SANS Institute - News, Features, and Slideshows


  • DOJ's charges against China reframe security, surveillance debate

    The U.S. Department of Justice's decision to bring computer hacking and economic espionage charges against five alleged members of the Chinese army is an attempt by President Barack Obama's administration to redirect a global discussion about cyberhacking and surveillance, some cybersecurity experts said.

  • NSA denies knowing about Heartbleed flaw for years

    The U.S. National Security Agency, which has a cybersecurity mission in addition to surveillance, has disputed a report that it knew about the Heartbleed security vulnerability for at least two years before other researchers disclosed the flaw this month.

  • Worm 'TheMoon' infects Linksys routers

    A self-replicating program is infecting Linksys routers by exploiting an authentication bypass vulnerability in various models from the vendor's E-Series product line.

  • Search on for next UK Cyber Security Challenge champion

    Registration for the 2011 <a href="">Cyber Security Challenge UK</a> has opened today, as the industry goes on its second annual search to find the IT security talent of the future.

  • One in five mobile devices running malware: study

    The SANS Institute's Internet Storm Center (ISC) has surveyed its membership on the subject of malicious programs that target mobile devices like iPhones and BlackBerrys, and the results are sobering.
    In a running poll that has, so far, netted 540 respondents, SANS researchers found that 85 percent were not scanning their mobile devices for malicious programs. Of the 15 percent who were, 18 percent found mobile malware running on their devices. That's higher than the overall infection rate for PCs in North America, which Microsoft pegs at between 7 and 10 percent of all Windows systems in the United States and Canada. In fact, 18 percent is close to the infection rate for XP SP1 systems. &quot;As secure as XP SP1&quot; isn't the kind of security you want.
    Extrapolate that number and it suggests that, as SANS points out, as many as 83 of the 457 participants who weren't scanning their mobile devices could be missing an active malware infection. Look at the number of smartphones in use globally and the infection numbers get even scarier, but also more hypothetical &#8212; after all, the mobile universe isn't a monoculture like the PC world. There are endless variations of Symbian, Windows Mobile, Palm, as well as BlackBerry, iPhone, Android and the like. Not all are equally valuable or attractive to attackers. It's also not clear what kinds of malware turned up on the self-reported scans and whether false positives might be in the mix.
    The conventional wisdom is that mobile malware isn't a big concern so much as a gushing font of vendor FUD and scare tactics. The enterprises I talk to are far more concerned about the data on mobile devices that might get lost or stolen than they are about mobile devices as a malware bridge to their enterprise networks.
    Anecdotally, anti-malware vendors tell me that mobile malware is still a tiny sliver of a fat malware pie &#8212; but it's also a growth area with new instances of mobile malware coming online at an alarming rate. We've also written about some of the big security loopholes that scammers and malware authors are getting hip to &#8212; notably the loosely policed application marketplaces for platforms like iPhone and, especially, Android.
    Despite all that, if we're to believe that 85 percent of mobile phone users don't scan for malware, then there's clearly some waking up that will need to take place. The SANS report may be one alarm bell. Also look to this year's Black Hat and Defcon events to raise the heat under the mobile malware pot.

  • Cybercrims focus on Macs and zero-day

    The SANS Institute has warned of a steep increase in critical security holes in Apple&#8217;s Mac OS X operating system and in previously undiscovered (&#8220;zero day&#8221;) vulnerabilities in web browsers.