<!doctype html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<style type="text/css">
.ReadMsgBody {width: 100%; background-color: #ffffff;}
.ExternalClass {width: 100%; background-color: #ffffff;}
body {width: 100%; margin:0; padding:0; -webkit-font-smoothing: antialiased; font-family: Arial; color:#353536; font-size: 13px;}
table {border-collapse: collapse;}
a img {border:none;}
a:link, a:visited, a:active {color: #047db4; text-decoration:underline; font-weight:normal;}
a:hover {color: #047db4; text-decoration:underline; font-weight:normal;}
ol {list-style-position:outside; padding-left:0; margin-left: 25px; padding-top: 3px; padding-bottom: 3px;}
ul {list-style-position:outside; padding-left:0; margin-left: 25px; padding-top: 3px; padding-bottom: 3px;}
ol li {padding-left:0; padding-top: 3px; padding-bottom: 3px;}
ul li {padding-left:0; padding-top: 3px; padding-bottom: 3px;}
@media only screen and (max-width: 640px) {
body[yahoo] .deviceWidth {width:440px!important; padding:0; font-size:14px;}
body[yahoo] .center {text-align: center!important; font-size:14px;}
}
@media only screen and (max-width: 479px) {
body[yahoo] .deviceWidth {width:100%!important; padding:0;}
body[yahoo] .center {text-align: center!important;}
body[yahoo] .drop { display:block !important; width: 100% !important; float:left; clear:both;}
body[yahoo] .header {background-image: http://image.email.sans.org/lib/fe9613727664077577/m/1/SANS-HTMLEmail-NewsBites-mobile_650.png; width:100%;}
body[yahoo] .trainingupdate {min-width:100%!important; text-align: left;}
body[yahoo] .content-header {width:100%;font-size:14px;}
body [yahoo] .top-of-the-news {width:100%;font-size:14px;}
body [yahoo] .rest-of-the-weeks-news {width:100%; font-size:14px;}
body [yahoo] .internet-storm-center-tech-corner {width:100%; font-size:14px;}
body [yahoo] .cyber-security-training-update {width:100%;font-size:14px;}
}
</style>
</head><body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0" yahoo="fix" style="font-family: Arial, serif;"><style type="text/css">
div.preheader
{ display: none !important; }
</style>
<div class="preheader" style="font-size: 1px; display: none !important;">Annotated News Update from the Leader in Information Security Training, Certification and Research</div>
<!-- Wrapper -->
<table width="100%" border="0" cellpadding="0" cellspacing="0" align="center">
<tr align="center">
<td width="100%" valign="top" bgcolor="#ffffff" style="padding-top:10px" align="center">
<!-- Start Header-->
<table width="650" border="0" cellpadding="0" cellspacing="0" align="center" class="deviceWidth" style="margin:0 auto;">
<tr width="650">
<td width="100%" bgcolor="#ffffff" align="center" valign="middle" class="drop" style="font-family: Verdana, Helvetica, Arial, sans-serif; font-size: 10px; color: #959595;">
<a href="https://view.email.sans.org/?qs=203a382196db2306cfd260ca08ee2682e25a28152eb03b52e25b6b1cf2da675502807ed58e0933536e2d87c9017df2a54732daf75d95b762" alias="Web Version" target="_blank" style="font-size:10px; color: #959595; text-decoration: none;">View this email as a web page</a><br><br><!-- Logo -->
<table border="0" cellpadding="0" cellspacing="0" align="left" class="deviceWidth" width="650">
<tr width="650">
<td class="center" width="650">
<img align="center" class="header" src="http://image.email.sans.org/lib/fe9613727664077577/m/1/SANS-HTMLEmail-NewsBites_650.png" alt="SANS NewsBites - Annotated News Update from the Leader in Information Security Training, Certification and Research" border="0" width="650"/><br>
</td>
</tr>
<tr bgcolor="#ffffff">
<td align="left" valign="top" class="drop"><table cellpadding="0" cellspacing="0" border="0" bordercolor="" width="100%" bgcolor=""><tr><td><table width="100%" bgcolor="#ffffff" border="0" bordercolor="" cellpadding="5" cellspacing="0"><tr><td style="font-family:Arial; font-size:13px"><p id="text-placeholder" style="margin-top: 0px; margin-bottom: 0px;">
<font face="Arial"><span style="font-size: 11px;"><font color="#000000">March 10, 2017 Vol. 19, Num. 20</font></span></font></p></td></tr></table></td></tr></table></td>
</tr>
</table><!-- End Logo -->
</td>
</tr>
</table><!-- End Header -->
<!-- 2 Column Images & Text Side by SIde -->
<table width="650" border="0" cellpadding="0" cellspacing="0" align="center" class="deviceWidth" bgcolor="#ffffff" style="margin: 0px auto;">
<tbody>
<tr align="left">
<td style="padding: 10px 0 0 0;" align="left">
<table align="left" width="49%" cellpadding="0" cellspacing="0" border="0" class="deviceWidth" style="text-align: left;">
<tbody>
<tr align="left">
<td valign="top" align="left" class="center" style="text-align: left;">
<div align="left" class="trainingupdate">
<font face="Arial"><span style="font-size: 16px; text-align: left;"><b><font color="#474c56">Top of The News<br></font></b></span></font>
</div>
<table cellpadding="0" cellspacing="0" border="0" bordercolor="" width="100%" bgcolor=""><tr><td><table width="100%" bgcolor="#ffffff" border="0" bordercolor="" cellpadding="0" cellspacing="0"><tr><td style="font-family:Arial; font-size:13px"><ul align="left">
<li align="left"><font face="Arial"><span style="font-size: 13px;">WikiLeaks Will Offer Tech Companies Access to CIA Hacking Tools</span></font></li>
<li align="left"><font face="Arial"><span style="font-size: 13px;">Critical Flaw in Apache Struts 2 (Patch Now!)</span></font></li>
<li align="left"><font face="Arial"><span style="font-size: 13px;">Industry Officials to House Committee: Government is Not Sharing Enough Cyber Threat Info</span></font></li>
<li align="left"><font face="Arial"><span style="font-size: 13px;">Google's March Android Update Fixes 105 Flaws</span></font></li>
</ul></td></tr></table></td></tr></table>
<div align="left" class="trainingupdate">
<b style="font-size: 16px; text-align: left;"><font color="#474c56">The Rest of the Week's News<br></font></b>
</div>
