Type your search and hit enter

SANS Institute - News, Features, and Slideshows


  • How to prepare for and respond to a cyber attack

    Cybercriminals are constantly looking for new ways to bypass security measures. In a survey conducted by the SANS Institute on the behalf of <a href="https://www.guidancesoftware.com/">Guidance Software</a>, 56% of respondents assumed they have been breached or will be soon, compared with 47% last year.

    Written by By Ed McAndrew and Anthony Di Bello09 July 15 00:17
  • Personal weather stations can expose your Wi-Fi network

    In the latest Internet of Things security blunder, personal weather station devices made by Netatmo were found sending users' Wi-Fi passwords back to the company over unencrypted connections.

    Written by Lucian Constantin14 Feb. 15 02:50
  • After FBI blames North Korea for Sony attack, now what?

    The FBI today named the North Korean government as responsible for the cyber attack against Sony Pictures last month, saying its technical analysis points to the isolated, Communist country.

    Written by Gregg Keizer20 Dec. 14 07:27
  • Data Breaches Rise as Cybercriminals Continue to Outwit IT

    Online criminals remain at least one step ahead of many IT groups, according to this year's "U.S. State of Cybercrime Survey," conducted annually by CSO magazine, the Secret Service, the Software Engineering Institute at Carnegie Mellon University, and PricewaterhouseCoopers. Deterrence and detection are both falling short of their goals: The 500 survey respondents faced an average of 135 security incidents last year, and 34 percent say that number was up compared to the previous year. Just one-third of respondents could estimate losses from their breaches; among those who could, the breaches cost $415,000, on average. Legal liabilities and lawsuits after breaches add to the costs.

    Written by George V. Hulme29 Sept. 14 23:08
  • Encryption goof fixed in TorrentLocker file-locking malware

    The developers of a type of malicious software that encrypts a computer's files and demands a ransom have fixed an error security experts said allowed files to be recovered without paying.

    Written by Jeremy Kirk18 Sept. 14 13:56
  • DOJ's charges against China reframe security, surveillance debate

    The U.S. Department of Justice's decision to bring computer hacking and economic espionage charges against five alleged members of the Chinese army is an attempt by President Barack Obama's administration to redirect a global discussion about cyberhacking and surveillance, some cybersecurity experts said.

    Written by Grant Gross20 May 14 06:01
  • NSA denies knowing about Heartbleed flaw for years

    The U.S. National Security Agency, which has a cybersecurity mission in addition to surveillance, has disputed a report that it knew about the Heartbleed security vulnerability for at least two years before other researchers disclosed the flaw this month.

    Written by Grant Gross12 April 14 07:20
  • Exploit released for vulnerability targeted by Linksys router worm

    Technical details about a vulnerability in Linksys routers that's being exploited by a new worm have been released Sunday along with a proof-of-concept exploit and a larger than earlier expected list of potentially vulnerable device models.

    Written by Lucian Constantin17 Feb. 14 11:46
  • Worm 'TheMoon' infects Linksys routers

    A self-replicating program is infecting Linksys routers by exploiting an authentication bypass vulnerability in various models from the vendor's E-Series product line.

    Written by Lucian Constantin14 Feb. 14 12:59
  • Hackers may cash in when XP is retired

    Hackers may bank their Windows XP zero-day exploits and cash them in after Microsoft stops patching the aged operating system next April.

    Written by Gregg Keizer26 Aug. 13 10:10
  • Seven IT security skills certifications on the rise

    A number of IT security skills certifications requiring candidates to pass exams have sharply gained in terms of demand and pay value, according to a new Foote Partners report.

    Written by Ellen Messmer19 Aug. 13 20:14
  • South Korea cyberattacks hold lessons for U.S.

    U.S companies and government agencies can learn from the large-scale disruptions that have hit several banks and media outlets in South Korea in the last 24 hours, security analysts said.

    Written by Jaikumar Vijayan20 March 13 18:42