Articles about sans

Coal miners

How polite: Fun-bucks coin miners graciously ease off CPU pounding

Cryptocurrency-mining malware writers are dialing back their use of your compute cycles in order to avoid detection. This is according to Johannes Ullrich, head of research at SANS, who today pointed out that malicious mining apps are scaling down activity and employing built-in encryption to make them harder for antivirus …
Shaun Nichols, 29 Jun 2018

Hurry up patching those Oracle bugs: Attackers aren't waiting

Security experts are advising administrators to hurry up installing Oracle patches after finding that attackers are quick to target their vulnerabilities. The SANS Institute issued a warning after one of its honeypot systems was targeted by exploits of the CVE-2018-2628 remote code execution flaw in WebLogic just hours after …
Shaun Nichols, 3 May 2018
Shutterstock Firehose

Popular cache utility exploited for massive reflected DoS attacks

Attackers have discovered a new amplified denial-of-service attack vector, and have launched attacks reaching hundreds of gigabits per second in Asia, North America and Europe. Former Internet Systems Consortium CEO and now Akamai principal architect Barry Raveendran Greene has detailed the reflected DOS attack on his blog and …

New phishing campaign uses 30-year-old Microsoft mess as bait

The ever-vigilant folk at the Internet Storm Centre (SANS) have spotted yet another campaign trying to drop the Locky ransomware using compromised Word files. As Internet Storm Center handler Brad Duncan writes, the vector in the Word documents uses Microsoft Dynamic Data Exchange (DDE), a feature that lets Office application …
Lenovo's new ThinkSystem servers

Lenovo re-launches data centre range with two new ThinkThing lines

Lenovo reckons its data centre range has never had a refresh quite like it: 25 new products, a couple of new brands and a new CPU to play with as well. The CPU is Intel's forthcoming Xeon Scalable Family, about which we're all more or less in the dark. So move along, nothing to see here until it debuts in a month or three. …
Simon Sharwood, 21 Jun 2017

SANS issues call to arms to battle IoT botnets

The SANS Institute is hoping sysadmins can help it to do what vendors won't: improve Internet of Things security. The call comes in the wake of not one but two IoShitT-based botnet attacks – the 600 Gbps-plus slam that sent security publication Krebs on Security from Akamai to Google Shield, and the same botnet escalating to …

SANS man lists five security things you're not doing but should

SANS Institute dean of research and head of the SANS Internet Storm Center (ISC) Johannes Ullrich has given systems admins some some light weekend reading with a list of five neglected security controls that "nobody implements". Ullrich reckons that if put these controls in place your security posture will improve and things …
Darren Pauli, 8 Apr 2016

Former parking ticket bloke turns out to be cybersecurity genius

Ross Bradley, who spent the last 15 years processing car parking fines for Newcastle City Council, is set to become one of the UK's top cyber professionals after achieving one of the highest ever scores in the internationally recognised GIAC cyber security qualifications. The SANS Cyber Academy, which aims to fill the cyber …
Ethernet by https://www.flickr.com/photos/razor512/ CC2.0 attribution https://creativecommons.org/licenses/by/2.0/

Brocade adds more Ethernet to storage

Brocade's announced another chunk of its IP strategy, this time with an eye to drawing network-attached storage (NAS) devices into its warm embrace. The idea, A/NZ senior director Gary Denman told Vulture South, is to give IP-attached storage the kind of SLA support and manageability that Fibre Channel storage area network ( …
Fiesta CC.20 attribution by https://www.flickr.com/photos/mtsrs/

Fiesta exploit kits wakes from siesta

Brad Duncan says attackers are again slinging the Fiesta, this time using a complicated series of loops that researchers will find difficult to trace. The Rackspace malware boffin says the kit, once one of the more popular on underground markets, is hitting victims through gates that push traffic from hacked sites to the …
Darren Pauli, 29 Apr 2015
Close-up of the flu virus (artist's impression) - Shutterstock

Malware uses Windows product IDs to mix mutex

Malware writers are using Windows unique product numbers to generate mutex values to evade researchers, SANS security boffin Lenny Zeltser says. Mutex values are used as an accurate reference to determine if multiple identical processes are running. Malware including the infamous BackOff credit card stealer has used mutex for …
Darren Pauli, 11 Mar 2015

Attackers tapping on SNMP door to see if it's open

Google's DNS IP address is being spoofed by an attacker, apparently in an attempt to DDoS hosts vulnerable to a flaw in the SNMP protocol. The SANS Internet Storm Center noticed the traffic trend emerging on September 15, and in this post discusses what's going on. The attack is trying to take over SNMP hosts that have left …

Not just websites hit by OpenSSL's Heartbleed – PCs, phones and more under threat

While most of the buzz surrounding OpenSSL's Heartbleed vulnerability has focussed on websites and other servers, the SANS Institute reminds us that software running on PCs, tablets and more is just as potentially vulnerable. Institute analyst Jake Williams said the data-leaking bug “is much scarier” than the gotofail in Apple …

'Hack Idol' to find top UK cyberwarriors

The UK government has launched plans to find the best young hackers through a talent competition. Would-be cyberdefenders will be rated on their abilities to thwart attacks and hack into websites. Winners will be offered courses by the respected SANS Institute and assigned mentors. University course and work placements also …
John Leyden, 12 Oct 2009
The Register breaking news

Firms fail to focus on most dangerous security threats

Enterprises are focusing their information security efforts in the wrong areas, leaving themselves more open to hacking attacks and malware infections as a result. The 2009 Top Cyber Risks Report from the SANS Institute concludes that most organisations are focusing their security maintenance and vulnerability scanning efforts …
John Leyden, 16 Sep 2009

Create a news alert about sans, or find more stories about sans.

Biting the hand that feeds IT © 1998–2018