<table cellpadding="0" cellspacing="0" border="0" bordercolor="" width="100%" bgcolor=""><tr><td><table width="100%" bgcolor="#ffffff" border="0" bordercolor="" cellpadding="0" cellspacing="0"><tr><td style="font-family:Arial; font-size:13px"><ul align="left">
<li align="left"><font face="Arial"><span style="font-size: 13px;">Instagram Phishing Apps Removed from Google Play</span></font></li>
<li align="left"><font face="Arial"><span style="font-size: 13px;">Confide Messaging App Vulnerabilities</span></font></li>
<li align="left"><font face="Arial"><span style="font-size: 13px;">Mozilla Releases Firefox 52</span></font></li>
<li align="left"><font face="Arial"><span style="font-size: 13px;">WordPress Updated to Version 4.7.3</span></font></li>
<li align="left"><font face="Arial"><span style="font-size: 13px;">Verifone Investigating Breach</span></font></li>
<li align="left"><font face="Arial"><span style="font-size: 13px;">DHS's Breach Notification Best Practices</span></font></li>
</ul></td></tr></table></td></tr></table>
<div align="left" class="trainingupdate">
<b style="font-size: 16px; text-align: left;"><font color="#474c56">Internet Storm Center Tech Corner</font></b>
</div>
</td>
</tr>
</tbody>
</table>
<table align="right" width="49%" cellpadding="0" cellspacing="0" border="0" class="deviceWidth">
<tbody>
<tr>
<td style="font-size: 12px; color: #959595; font-weight: normal; text-align: left; font-family: Arial; vertical-align: top; padding: 10px 0px 0px;">
<table>
<tbody>
<tr>
<td valign="top" style="padding: 0px 0px 0px 7px;">
<table class="trainingupdate" border="0" cellspacing="0" cellpadding="10" valign="top" align="left">
<tbody>
<tr>
<td id="text-placeholder" bgcolor="#f3f3f4"><strong><span style="font-size: 16px; text-align: left;"><font color="#005982">Cybersecurity Training Update</font></span></strong><br><br>
<table cellpadding="0" cellspacing="0" border="0" bordercolor="" width="100%" bgcolor=""><tr><td><table width="100%" bgcolor="#f3f3f4" border="0" bordercolor="" cellpadding="0" cellspacing="0"><tr><td style="font-family:Arial; font-size:13px"><span alight="left" style="font-size: 12px; color: #474b55;"><a href="http://www.sans.org/event/tysons-corner-spring-2017?utm_medium=Email&utm_source=HouseList+Newsbites&utm_content=NBvol19no20+NA&utm_campaign=SANS+Tysons+Corner+Spring+2017" title="SANS Tysons Corner Spring 2017" alias="SANS Tysons Corner Spring 2017" conversion="false"><b>SANS Tysons Corner Spring 2017</b></a> | March 20-25
<br />
<br /><a href="http://www.sans.org/event/pentest2017?utm_medium=Email&utm_source=HouseList+Newsbites&utm_content=NBvol19no20+NA&utm_campaign=SANS+Pen+Test+Austin+2017" title="SANS Pen Test Austin" alias="SANS Pen Test Austin" conversion="false"><b>SANS Pen Test Austin</b></a> | March 27-April 1 <br />
<br />
<a href="http://www.sans.org/event/sans-2017?utm_medium=Email&utm_source=HouseList+Newsbites&utm_content=NBvol19no20+NA&utm_campaign=SANS+2017" title="SANS 2017" alias="SANS 2017" conversion="false"><b>SANS 2017</b></a> | Orlando, FL | April 7-14<br /><br /><a href="http://www.sans.org/event/threat-hunting-and-incident-response-summit-2017?utm_medium=Email&utm_source=HouseList+Newsbites&utm_content=NBvol19no20+NA&utm_campaign=Threat+Hunting+and+Incident+Response+Summit+2017" title="SANS Threat Hunting & IR Summit & Training" alias="SANS Threat Hunting & IR Summit & Training" conversion="false"><b>SANS Threat Hunting & IR Summit & Training</b></a> | New Orleans, LA | April 18-25<br />
<br />
<a href="http://www.sans.org/event/baltimore-spring-2017?utm_medium=Email&utm_source=HouseList+Newsbites&utm_content=NBvol19no20+NA&utm_campaign=SANS+Baltimore+Spring+2017" title="SANS Baltimore Spring 2017" alias="SANS Baltimore Spring 2017" conversion="false"><b>SANS Baltimore Spring 2017</b></a> | April 24-29<br /><br /><a href="http://www.sans.org/event/automotive-cybersecurity-summit?utm_medium=Email&utm_source=HouseList+Newsbites&utm_content=NBvol19no20+NA&utm_campaign=Automotive+Cybersecurity+Summit" title="SANS Automotive Cybersecurity Summit & Training" alias="SANS Automotive Cybersecurity Summit & Training" conversion="false"><b>SANS Automotive Cybersecurity Summit & Training</b></a> | Detroit, MI | May 1-8 <br /><br /><a href="http://www.sans.org/event/sans-security-west-2017?utm_medium=Email&utm_source=HouseList+Newsbites&utm_content=NBvol19no20+NA&utm_campaign=SANS+Security+West+2017" title="SANS Security West" alias="SANS Security West" conversion="false"><b>SANS Security West</b></a> | San Diego, CA | May 9-18<br /><br /><a href="http://www.sans.org/event/reston-2017?utm_medium=Email&utm_source=HouseList+Newsbites&utm_content=NBvol19no20+NA&utm_campaign=SANS+Reston+2017" title="SANS Northern Virginia - Reston" alias="SANS Northern Virginia - Reston" conversion="false"><b>SANS Northern Virginia - Reston</b></a> | May 21-26<br /><br /><a href="http://www.sans.org/event/atlanta-2017?utm_medium=Email&utm_source=HouseList+Newsbites&utm_content=NBvol19no20+NA&utm_campaign=SANS+Atlanta+2017" title="SANS Atlanta 2017" alias="SANS Atlanta 2017" conversion="false"><b>SANS Atlanta 2017</b></a> | May 30-June 4<br /><br /><a href="http://www.sans.org/event/secure-europe-2017?utm_medium=Email&utm_source=HouseList+Newsbites&utm_content=NBvol19no20+NA&utm_campaign=SANS+Secure+Europe+2017" title="SANS Secure Europe 2017" alias="SANS Secure Europe 2017" conversion="false"><b>SANS Secure Europe 2017</b></a> | Amsterdam, NL | June 12-20<br /><br /><a href="http://www.sans.org/event/cyber-defence-singapore-2017?utm_medium=Email&utm_source=HouseList+Newsbites&utm_content=NBvol19no20+NA&utm_campaign=SANS+Cyber+Defence+Singapore+2017" title="SANS Cyber Defence Singapore 2017" alias="SANS Cyber Defence Singapore 2017" conversion="false"><b>SANS Cyber Defence Singapore 2017</b></a> | July 10-15 <br />
<br />
