Threat Level: green Handler on Duty: Tom Webb

SANS ISC: Information Security News - Internet Security | DShield Information Security News


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Popular News

22 hours ago Google's Project Zero reveals another Microsoft flaw

The Register View Synopsis+1
Edge, IE, can find themselves running unexpected code if cooked by a malicious site

Google's Project Zero has revealed a bug in Microsoft's Internet Explorer and Edge browsers.

14 hours ago Google End-to-End encrypted email code goes open-source

ZDNet View Synopsis+1
Programmers can now get their hands on the E2EMail code to bolster email encryption services.

13 hours ago Moving Away from Checkbox Compliance

InfoRiskToday View Synopsis+1
Leading the latest version of the ISMG Security Report: a look at how various sectors are moving away from checkbox compliance, instead taking proactive measures to secure their information assets. Also, big increase in e-commerce fraud and Yahoo's costly breach.

12 hours ago Google Discloses Unpatched Flaw in Edge, Internet Explorer

SecurityWeek View Synopsis+1

Google Project Zero has disclosed a potentially serious vulnerability in Microsoft's Edge and Internet Explorer web browsers before the tech giant could release patches.

12 hours ago D-Link resolves enterprise switch hacker risk

The Register View Synopsis+1
Don't wait - update now

D-Link has resolved an authentication bypass flaw in one of its enterprise switches.

Top News

11 hours ago Window shopping

IT Toolbox Blogs View Synopsis+1

As I mentioned in the previous article I fell in love with the KDE window managing system. I say window managing system however, it is actually a lot more. A whole ecosystem or environment of programs so to speak.

 

So I stuck with KDE for a long while and turned up my nose at anything else. I even became evangelistic about it and recommended using the desktop environment in

10 hours ago What Does Bugcrowd Tell Us About The Future Of Crowd Sourcing?

Forbes View Synopsis+1
Bugcrowd's model for crowdsourced security penetration testing provided several lessons for understanding how to harness the power of crowdsourcing to the fullest.

6 hours ago Responding to cyber threats in the terabit era

TechRepublic View Synopsis+1
Prepare for a new wave of cutting-edge cyber attacks linked to emerging technologies like networked IoT devices. Deloitte vice chairman Paul Sallomi explains how hacks are evolving in the terabit era.

3 hours ago Next-Gen Endpoint Risks and Protections: A SANS Survey

SANS Reading Room View Synopsis+1
Results of this survey suggest that we may need to broaden the definition of an endpoint to include users, as the two most common forms of attack reported are directed at users. Lack of adequate patching programs also results in endpoint compromises, despite reported centralized endpoint management. Results also point to the need for improved detection, response, automation of remediation processes.

1 hour ago Google reports "high-severity" bug in Edge/IE, no patch available

ArsTechnica View Synopsis+1
String of unpatched security flaws comes after February Patch Tuesday was canceled.

Latest News

4 hours ago Brit cops can keep millions of mugshots of innocent folks on file

The Register View Synopsis+1
You can ask to be removed, but it's up to officers to listen, Home Office cheerfully concludes

After unlawfully hoarding millions of mugshots of one-time suspects, police chiefs in England and Wales were this week told to delete the snaps - but only if people in the photos complain. And even then, requests can be easily waved away.

7 hours ago New Unlock26 Ransomware and RaaS Portal Discovered

SecurityWeek View Synopsis+1

A recently discovered Ransomware-as-a-Service (RaaS) portal was found to be responsible for the distribution of a brand new ransomware family dubbed Unlock26.

7 hours ago NHS patient letters meant for GPs went undelivered for years

The Register View Synopsis+1
Yep, half a million

The NHS has been accused of covering up a large data loss involving the loss or mislaying of more than half a million pieces of confidential information.

9 hours ago New prison law will let mobile networks deploy IMSI catchers

The Register View Synopsis+1
Walked past a jail? Expect to become a crime suspect

The Prisons and Courts Bill, introduced to Parliament last week, will force mobile networks to deploy fake mobile phone masts around the outside of prisons to snoop on mobile phone users.

1 hour ago Israel: The Next Key Player in the Cybersecurity Industry

Forbes View Synopsis+1
Israel has carved out a strong place in the cybersecurity industry, with many companies there playing a prominent role in cyber defense technology, research and development, and data protection. Indeed, Israel has the world's second-largest cyber market, second only to the United States.

1 hour ago Packing my priorities.

