SANS NewsBites http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90 All Stories From Vol: 11 - Issue: 90 en-us (C) SANS Institute 2009 webmaster@sans.org SANS RSS Feed http://www.sans.org/images/rss_logo.gif http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90 SANS 2009 http://www.sans.org/info/35964/ http://www.sans.org/info/35964/ More than 35 courses, SANS top instructors, all in one great place! SANS 2009 is being held in Orlando, FL on March 2-9. Register today! Cyber War Expose (November 13, 2009) http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID200 http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID200 The covers are off the cyber warfare story.......

]]> Fixing Federal Cybersecurity: C&A Reports Cost $1,400 Per Page And Are Out Of Date When Signed (November 12, 2009) http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID201 http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID201 The US State Department cracked a vexing cybersecurity problem through continuous monitoring and a focus on the 20 critical controls (the most important defenses based on actual attack data compiled by NSA and other agencies).......

]]> For One-Third of US Government Agencies, Security Incidents Are a Daily Occurrence (November 10 & 11, 2009) http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID202 http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID202 A CDW-Government survey of 300 US government IT professionals found that 44 percent of agencies noted an increase in the number of security incidents over last year.......

]]> Researchers Describe Weakness in Government Wiretap Technology (November 11 & 12, 2009) http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID300 http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID300 Researchers at the University of Pennsylvania say they have discovered a vulnerability in the technology the government uses to conduct wiretaps.......

]]> UK Considering Raising Maximum Data Breach Fine (November 12, 2009) http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID301 http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID301 The UK Ministry of Justice is considering raising the maximum penalty for violations of the Data Protection Act that result in serious data breaches to GBP 500,000 (US $830,000).......

]]> Indian Outsourcer Arrested for Selling British Patients' Medical Files (November 10 & 12, 2009) http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID302 http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID302 Police in India have arrested the chief of an outsourcing company for allegedly selling British patients' medical records.......

]]> Modified Xbox Consoles Banned From Xbox Live (November 11 & 12, 2009) http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID303 http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID303 In an attempt to combat piracy, Microsoft is permanently banning modified Xbox consoles from accessing Xbox Live.......

]]> Apple Issues Safari Update (November 11 & 12, 2009) http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID304 http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID304 Apple has released Safari 4.......

]]> Eight Indicted in Massive, Coordinated ATM Fraud (November 10 & 11, 2009) http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID305 http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID305 A US federal grand jury in Atlanta, Georgia has indicted eight men in connection with the RBS WorldPay security breach.......

]]> Microsoft Issues Six Security Bulletins (November 10 & 11, 2009) http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID306 http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID306 On Tuesday, November 10, Microsoft released six security bulletins to address a total of 15 security flaws.......

]]> Windows Kernel Flaw Likely to be Exploited Soon (November 11, 2009) http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID307 http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID307 Researchers are in agreement that in the next few weeks, cyber criminals are likely to exploit the Windows kernel vulnerability for which Microsoft released a fix earlier this week.......

]]> iPhone Data Stealing Exploit Released (November 11, 2009) http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID308 http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID308 The same vulnerability that was used to spread a relatively harmless worm is now being exploited to allow attackers to steal data from jailbroken iPhones.......

]]> Bank Fraud Linked to Stolen Employee Data (November 10, 2009) http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID309 http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID309 A data security breach of a server at the Vancouver (Washington) School District exposed employee information, including Social Security numbers (SSNs) and bank account information of employees who use direct payroll deposit.......

]]> Microsoft Investigating Reports of Zero-Day SMB Flaw in Windows 7 and Windows Server 2008 R2 (November 11 & 12, 2009) http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID310 http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=90&rss=Y#sID310 Microsoft is investigating reports of a zero-day flaw in Windows 7 and Windows Server 2008 Release 2 that could be exploited to crash vulnerable computers.......

]]>