<a href="http://www.sans.org/online-security-training/?utm_medium=Email&utm_source=HouseList+Newsbites&utm_content=NBvol19no20+NA&utm_campaign=OnDemand" alias="SANS Online Training" title="SANS Online Training" conversion="false"><b>SANS Online Training</b></a><br />
Special Offer! Register by March 15 and receive an iPad Air 2, Samsung Galaxy Tab S2 or $350 Off your <a href="https://www.sans.org/ondemand/specials?utm_medium=Email&utm_source=HouseList+Newsbites&utm_content=NBvol19no20+NA&utm_campaign=OT_Air2TabS2350_0317" title="OnDemand" alias="OnDemand" conversion="false">OnDemand</a> and <a href="https://www.sans.org/vlive/specials?utm_medium=Email&utm_source=HouseList+Newsbites&utm_content=NBvol19no20+NA&utm_campaign=OT_Air2TabS2350_0317" title="vLive" alias="vLive" conversion="false">vLive</a> courses.<br />
<br />
<b>
Single Course Training</b><br />
<a href="https://www.sans.org/mentor/about?utm_medium=Email&utm_source=House+List&utm_content=NBvol19no20+NA&utm_campaign=Mentor" alias="SANS Mentor" title="SANS Mentor" conversion="false">SANS Mentor</a> and <a href="https://www.sans.org/community/?utm_medium=Email&utm_source=House+List&utm_content=NBvol19no20+NA&utm_campaign=Community" alias="Community SANS " title="Community SANS" conversion="false">Community SANS</a><br />
<br />
<a href="http://www.sans.org/find-training?utm_medium=Email&utm_source=HouseList+Newsbites&utm_content=NBvol19no20+NA&utm_campaign=SANS+Courses" alias="View the full SANS course catalog" title="View the full SANS course catalog" conversion="false">View the full SANS course catalog</a></span></td></tr></table></td></tr></table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</table>
<!-- End 2 Column Images & Text Side by SIde -->
<!-- One Column -->
<table width="650" class="deviceWidth" border="0" cellpadding="0" cellspacing="20" align="center" bgcolor="#ffffff" style="margin:0 auto;">
<tr>
<td style="font-size: 13px; color: #353536; font-weight: normal; text-align: left; font-family: Arial; vertical-align: top;" bgcolor="#ffffff">
<table width="100%">
<tr bgcolor="#ffffff">
<td align="left" valign="top" class="drop" style="padding-left:15px; padding-right:15px;">
<table cellpadding="0" cellspacing="0" border="0" bordercolor="" width="100%" bgcolor=""><tr><td><table width="100%" bgcolor="#ffffff" border="0" bordercolor="" cellpadding="0" cellspacing="0"><tr><td style="font-family:Arial; font-size:13px"><br />
<hr size="1" color="#C0C0C0" style="font-family: Arial; font-size: 13px;" />
<br />
<div class="body" style="text-align: left; margin-top: 0px; margin-bottom: 0px;">
<font color="797d83" style="font-family: Arial; font-size: 13px;">Free technical content sponsored by Splunk</font>
</div>
<table cellpadding="0" cellspacing="0" width="100%" style="font-family: Arial; font-size: 13px;">
<tbody class="body">
<tr>
<td style="padding-top: 13px; padding-bottom: 13px;"><a href="http://www.sans.org/info/192682" alias="Splunk Logo" title="Splunk Logo"><img style="float: left; margin: 30px 5px 20px 0px; vertical-align: middle;" src="https://image.email.sans.org/lib/fe9613727664077577/m/1/splunk-logo.png" valign="middle" alt="Splunk" align="left" hspace="9" /></a><span style="font-size: 13px;">It’s no longer a question whether an organization will be breached -- it’s a matter of when.
<br />
<br />
Register for this webinar to hear Splunk and Gartner discuss the strategic role of SIEM as a centralized solution and why organizations need to move from prevention only solutions to detection, response and remediation. <a href="http://www.sans.org/info/192682" title="http://www.sans.org/info/192682" alias="http://www.sans.org/info/192682" conversion="false">http://www.sans.org/info/192682</a></span></td>
</tr>
</tbody>
</table></td></tr></table></td></tr></table>
</td>
</tr>
<tr bgcolor="#ffffff">
<td align="left" valign="middle" class="content-header" bgcolor="#0f7097" height="55"><span style="font-family: Arial; font-size: 22px; color: #ffffff;"> Top of the News</span>
</td>
</tr>
<tr bgcolor="#f5f5f5">
<td align="left" valign="top" class="drop">
<table cellpadding="0" cellspacing="0" border="0" bordercolor="" width="100%" bgcolor=""><tr><td><table width="100%" bgcolor="#f5f5f5" border="0" bordercolor="" cellpadding="20" cellspacing="0"><tr><td style="font-family:Arial; font-size:13px"><div><font color="#005880" face="Arial"><span style="font-size: 18px;"><b>WikiLeaks Will Offer Tech Companies Access to CIA Hacking Tools</b></span></font></div>
<div><font face="Arial"><span style="font-size: 11px;"><b>(March 9, 2017)</b></span><br /><span style="font-size: 11px;">
</span></font>
</div>
<div style="font-family: Arial; font-size: 13px;">
Julian Assange says that WikiLeaks will offer tech companies access to the technical details of hacking tools in the cache of leaked classified CIA documents so that the companies can address the vulnerabilities the tools exploit. Companies are wary of the offer because of the legal ramifications of accepting stolen classified data.
</div>
<div style="font-family: Arial; font-size: 13px;">
</div>
<div style="font-family: Arial; font-size: 13px;">
<b>Editor's Note</b><br />
<br />
<font color="878b8f">[<a style="color: #878b8f;" href="http://www.sans.org/newsletters/newsbites/editorial-board#jake-williams" title="Jake Williams" alias="Jake Williams" conversion="false">Jake Williams</a>]</font><br />
White House press secretary Sean Spicer noted "any individual or entity using any piece of still-classified information" should consult with their legal counsel (clearly a veiled threat). Some people with security clearances I've talked to are afraid to even view the data. This attitude is extremely damaging. Many of those with security clearances are performing cyber threat intelligence functions for our nations most secure networks. Attackers can and will learn from the insights in the CIA leaks. To limit our defender's access to the same data through veiled threats is reckless and further harms US national security.
