SANS ISC: Information Security News

• SANS Site Network
  • Current Site
  • SANS Internet Storm Center
  • Other SANS Sites Help
  • Graduate Degree Programs
  • Security Training
  • Security Certification
  • Security Awareness Training
  • Penetration Testing
  • Industrial Control Systems
  • Cyber Defense Foundations
  • DFIR
  • Software Security
  • Government OnSite Training

Information Security News

1 day ago Put privacy protections in IPO agreements if Australia hands data to other nations: OAIC

Should an agreement between Australia and a nation without similar privacy protections be struck under the IPO Bill, the OAIC wants clauses added to bring the lagging nation forward.

1 day ago China Urges 'Fair' Treatment After France Restricts Huawei

China urged France Monday to guarantee a "fair and just" environment for its companies after Paris decided to restrict licenses for telecom operators using 5G technology from Huawei.

1 day ago More Than 1,000 IoT Security Guidelines: Which One to Use?

Study Suggests Actionable Recommendations Would Improve IoT SecurityWith more than 1,000 IoT security guidelines, recommendations and best practices, which ones should an organization follow? Researchers at Carleton University in Canada say 91 percent of the guides are outcome-based, which are not necessarily easy for manufacturers to follow.

1 day ago Remote workers aren't taking security seriously. Now that has to change

IT teams help can mitigate the risks of shadow IT by being more flexible and adapting to the needs of remote workers, according to a new study.

2 hours ago Microsoft's new KDP tech blocks malware by making parts of the Windows kernel read-only

New KDP security feature is currently being tested with Windows 10 Insider builds.

4 hours ago Live Webinar | Building a Secure, Convenient Customer Journey - The convenience-security paradox

4 hours ago Live Webinar | Work from Home: Identity and Access Governance and Data Breach Risks

6 hours ago Alerts: Flaws in Ultrasound, Open-Source Hospital Systems

DHS Advisories Spotlight Authentication, Other Security IssuesTwo recent Department of Homeland Security advisories pertaining to vulnerabilities in certain ultrasound systems from a major medical device maker - and multiple flaws in an open-source hospital information management system - highlight the range security risks spanning various segments of the healthcare sector.

7 hours ago Google Patches Critical Android Vulnerabilities With July 2020 Updates

Several critical remote code execution vulnerabilities were addressed in Android this week with the release of the July 2020 set of security patches, including three in the media framework and system components.

7 hours ago Over 5 Billion Unique Credentials Offered on Cybercrime Marketplaces

More than 15 billion username and password pairs have been offered on cybercrime marketplaces, including over 5 billion unique credentials, according to a report published on Wednesday by San Francisco-based risk protection solutions provider Digital Shadows.

7 hours ago Huawei Urges UK Not to Rush Into 5G Decision

Chinese telecoms giant Huawei urged Britain on Wednesday not to rush into taking any costly decision to phase out its equipment from the UK's 5G network because of US sanctions.

8 hours ago Google open-sources Tsunami vulnerability scanner

Google says Tsunami is an extensible network scanner for detecting high-severity vulnerabilities with as little false-positives as possible.

9 hours ago Billions of passwords now available on underground forums, say security researchers

Usernames and passwords for everything from network administrator accounts and bank details to streaming services and anti-virus software are up for grabs on the dark web - and many are being distributed for free.

9 hours ago US Secret Service warns about increased cyberattacks against MSPs

The US Secret Service has warned organizations about a rise in hacks of MSPs and offers advice on how to beef up security.

10 hours ago BYOD: A trend rife with security concerns

Researchers explored the implications of allowing employees to bring their own devices for sensitive work tasks.