
  • Current Site
  • Internet Storm Center
  • Other SANS Sites Help
  • Graduate Degree Programs
  • Security Training
  • Security Certification
  • Security Awareness Training
  • Penetration Testing
  • Industrial Control Systems
  • Cyber Defense Foundations
  • DFIR
  • Software Security
  • Government OnSite Training

Information Security News

2 hours ago Fraudster admits she was OPM dealer: Leaked US govt staff files used to bag cash, car loans

Woman admits she used stolen records to open bank accounts

A woman has fessed up to using people's personal information, leaked online from the US government's Office of Personnel Management mega-hack, to take out loans and open bank accounts.

1 hour ago "‹Attorney-General's Department caught up in PageUp breach

The Attorney-General's Department joins Wesfarmers, the National Australia Bank, Telstra, the Reserve Bank of Australia, Australia Post, Medibank, and the ABC as those potentially affected by the PageUp data breach.

50 minutes ago In Trump Rebuke, US Senate Votes to Reimpose Ban on China's ZTE

The US Senate defied President Donald Trump by voting Monday to overrule his administration's deal with Chinese telecom firm ZTE and reimpose a ban on high-tech chip sales to the company.

Senators added an amendment targeting ZTE into a sweeping, must-pass national defense spending bill that cleared the chamber on an 85-10 vote.

5 hours ago $4.3 Million HIPAA Penalty for 3 Breaches

MD Anderson Cancer Center Cited for Unencrypted DevicesA lack of device encryption will cost a Texas-based cancer treatment center $4.3 million in civil monetary penalties from the Department of Health and Human Services.

5 hours ago How to manage your organization's Microsoft Store Group Policy

A Microsoft Store Group Policy can be changed to prevent unauthorized installations and block existing native apps from being launched using AppLocker.

8 hours ago Vulnerabilities in these IoT cameras could give attackers full control, warn researchers

Researchers at VDOO discover vulnerabilities which, if left unpatched, could allow attackers to take control of the devices or rope cameras into botnets.

46 minutes ago It's time for TLS 1.0 and 1.1 to die (die, die)

IETF floats formal deprecation suggestion, even for failback

As TLS 1.3 inches towards publication into the Internet Engineering Task Force's RFC series, it's a surprise to realise that there are still lingering instances of TLS 1.0 and TLS 1.1.

2 hours ago Yubico snatched my login token vulnerability to claim a $5k Google bug bounty, says bloke

USB gizmo biz apologies amid infosec drama

Yubico has apologized to a security vulnerability researcher who had complained the dongle peddler lifted his work to nab a $5,000 Google bug bounty.

4 hours ago Could The U.S. Government's Move To The Commercial Cloud Stop Leaks And Breaches?

The US Government's growing move to the commercial cloud could dramatically improve its cybersecurity posture, reduce unauthorized leaking and lead to a modern security-first data culture.

4 hours ago Lenovo Ups Its Collaboration Game With The 'Switzerland' Of UC Devices

Earlier this month, Lenovo announced what looks like a unique addition to its portfolio of meeting room solutions, the ThinkSmart Hub 700. Lenovo says the ThinkSmart Hub 700 makes pairing simple, with smart hardware with sensors that are able to detect in-room participants. Here are my thoughts.

5 hours ago Google Increases Visibility Into Endpoints Accessing G Suite Data

A newly added "Endpoint Verification" feature in G Suite provides administrators with increased visibility into the computers that have access to corporate data.

5 hours ago Lenovo Ups Its Collaboration Game With The "Switzerland" Of UC Devices

Earlier this month, Lenovo announced what looks like a unique addition to its portfolio of meeting room solutions, the ThinkSmart Hub 700. Lenovo says the ThinkSmart Hub 700 makes pairing simple, with smart hardware with sensors that are able to detect in-room participants. Here are my thoughts.

5 hours ago Why cybersecurity must be built into IoT initiatives from the start

IoT increases the risk of cyber attacks. Here's what companies need to do to stay safe, according to John Wechsler, founder of the Indiana IoT Lab.

6 hours ago Live Webinar June 20th | Analyzing Human & Machine Behavior to Mitigate Account Takeover

6 hours ago Cybersecurity Insurance: How Underwriting Is Changing

Cybersecurity insurers, faced with growing demand, are looking for new ways to better measure their risks, says Aleksandr Yampolskiy, CEO of SecurityScorecard. So some are moving toward more carefully scrutinizing the cybersecurity postures of their potential clients.

7 hours ago Beware this Android emulator, it's hijacking your GPU to mine cryptocurrency

Users have accused Andy OS Android Emulator of secretly dropping a cryptocurrency miner on your system that runs endlessly.

7 hours ago Buzzword Bingo: Quantum, AI, Blockchain, Crypto

Thales e-Security's Jon Geater Separates Hype From UtilityQuantum computing, blockchain, crypto, internet of things: There's a lot of hype around these technology areas, says Jon Geater, CTO of Thales e-Security. So it's essential to pierce the hype and see what's useful and applicable for practitioners.

7 hours ago Compromised GitHub Account Spreads Malicious Syscoin Installers

Malware-laden Syscoin releases were up for download on an official GitHub repository after hackers managed to compromise an account and replace legitimate Windows installers.

10 hours ago Cyber Attack Aims to Manipulate Mexican Election

On Wednesday June 13, in the run-up to Mexico's July 1 presidential election, a website operated by the rightist National Action Party (PAN) was taken off-line for several hours by a DDoS attack. The outage occurred at the time of a televised presidential debate, and just following a point at which the PAN candidate held up a placard with the website address claiming it held proof of potential corruption.

10 hours ago The paranoid's guide to traveling to digitally scary places like Russia or China

If you're considering traveling to one of the many countries that has a dubious relationship with digital privacy, you'll need to protect yourself. While the standard advice is a VPN, David Gewirtz takes you a few steps deeper into the murky cloak and dagger world of digital tradecraft.

11 hours ago Strip Capita of defence IT contract unless things improve - Brit MPs

Committee calls for more public spending - but not with outsourcer

A Parliamentary committee has called for Capita to be stripped of its military recruiting IT contract unless its performance improves, as part of a wider call for UK defence spending to increase.