</div>
<div style="font-family: Arial; font-size: 13px;">
<br />
<b>Read more in:<br />
<font color="117db6">-</font> </b><a href="http://www.scmagazine.com/wikileaks-promises-to-leak-vault-7-code-archive-to-tech-firms-first/article/643046/" title="https://www.scmagazine.com/wikileaks-promises-to-leak-vault-7-code-archive-to-tech-firms-first/article/643046/" alias="https://www.scmagazine.com/wikileaks-promises-to-leak-vault-7-code-archive-to-tech-firms-first/article/643046/" conversion="false"><b>https://www.scmagazine.com</b></a>: WikiLeaks promises to leak Vault 7 code archive to tech firms first<br /><b><font color="117db6">-</font> </b><a href="http://www.zdnet.com/article/wikileaks-we-will-work-with-tech-companies-to-fix-cia-hacking-holes/" title="http://www.zdnet.com/article/wikileaks-we-will-work-with-tech-companies-to-fix-cia-hacking-holes/" alias="http://www.zdnet.com/article/wikileaks-we-will-work-with-tech-companies-to-fix-cia-hacking-holes/" conversion="false"><b>http://www.zdnet.com</b></a>: WikiLeaks: We will work with tech companies to fix CIA hacking holes<br /><b><font color="117db6">-</font> </b><a href="http://www.nytimes.com/2017/03/09/us/wikileaks-julian-assange-cia-hacking.html" title="https://www.nytimes.com/2017/03/09/us/wikileaks-julian-assange-cia-hacking.html" alias="https://www.nytimes.com/2017/03/09/us/wikileaks-julian-assange-cia-hacking.html" conversion="false"><b>https://www.nytimes.com</b></a>: WikiLeaks Will Help Tech Companies Fix Security Flaws, Assange Says<br /><b><font color="117db6">-</font> </b><a href="http://www.wsj.com/articles/wikileaks-assange-says-group-will-help-tech-firms-defend-against-cia-hacking-1489074870" title="https://www.wsj.com/articles/wikileaks-assange-says-group-will-help-tech-firms-defend-against-cia-hacking-1489074870" alias="https://www.wsj.com/articles/wikileaks-assange-says-group-will-help-tech-firms-defend-against-cia-hacking-1489074870" conversion="false"><b>https://www.wsj.com</b></a>: Assange: WikiLeaks Will Help Tech Firms Defend Against CIA Hacking </div></td></tr></table></td></tr></table>
</td>
</tr>
<tr bgcolor="#ffffff">
<td align="left" valign="top" class="drop">
<table cellpadding="0" cellspacing="0" border="0" bordercolor="" width="100%" bgcolor=""><tr><td><table width="100%" bgcolor="#ffffff" border="0" bordercolor="" cellpadding="20" cellspacing="0"><tr><td style="font-family:Arial; font-size:13px"><div><font color="#005880" face="Arial"><span style="font-size: 18px;"><b>Critical Flaw in Apache Struts 2 (Patch Now!)</b></span></font></div>
<div><font face="Arial"><span style="font-size: 11px;"><b>(March 9, 2017)</b></span><br /><span style="font-size: 11px;">
</span></font>
</div>
<div style="font-family: Arial; font-size: 13px;">
Attackers are actively exploiting a critical code execution flaw in the Apache Struts 2 web application framework to take control of vulnerable webservers. There are at least two working exploits. Developers released a patch for the issue earlier in the week, but not all affected servers have been updated. Organizations that use Apache Struts 2 are urged to upgrade to versions 2.3.32 or 2.5.10.1 as soon as possible.
</div>
<div style="font-family: Arial; font-size: 13px;">
</div>
<div style="font-family: Arial; font-size: 13px;">
<b>Editor's Note</b><br />
<br />
<font color="878b8f">[<a style="color: #878b8f;" href="http://www.sans.org/newsletters/newsbites/editorial-board#johannes-ullrich" title="Dr. Johannes Ullrich" alias="Dr. Johannes Ullrich" conversion="false">Dr. Johannes Ullrich</a>]</font><br />
Patching this flaw should be your top priority right now. We have observed exploit attempts shortly after the flaw became known. Exploitation is trivial and tools to exploit this problem are readily available. Note that Struts2 can be a component of many Java based web applications (JBOSS, HipChat). <a href="http://isc.sans.edu/forums/diary/Critical+Apache+Struts+2+Vulnerability+Patch+Now/22169/" title="https://isc.sans.edu/forums/diary/Critical+Apache+Struts+2+Vulnerability+Patch+Now/22169/" alias="https://isc.sans.edu/forums/diary/Critical+Apache+Struts+2+Vulnerability+Patch+Now/22169/" conversion="false">https://isc.sans.edu</a>: Critical Apache Struts 2 Vulnerability (Patch Now!)</div><div style="font-family: Arial; font-size: 13px;">
<b><br />Read more in:<br />
<font color="117db6">-</font> </b><a href="http://computerworld.com/article/3178689/security/hackers-exploit-apache-struts-vulnerability-to-compromise-corporate-web-servers.html" title="http://computerworld.com/article/3178689/security/hackers-exploit-apache-struts-vulnerability-to-compromise-corporate-web-servers.html" alias="http://computerworld.com/article/3178689/security/hackers-exploit-apache-struts-vulnerability-to-compromise-corporate-web-servers.html" conversion="false"><b>http://computerworld.com</b></a>: Hackers exploit Apache Struts vulnerability to compromise corporate web servers<br /><b><font color="117db6">-</font> </b><a href="http://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/" title="https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/" alias="https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/" conversion="false"><b>https://arstechnica.com</b></a>: Critical vulnerability under "massive" attack imperils high-impact sites [Updated]<br /><b><font color="117db6">-</font> </b><a href="http://cwiki.apache.org/confluence/display/WW/S2-045" title="https://cwiki.apache.org/confluence/display/WW/S2-045" alias="https://cwiki.apache.org/confluence/display/WW/S2-045" conversion="false"><b>https://cwiki.apache.org</b></a>: Possible remote Code Execution when performing file upload based on Jakarta multipart parser </div></td></tr></table></td></tr></table>
</td>
</tr>
<tr bgcolor="#f5f5f5">
<td align="left" valign="top" class="drop">
<table cellpadding="0" cellspacing="0" border="0" bordercolor="" width="100%" bgcolor=""><tr><td><table width="100%" bgcolor="#f5f5f5" border="0" bordercolor="" cellpadding="20" cellspacing="0"><tr><td style="font-family:Arial; font-size:13px"><div><font color="#005880" face="Arial"><span style="font-size: 18px;"><b>Industry Officials to House Committee: Government is Not Sharing Enough Cyber Threat Info</b></span></font></div>
<div><font face="Arial"><span style="font-size: 11px;"><b>(March 9, 2017)</b></span><br /><span style="font-size: 11px;">
</span></font>
</div>
<div style="font-family: Arial; font-size: 13px;">
Tech industry officials testified before the U.S, House Homeland Security Committee's cybersecurity panel, saying that there is an imbalance in threat information sharing between the private sector and the government. Legislation passed in 2015 grants companies protection from legal liability when they share threat information with the government, but the government has been less forthcoming with threat information that could help protect IT systems in the private sector. Intel Security Vice president Scott Montgomery noted that when the government classifies a cybersecurity event, it "restrict[s] the number of people who can lend assistance and... allow[s] the adversary to operate with impunity." Witnesses said that if information about threats could be stripped of identifiable information and provided to members of private organizations who hold security clearances, companies would be better positioned to take action against similar threats.
