Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Information Security News - Internet Security | DShield Information Security News


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Popular News

19 hours ago May the May update be with you: OpenSSL key sniffed from radio signal

The Register View Synopsis+1
'One and Done' attack patched in library's May 2018 release

If you missed the OpenSSL update released in May, go back and get it: a Georgia Tech team recovered a 2048-bit RSA key from OpenSSL using smartphone processor radio emissions, in a single pass.

20 hours ago DoD Launches 'Hack the Marine Corps' Bug Bounty Program

SecurityWeek View Synopsis+1

The U.S. Department of Defense on Monday announced the launch of "Hack the Marine Corps," the organization's sixth bug bounty program.

Similar to previous programs run by the Pentagon, Hack the Marine Corps is hosted by bug bounty platform HackerOne.

20 hours ago Man-in-the-Disk attacks take advantage of Android storage systems

ZDNet View Synopsis+1
The novel attack technique relies on Android developers which use lazy storage protocols.

19 hours ago Hackers can infiltrate police body cameras to tamper with evidence

ZDNet View Synopsis+1
It is possible that crucial recordings could be modified or deleted due to vulnerabilities in body cam software.

19 hours ago FBI Warns Of Pending Large Scale ATM Cashout Strike

InfoRiskToday View Synopsis+1
Attack May Pivot On A Data Breach At 'Unknown Card Issuer' Agency SaysThe FBI warns that cybercriminals are planning a large-scale operation aimed at emptying ATMs, a type of attack that has caused swift and costly losses for financial institutions. The attack may utilize data from a breach of an unknown card issuer, the FBI says.

Top News

2 hours ago Florida Man laundered money for Reveton ransomware. Then Microsoft hired him

The Register View Synopsis+1
Former network engineer gets 18 months in the clink

A former Microsoft network engineer will be spending a sojourn behind bars after pleading guilty to conspiracy to commit money laundering.

2 hours ago North Dakota Guard Unit Alerted of Potential Deployment

SecurityWeek View Synopsis+1

BISMARCK, N.D. (AP) - A North Dakota Army National Guard unit based in Bismarck has been notified it could be mobilized.

Detachment 1, 174th Cyber Protection Team has about seven soldiers on an alert status. The unit is led by 1st Lt. Charles Werner of Upham.

11 hours ago Phishing attacks hit financial services, tech companies hardest: How to stay safe

TechRepublic View Synopsis+1
Cybercriminals used phishing attacks to steal user data and money, according to a recent Kaspersky Lab report.

8 hours ago Intel's SGX blown wide open by, you guessed it, a speculative execution attack

ArsTechnica View Synopsis+1
Speculative execution attacks truly are the gift that keeps on giving.

Latest News

1 hour ago Tech Giants Face Hefty Fines Under Australia Cyber Laws

SecurityWeek View Synopsis+1

Tech companies could face fines of up to Aus$10 million (US$7.3 million) if they fail to hand over customer information or data to Australian police under tough cyber laws unveiled Tuesday.

5 hours ago Patch Tuesday heats up with pair of exploited zero-days squashed - plus 58 other vulns fixed

The Register View Synopsis+1
Summertiiiiiime, and the hacking is easy

Microsoft and Adobe have teamed up to deliver more than 70 patches with this month's Patch Tuesday batch released today.

5 hours ago Hackers manage - just - to turn Amazon Echoes into snooping devices

The Register View Synopsis+1
But it requires custom hardware, firmware and access to your Wi-Fi

DEF CON Hackers have managed to hack Amazon's Echo digital assistant and effectively turn it into a listening device, albeit through a complex and hard-to-reproduce approach.

6 hours ago Foreshadow: New Speculative Execution Flaws Found in Intel CPUs

SecurityWeek View Synopsis+1

Researchers and several major tech companies on Tuesday disclosed the details of three new speculative execution side-channel vulnerabilities affecting Intel processors.

6 hours ago Should Staff Ever Use Personal Devices to Access Patient Data?

InfoRiskToday View Synopsis+1
Incident at Oklahoma Dept. of Veterans Affairs Spotlights Tough ChoicesWhen is it acceptable to allow healthcare workers to use their personal smartphones to access patient records? A recent incident at the Oklahoma Department of Veterans Affairs spotlights the dilemma.

8 hours ago Oracle: Run, don't walk, to patch this critical Database takeover bug

The Register View Synopsis+1
Flaw in House Larry's flagship product allows 'complete compromise' of servers

Oracle is advising customers to update their database software following the discovery and disclosure of a critical remote code execution vulnerability.

8 hours ago PTC courts security researchers to find IoT vulnerabilities

ZDNet View Synopsis+1
PTC adopts a shared responsibility model to security as it aims to shore up its ThingWorx ecosystem and court researchers looking into IoT.

8 hours ago "‹Beyond Spectre: Foreshadow, a new Intel security problem

ZDNet View Synopsis+1
Researchers have broken Intel's Software Guard Extensions, System Management Mode, and x86-based virtual machines.

8 hours ago Vulnerability Could Allow Insider to Bypass CEO's Multi-Factor Authentication

SecurityWeek View Synopsis+1

Vulnerability Allows a Second Factor for One Account to be Used for All Accounts in an Organization

11 hours ago "‹Web security gets a boost as TLS gets major overhaul

ZDNet View Synopsis+1
Expect wide and fast adoption of the latest web encryption protocol after engineers finalise Transport Layer Security (TLS) version 1.3.