IT Toolbox Blogs View Synopsis+1

I would have to say that the heart of a Linux distribution is its package management system. There are a few around however the two most popular ones are the RPM and dpkg which are what RedHat and Debian use respectively.

 

I know RPM extremely well. When I was going through my Linux from scratch phase I actually created my own RPM packages for all the programs in that

1 hour ago Hopping along the byte busway

IT Toolbox Blogs View Synopsis+1

The biggest difference between Linux and other proprietary operating systems is that there is so much to choose from. If you get a Windows based computer then you get Windows. It will look exactly the same as every other Windows computer and perform exactly the same way as well.

 

If you were to buy an Apple based computer then you will get the Apple developed operating system

1 hour ago Pushing for Better Cyber Threat Info Sharing in Healthcare

InfoRiskToday View Synopsis+1
HIPAA Enforcer Wants Organizations to Develop More Mature Approach to Information SecurityThe agency that enforces HIPAA is urging healthcare organizations and their business associates to ramp up their efforts to share information on cyber threats as part of a broader effort to develop more mature information security programs.

2 hours ago Enlightenment starts to dim.

IT Toolbox Blogs View Synopsis+1

As I mentioned before Enlightenment was what really got me in the mood to take Linux seriously and by far it is the best value for cpu cycles in terms of graphics bang for the bit bucket buck.

 

The best thing about Enlightenment is that it is so configurable and you can have more special effects going on with it that Windows could never match until they brought out Vista. We

3 hours ago Migration to Office 365, a Case Study on Security and Administration in the Non-profit Sector

SANS Reading Room View Synopsis+1
A non-profit serves a mixed community of staff and volunteers. Its email archiving and spam filter services were going to reach the end of life in January 2017. Generous charity pricing for Office 365 from Microsoft was an incentive to move away from the existing hosted Exchange platform. The company needed to develop a strategy for migration to Microsoft Office 365. It had to upgrade Microsoft Office software as well as migrate email. How could it accomplish the transition as well as maintain or improve security?

4 hours ago Multiple Groups Cooperated in Shamoon Attacks: Symantec

SecurityWeek View Synopsis+1

The recent attacks involving the notorious disk-wiping malware Shamoon, aka Disttrack, may have been carried out by multiple groups working together under the command of a single entity, Symantec said on Monday.

4 hours ago SAS Institute's CIO Brings R&D Mentality To IT

Forbes View Synopsis+1
Keith Collins has been an R&D leader and CTO at SAS Institute before becoming CIO. He has brought some of the value propositions of those roles to his current role, and in the process transformed the IT department into "customer zero" for the company.

5 hours ago Microsoft prepares to roll out new update options for Windows 10

ZDNet View Synopsis+1
In the Creators Update, this spring's big Windows 10 release, Microsoft is adding some new knobs and levers for managing updates, including an option to delay feature updates by up to a year. Here's what you can expect.

7 hours ago Yahoo Defends Information Security Mojo to Senators

InfoRiskToday View Synopsis+1
Irony Alert: Congress Has Yet to Enact Data Breach Notification LegislationWhat did Yahoo executives know about multiple data breaches and attacks that the company suffered, and when did they know it? Those questions have continued to dog Yahoo as it negotiates its sale to Verizon for the now-discounted price of $4.5 billion.

7 hours ago Google Hands Over Email Encryption App to Community

SecurityWeek View Synopsis+1

Google announced last week that it has decided to hand over its E2EMail email encryption app to the community.

8 hours ago You Can Buy Lifetime Internet Access For Just $5 On The Dark Web

Forbes View Synopsis+1
The average American pays about $45 a month for high-speed Internet access. Can you imagine paying about one tenth that price... not every month, but just once... for an entire lifetime of service?

8 hours ago Google: We're puzzled Windows 10's Edge, IE flaw hasn't been patched by Microsoft

ZDNet View Synopsis+1
Google's Project Zero security researchers express surprise at Microsoft's failure to patch this bug before it reached its 90-day deadline.

8 hours ago The real cost of ransomware: Attacks take most victims offline for at least a week

ZDNet View Synopsis+1
Lack of coherent strategies about what to do when attacked by ransomware is costing organisations dear.

9 hours ago No Shock: Russia Confirms 'Cyber War' Efforts

InfoRiskToday View Synopsis+1
Russian Information Warfare Teams Keep Catching Opponents FlatfootedThe Russian government appears to be doubling down on its information warfare success to date, publicly confirming that it has a "cyber army" designed to wage psychological operations and propaganda campaigns. While there are defenses, too few are using them.