</div>
<div style="font-family: Arial; font-size: 13px;">
</div>
<div style="font-family: Arial; font-size: 13px;">
<b>Editor's Note</b><br />
<br />
<font color="878b8f">[<a style="color: #878b8f;" href="http://www.sans.org/newsletters/newsbites/editorial-board#john-pescatore" title="John Pescatore" alias="John Pescatore" conversion="false">John Pescatore</a>]</font><br />
This has been the standard complaint about all such government intelligence "sharing" initiatives for over a decade. Many proposals have been put out for how to overcome government worries about exposing sources and methods, but no movement on the govt. side. On the enterprise side, no reason to think this will change any time soon.<br /><font color="878b8f"><br />[<a href="http://www.sans.org/newsletters/newsbites/editorial-board#jake-williams" title="Jake Williams" alias="Jake Williams" conversion="false" style="color: #878b8f;">Jake Williams</a>]</font><br />Over-classification of cyber threat data is a real problem. I've worked incidents where threat data has been shared with federal law enforcement, only to see small portions of that same data shared with a limited distribution community weeks later in "Flash" messages. When we inquired why the most important data we shared with the feds wasn't shared with the broader community, we were told it was classified.<br /><br /><span style="color: #878b8f;">[</span><a href="http://www.sans.org/newsletters/newsbites/editorial-board#stephen-northcutt" title="Stephen Northcutt" alias="Stephen Northcutt" conversion="false" style="color: #878b8f;">Stephen Northcutt</a><span style="color: #878b8f;">]</span></div><div style="font-family: Arial; font-size: 13px;">This is complicated, but also historical. For the last 25 years, the US Government's policy has been, "give us your data and we might share 1% back." If we are talking about a partnership, "that dog don't hunt". <br /><a href="http://en.wikipedia.org/wiki/Cybersecurity_Information_Sharing_Act" title="https://en.wikipedia.org/wiki/Cybersecurity_Information_Sharing_Act" alias="https://en.wikipedia.org/wiki/Cybersecurity_Information_Sharing_Act" conversion="false">https://en.wikipedia.org</a>: Cybersecurity Information Sharing Act<br /><a href="http://www.dhs.gov/topic/cybersecurity-information-sharing" title="https://www.dhs.gov/topic/cybersecurity-information-sharing" alias="https://www.dhs.gov/topic/cybersecurity-information-sharing" conversion="false">https://www.dhs.gov</a>: Information Sharing <br /> <br /><b>Read more in:</b></div><div style="font-family: Arial; font-size: 13px;"><b>
<font color="117db6">-</font> </b><a href="http://www.nextgov.com/cybersecurity/2017/03/government-isnt-sharing-cyber-threats-promised-private-sector-says/136035/?oref=ng-channeltopstory" title="http://www.nextgov.com/cybersecurity/2017/03/government-isnt-sharing-cyber-threats-promised-private-sector-says/136035/?oref=ng-channeltopstory" alias="http://www.nextgov.com/cybersecurity/2017/03/government-isnt-sharing-cyber-threats-promised-private-sector-says/136035/?oref=ng-channeltopstory" conversion="false"><b>http://www.nextgov.com</b></a>: Government Isn't Sharing Cyber Threats as Promised, Private Sector Says</div></td></tr></table></td></tr></table>
</td>
</tr>
<tr bgcolor="#ffffff">
<td align="left" valign="top" class="drop">
<table cellpadding="0" cellspacing="0" border="0" bordercolor="" width="100%" bgcolor=""><tr><td><table width="100%" bgcolor="#ffffff" border="0" bordercolor="" cellpadding="20" cellspacing="0"><tr><td style="font-family:Arial; font-size:13px"><div><font color="#005880" face="Arial"><span style="font-size: 18px;"><b>Google's March Android Update Fixes 105 Flaws</b></span></font></div>
<div><font face="Arial"><span style="font-size: 11px;"><b>(March 8, 2017)</b></span><br /><span style="font-size: 11px;">
</span></font>
</div>
<div style="font-family: Arial; font-size: 13px;">
Google has issued its monthly Android security update which addresses 105 vulnerabilities, 35 of which are rated critical. Nine of the critical flaws are code execution issues in the mediaserver component. The update also included fixed for 35 vulnerabilities in Qualcomm components.
</div>
<div style="font-family: Arial; font-size: 13px;">
</div>
<div style="font-family: Arial; font-size: 13px;"><b>Read more in:</b></div><div style="font-family: Arial; font-size: 13px;"><b>
<font color="117db6">-</font> </b><a href="http://www.eweek.com/security/google-patches-android-for-105-vulnerabilities-in-march-update.html" title="http://www.eweek.com/security/google-patches-android-for-105-vulnerabilities-in-march-update.html" alias="http://www.eweek.com/security/google-patches-android-for-105-vulnerabilities-in-march-update.html" conversion="false"><b>http://www.eweek.com</b></a>: Google Patches Android for 105 Vulnerabilities in March Update</div></td></tr></table></td></tr></table>
</td>
</tr>
<tr bgcolor="#ffffff">
<td align="left" valign="top" class="drop">
<table cellpadding="0" cellspacing="0" border="0" bordercolor="" width="100%" bgcolor=""><tr><td><table width="100%" bgcolor="#ffffff" border="0" bordercolor="" cellpadding="20" cellspacing="0"><tr><td style="font-family:Arial; font-size:13px"><div class="body" style="text-align: center; margin-top: 0px; margin-bottom: 0px;">
<font color="000000" style="font-size: 12px;">Sponsored Links</font>
</div>
<table cellpadding="10" cellspacing="0" style="border: 1px solid;" width="100%">
<tbody class="body">
<tr>
<td>
<div>
<font face="Arial"><span style="font-size: 13px;">Thinking about replacing your antivirus? Download this free proof of concept checklist for selecting a next-gen antivirus solution - <b>Download now</b>. <a href="http://www.sans.org/info/192687" title="http://www.sans.org/info/192687" alias="http://www.sans.org/info/192687" conversion="false">http://www.sans.org/info/192687</a></span></font>
</div>
<div>
<font face="Arial"><span style="font-size: 13px;"><br />
</span></font>
</div>
<div>
<font face="Arial"><span style="font-size: 13px;">Red Hat can help container users secure their apps and achieve FISMA compliance. <b>Learn More: </b><a href="http://www.sans.org/info/192692" title="http://www.sans.org/info/192692" alias="http://www.sans.org/info/192692" conversion="false">http://www.sans.org/info/192692</a></span></font>
</div>
<div>
<font face="Arial"><span style="font-size: 13px;"><br />
</span></font>
</div>
<div>
<font face="Arial"><span style="font-size: 13px;">A Case Study: Exploring Potential Attack Methods and Sophisticated Security Defenses for the World's Power Plants. <b>Register:</b> <a href="http://www.sans.org/info/192712" title="http://www.sans.org/info/192712" alias="http://www.sans.org/info/192712" conversion="false">http://www.sans.org/info/192712</a></span></font>
</div>
</td>
</tr>
</tbody>
</table></td></tr></table></td></tr></table>
</td>
</tr>
<tr bgcolor="#ffffff">
<td align="left" valign="top" class="drop">
</td>
</tr>
<tr bgcolor="#ffffff">
<td align="left" valign="middle" class="content-header" bgcolor="#004364" height="55"><span style="font-family: Arial; font-size: 22px; color: #ffffff;"> The Rest of the Week's News</span>
</td>
</tr>
<tr bgcolor="#f5f5f5">
<td align="left" valign="top" class="drop">
<table cellpadding="0" cellspacing="0" border="0" bordercolor="" width="100%" bgcolor=""><tr><td><table width="100%" bgcolor="#f5f5f5" border="0" bordercolor="" cellpadding="20" cellspacing="0"><tr><td style="font-family:Arial; font-size:13px"><div><font color="#047db4" face="Arial"><span style="font-size: 18px;"><b>Instagram Phishing Apps Removed from Google Play</b></span></font></div>
<div><font face="Arial"><span style="font-size: 11px;"><b>(March 9, 2017)</b></span><br /><span style="font-size: 11px;">
</span></font>
</div>
<div style="font-family: Arial; font-size: 13px;">
13 apps have been removed from the Google Play store after they were found to contain malware that attempted to steal users' Instagram credentials. The malicious apps billed themselves as tools to help increase the number of Instagram followers. Once the attackers obtain account credentials, the compromised accounts could be used to send spam and advertisements and to like and comment on posts from other accounts.
</div>
<div style="font-family: Arial; font-size: 13px;">
</div>
<div style="font-family: Arial; font-size: 13px;"><b>Read more in:</b></div><div style="font-family: Arial; font-size: 13px;"><b>
<font color="117db6">-</font> </b><a href="http://www.theregister.co.uk/2017/03/09/instagram_phishing_apps/" title="http://www.theregister.co.uk/2017/03/09/instagram_phishing_apps/" alias="http://www.theregister.co.uk/2017/03/09/instagram_phishing_apps/" conversion="false"><b>http://www.theregister.co.uk</b></a>: Instagram phishing apps pulled from Google Play<br /><b><font color="117db6">-</font> </b><a href="http://news.softpedia.com/news/instagram-users-targeted-by-credential-stealers-1-5m-downloads-on-infected-apps-513743.shtml" title="http://news.softpedia.com/news/instagram-users-targeted-by-credential-stealers-1-5m-downloads-on-infected-apps-513743.shtml" alias="http://news.softpedia.com/news/instagram-users-targeted-by-credential-stealers-1-5m-downloads-on-infected-apps-513743.shtml" conversion="false"><b>http://news.softpedia.com</b></a>: Instagram Users Targeted by Credential Stealers, 1.5M Downloads on Infected Apps </div><div style="font-family: Arial; font-size: 13px;">
</div></td></tr></table></td></tr></table>
</td>
</tr>
<tr bgcolor="#ffffff">
<td align="left" valign="top" class="drop">
<table cellpadding="0" cellspacing="0" border="0" bordercolor="" width="100%" bgcolor=""><tr><td><table width="100%" bgcolor="#ffffff" border="0" bordercolor="" cellpadding="20" cellspacing="0"><tr><td style="font-family:Arial; font-size:13px"><div><font color="#047db4" face="Arial"><span style="font-size: 18px;"><b>Confide Messaging App Vulnerabilities</b></span></font></div>
<div><font face="Arial"><span style="font-size: 11px;"><b>(March 8 & 9, 2017)</b></span><br /><span style="font-size: 11px;">
</span></font>
</div>
<div style="font-family: Arial; font-size: 13px;">
Two separate teams of researchers have found numerous security issues in the Confide messaging app. Confide, which bills itself as "military-grade" with end-to-end encryption, was found to be vulnerable to man-in-the-middle attacks, allowing attackers to intercept and alter communications. Flaws in the app's account management system could be exploited to gain access to user account records. Researchers also found that Confide's screenshot prevention prevention and message deletion features could be defeated. Confide says the flaws have been fixed.
</div>
<div style="font-family: Arial; font-size: 13px;">
</div>
<div style="font-family: Arial; font-size: 13px;"><b>Read more in:</b></div><div style="font-family: Arial; font-size: 13px;"><b>
<font color="117db6">-</font> </b><a href="http://www.wired.com/2017/03/confide-security-holes/" title="https://www.wired.com/2017/03/confide-security-holes/" alias="https://www.wired.com/2017/03/confide-security-holes/" conversion="false"><b>https://www.wired.com</b></a>: That Encrypted Chat App the White House Liked? Full of Holes<br /><b><font color="117db6">-</font> </b><a href="http://www.zdnet.com/article/confide-a-favorite-among-white-house-staffers-isnt-as-secure-as-it-says/" title="http://www.zdnet.com/article/confide-a-favorite-among-white-house-staffers-isnt-as-secure-as-it-says/" alias="http://www.zdnet.com/article/confide-a-favorite-among-white-house-staffers-isnt-as-secure-as-it-says/" conversion="false"><b>http://www.zdnet.com</b></a>: Confide, a messaging app used by White House staff to leak, isn't very secure<br /><b><font color="117db6">-</font> </b><a href="http://computerworld.com/article/3178548/security/security-holes-in-confide-messaging-app-exposed-user-details.html" title="http://computerworld.com/article/3178548/security/security-holes-in-confide-messaging-app-exposed-user-details.html" alias="http://computerworld.com/article/3178548/security/security-holes-in-confide-messaging-app-exposed-user-details.html" conversion="false"><b>http://computerworld.com</b></a>: Security holes in Confide messaging app exposed user details<br /><b><font color="117db6">-</font> </b><a href="http://www.darkreading.com/vulnerabilities---threats/researchers-find-multiple-critical-flaws-in-confide-secure-messaging-app/d/d-id/1328352?" title="http://www.darkreading.com/vulnerabilities---threats/researchers-find-multiple-critical-flaws-in-confide-secure-messaging-app/d/d-id/1328352?" alias="http://www.darkreading.com/vulnerabilities---threats/researchers-find-multiple-critical-flaws-in-confide-secure-messaging-app/d/d-id/1328352?" conversion="false"><b>http://www.darkreading.com</b></a>: Researchers Find Multiple Critical Flaws In Confide Secure Messaging App<br /><b><font color="117db6">-</font> </b><a href="http://www.cyberscoop.com/confide-app-security-audit-donald-trump-white-house/?category_news=technology" title="https://www.cyberscoop.com/confide-app-security-audit-donald-trump-white-house/?category_news=technology" alias="https://www.cyberscoop.com/confide-app-security-audit-donald-trump-white-house/?category_news=technology" conversion="false"><b>https://www.cyberscoop.com</b></a>: Confide, the White House's favorite messaging app, has multiple critical vulnerabilities </div></td></tr></table></td></tr></table>
</td>
</tr>
<tr bgcolor="#f5f5f5">
<td align="left" valign="top" class="drop">
<table cellpadding="0" cellspacing="0" border="0" bordercolor="" width="100%" bgcolor=""><tr><td><table width="100%" bgcolor="#f5f5f5" border="0" bordercolor="" cellpadding="20" cellspacing="0"><tr><td style="font-family:Arial; font-size:13px"><div><font color="#047db4" face="Arial"><span style="font-size: 18px;"><b>Mozilla Releases Firefox 52</b></span></font></div>
<div><font face="Arial"><span style="font-size: 11px;"><b>(March 7, 2017)</b></span><br /><span style="font-size: 11px;">
</span></font>
</div>
<div style="font-family: Arial; font-size: 13px;">
On March 7, Mozilla released Firefox 52 to fix 28 security issues and add several browser features. Firefox 52 supports the WebAssembly standard. It also disables all plugins that use the Netscape Plugin API (NPAPI) except for Adobe Flash. Mozilla began warning developers and users of the end of NPAPI support in October 2015. Firefox 52 is also the last major version of the browser that will support Windows XP and Vista; future major versions will require Windows 7 or later.
</div>
<div style="font-family: Arial; font-size: 13px;">
</div>
<div style="font-family: Arial; font-size: 13px;"><b>Read more in:</b></div><div style="font-family: Arial; font-size: 13px;"><b>
<font color="117db6">-</font> </b><a href="http://arstechnica.com/information-technology/2017/03/final-firefox-version-with-windows-xp-plugin-support-released-today/" title="https://arstechnica.com/information-technology/2017/03/final-firefox-version-with-windows-xp-plugin-support-released-today/" alias="https://arstechnica.com/information-technology/2017/03/final-firefox-version-with-windows-xp-plugin-support-released-today/" conversion="false"><b>https://arstechnica.com</b></a>: Final Firefox version with Windows XP, plugin support released today<br /><b><font color="117db6">-</font> </b><a href="http://www.eweek.com/security/firefox-52-brings-webassembly-and-security-fixes.html" title="http://www.eweek.com/security/firefox-52-brings-webassembly-and-security-fixes.html" alias="http://www.eweek.com/security/firefox-52-brings-webassembly-and-security-fixes.html" conversion="false"><b>http://www.eweek.com</b></a>: Firefox 52 Brings WebAssembly and Security fixes </div><div style="font-family: Arial; font-size: 13px;">
</div></td></tr></table></td></tr></table>
</td>
</tr>
<tr bgcolor="#ffffff">
<td align="left" valign="top" class="drop">
<table cellpadding="0" cellspacing="0" border="0" bordercolor="" width="100%" bgcolor=""><tr><td><table width="100%" bgcolor="#ffffff" border="0" bordercolor="" cellpadding="20" cellspacing="0"><tr><td style="font-family:Arial; font-size:13px"><div><font color="#047db4" face="Arial"><span style="font-size: 18px;"><b>WordPress Updated to Version 4.7.3</b></span></font></div>
<div><font face="Arial"><span style="font-size: 11px;"><b>(March 7, 2017)</b></span><br /><span style="font-size: 11px;">
</span></font>
</div>
<div style="font-family: Arial; font-size: 13px;">
WordPress has updated its content management system (CSM) to version 4.7.3 to address half a dozen security issues and nearly 40 "bugs." This marks the third WordPress update so far in 2017. Three of the six vulnerabilities fixed could be exploited through cross-site scripting (XSS) attacks.
</div>
<div style="font-family: Arial; font-size: 13px;">
</div>
<div style="font-family: Arial; font-size: 13px;"><b>Read more in:</b></div><div style="font-family: Arial; font-size: 13px;"><b>
<font color="117db6">-</font> </b><a href="http://www.eweek.com/security/wordpress-4.7.3-updates-for-six-security-issues.html" title="http://www.eweek.com/security/wordpress-4.7.3-updates-for-six-security-issues.html" alias="http://www.eweek.com/security/wordpress-4.7.3-updates-for-six-security-issues.html" conversion="false"><b>http://www.eweek.com</b></a>: WordPress 4.7.3 Updates for Six Security Issues<br /><b><font color="117db6">-</font> </b><a href="http://threatpost.com/wordpress-4-7-3-patches-half-dozen-vulnerabilities/124137/" title="https://threatpost.com/wordpress-4-7-3-patches-half-dozen-vulnerabilities/124137/" alias="https://threatpost.com/wordpress-4-7-3-patches-half-dozen-vulnerabilities/124137/" conversion="false"><b>https://threatpost.com</b></a>: WordPress 4.7.3 Patches Half-Dozen Vulnerabilities </div></td></tr></table></td></tr></table>
</td>
</tr>
<tr bgcolor="#f5f5f5">
<td align="left" valign="top" class="drop">
<table cellpadding="0" cellspacing="0" border="0" bordercolor="" width="100%" bgcolor=""><tr><td><table width="100%" bgcolor="#f5f5f5" border="0" bordercolor="" cellpadding="20" cellspacing="0"><tr><td style="font-family:Arial; font-size:13px"><div><font color="#047db4" face="Arial"><span style="font-size: 18px;"><b>Verifone Investigating Breach</b></span></font></div>
<div><font face="Arial"><span style="font-size: 11px;"><b>(March 7, 2017)</b></span><br /><span style="font-size: 11px;">
</span></font>
</div>
<div style="font-family: Arial; font-size: 13px;">
Payment card company Verifone is investigating reports of a breach of its internal networks. The incident appears to have affected several companies that use Verifone's point-of-sale services. (Verifone makes and sells point-of-sale terminals and offers services to support payment card processing.) An internal Verifone memo from January 2017 tells employees to change their passwords within 24 hours and informs them that they will no longer be permitted to install software on company computers.
</div>
<div style="font-family: Arial; font-size: 13px;">
</div>
<div style="font-family: Arial; font-size: 13px;"><b>Read more in:</b></div><div style="font-family: Arial; font-size: 13px;"><b>
<font color="117db6">-</font> </b><a href="http://krebsonsecurity.com/2017/03/payments-giant-verifone-investigating-breach/" title="https://krebsonsecurity.com/2017/03/payments-giant-verifone-investigating-breach/" alias="https://krebsonsecurity.com/2017/03/payments-giant-verifone-investigating-breach/" conversion="false"><b>https://krebsonsecurity.com</b></a>: Payments Giant Verifone Investigating Breach
</div></td></tr></table></td></tr></table>
</td>
</tr>
<tr bgcolor="#ffffff">
<td align="left" valign="top" class="drop">
<table cellpadding="0" cellspacing="0" border="0" bordercolor="" width="100%" bgcolor=""><tr><td><table width="100%" bgcolor="#ffffff" border="0" bordercolor="" cellpadding="20" cellspacing="0"><tr><td style="font-family:Arial; font-size:13px"><div><font color="#047db4" face="Arial"><span style="font-size: 18px;"><b>DHS's Breach Notification Best Practices</b></span></font></div>
<div><font face="Arial"><span style="font-size: 11px;"><b>(March 6, 2017)</b></span><br /><span style="font-size: 11px;">
</span></font>
</div>
<div style="font-family: Arial; font-size: 13px;">
The US Department of Homeland Security (DHS) is putting the finishing touches on breach notification guidance for agencies, state and local governments, and other organizations. The DHS Data Privacy and Integrity Committee approved a final draft of the best practices document last month. The guidance addresses deciding whether and how to notify affected individuals; the risks of over-notification; and offers suggestions for additional support for those affected by a breach.
</div>
<div style="font-family: Arial; font-size: 13px;">
</div>
<div style="font-family: Arial; font-size: 13px;">
<b>Editor's Note</b><br />
<br />
<font color="878b8f">[<a style="color: #878b8f;" href="http://www.sans.org/newsletters/newsbites/editorial-board#john-pescatore" title="John Pescatore" alias="John Pescatore" conversion="false">John Pescatore</a>]</font><br />
The draft has common sense recommendations but there are two areas where DHS really ought to go further for government agencies: (1) provide a simplified, standardized risk scoring method for agencies to use in making the notification decision; an d (2) funding an IDIQ kind of contract for some number of approved "identity theft mitigation services." Both of these are needed so that breached agencies can move much, much more quickly in reducing impact to citizens than we've seen them able to move in the past.<br /><font color="878b8f"><br />[<a href="http://www.sans.org/newsletters/newsbites/editorial-board#lee-neely" title="Lee Neely" alias="Lee Neely" conversion="false" style="color: #878b8f;">Lee Neely</a>]</font><br />The draft memo creates a risk based approach, encapsulating lessons learned from the OPM breach and tries to build on the California and other state data breach notification laws enacted since 2003.<br /><a href="http://1yxsm73j7aop3quc9y5ifaw3.wpengine.netdna-cdn.com/wp-content/uploads/2017/03/Best-Practices-for-Data-Breach-Notification-1.19.17_FINAL-DRAFT.pdf" title="http://1yxsm73j7aop3quc9y5ifaw3.wpengine.netdna-cdn.com/wp-content/uploads/2017/03/Best-Practices-for-Data-Breach-Notification-1.19.17_FINAL-DRAFT.pdf" alias="http://1yxsm73j7aop3quc9y5ifaw3.wpengine.netdna-cdn.com/wp-content/uploads/2017/03/Best-Practices-for-Data-Breach-Notification-1.19.17_FINAL-DRAFT.pdf" conversion="false">http://1yxsm73j7aop3quc9y5ifaw3.wpengine.netdna-cdn.com</a>: Best Practices for Notifying Affected Individuals of a Large-Scale Data Breach (PDF)<br /> <br /><b>Read more in:</b></div><div style="font-family: Arial; font-size: 13px;"><b>
<font color="117db6">-</font> </b><a href="http://federalnewsradio.com/cybersecurity/2017/03/dhs-finalizing-best-practices-notifying-victims-major-cyber-breaches/" title="http://federalnewsradio.com/cybersecurity/2017/03/dhs-finalizing-best-practices-notifying-victims-major-cyber-breaches/" alias="http://federalnewsradio.com/cybersecurity/2017/03/dhs-finalizing-best-practices-notifying-victims-major-cyber-breaches/" conversion="false"><b>http://federalnewsradio.com</b></a>: DHS finalizing best practices for notifying victims of major cyber breaches</div></td></tr></table></td></tr></table>
</td>
</tr>
<tr bgcolor="#f5f5f5">
<td align="left" valign="top" class="drop">
</td>
</tr>
<tr bgcolor="#ffffff">
<td align="left" valign="top" class="drop">
</td>
</tr>
<tr bgcolor="#f5f5f5">
<td align="left" valign="top" class="drop">
</td>
</tr>
<tr bgcolor="#ffffff">
<td align="left" valign="top" class="drop">
</td>
</tr>
<tr bgcolor="#ffffff">
<td align="left" valign="middle" class="content-header" bgcolor="#a41d36" height="55"><span style="font-family: Arial; font-size: 22px; color: #ffffff;"> Internet Storm Center Tech Corner</span>
</td>
</tr>
<tr bgcolor="#ffffff">
<td align="left" valign="top" class="drop">
<table cellpadding="0" cellspacing="0" border="0" bordercolor="" width="100%" bgcolor=""><tr><td><table width="100%" bgcolor="#ffffff" border="0" bordercolor="" cellpadding="20" cellspacing="0"><tr><td style="font-family:Arial; font-size:13px"><table width="100%" border="0" cellpadding="0" cellspacing="0" align="center" class="deviceWidth" bgcolor="#ffffff" style="font-family: Arial; font-size: 13px; margin: 0px auto;">
<tbody>
<tr align="left">
<td align="left">
<table align="left" width="49%" cellpadding="0" cellspacing="0" border="0" class="deviceWidth" style="text-align: left;">
<tbody>
<tr align="left">
<td style="text-align: left; vertical-align: top;"><font color="#474b55" face="Arial"><span style="font-size: 13px;">From Shamoon To Stonedrill: Evolution of Wipers Attacking Saudi Organizations (PDF)</span><br />
<span style="font-size: 13px;"><a href="http://securelist.com/files/2017/03/Report_Shamoon_StoneDrill_final.pdf" title="https://securelist.com/files/2017/03/Report_Shamoon_StoneDrill_final.pdf" alias="https://securelist.com/files/2017/03/Report_Shamoon_StoneDrill_final.pdf" conversion="false">https://securelist.com</a></span></font><br />
<br />
<font color="#474b55" face="Arial"><span style="font-size: 13px;">WordPress Update</span><br />
<span style="font-size: 13px;"><a href="http://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/" title="https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/" alias="https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/" conversion="false">https://wordpress.org</a></span></font><br />
<br />
<font color="#474b55" face="Arial"><span style="font-size: 13px;">Reading Secret Keys from SGX Enclaves</span><br />
<span style="font-size: 13px;"><a href="http://arxiv.org/abs/1702.08719" title="https://arxiv.org/abs/1702.08719" alias="https://arxiv.org/abs/1702.08719" conversion="false">https://arxiv.org</a></span></font><br />
<br />
<font color="#474b55" face="Arial"><span style="font-size: 13px;">Security Researches Target Nintendo Switch</span><br />
<span style="font-size: 13px;"><a href="http://twitter.com/qlutoo" title="https://twitter.com/qlutoo" alias="https://twitter.com/qlutoo" conversion="false">https://twitter.com</a></span><br />
<span style="font-size: 13px;"><a href="http://www.youtube.com/watch?v=CwdDN1kA93Q&feature=youtu.be" title="https://www.youtube.com/watch?v=CwdDN1kA93Q&feature=youtu.be" alias="https://www.youtube.com/watch?v=CwdDN1kA93Q&feature=youtu.be" conversion="false">https://www.youtube.com</a></span></font><br />
<br />
</td>
</tr>
</tbody>
</table>
<table align="right" width="49%" cellpadding="0" cellspacing="0" border="0" class="deviceWidth">
<tbody>
<tr>
<td style="text-align: left; vertical-align: top;">
</td>
</tr>
</tbody>
</table>
<table align="right" width="49%" cellpadding="0" cellspacing="0" border="0" class="deviceWidth">
<tbody>
<tr>
<td style="text-align: left; vertical-align: top;"><font color="#474b55" face="Arial"><span style="font-size: 13px;">Dockerscan</span><br />
<span style="font-size: 13px;"><a href="http://github.com/cr0hn/dockerscan" title="https://github.com/cr0hn/dockerscan" alias="https://github.com/cr0hn/dockerscan" conversion="false">https://github.com</a></span></font><br />
<br />
<font color="#474b55" face="Arial"><span style="font-size: 13px;">1 in 5 Websites still rely on SHA-1 Based Certificates</span><br />
<span style="font-size: 13px;"><a href="http://www.theregister.co.uk/2017/03/08/sha1_certificate_survey/" title="http://www.theregister.co.uk/2017/03/08/sha1_certificate_survey/" alias="http://www.theregister.co.uk/2017/03/08/sha1_certificate_survey/" conversion="false">http://www.theregister.co.uk</a></span></font><br />
<br />
<font color="#474b55" face="Arial"><span style="font-size: 13px;">Not All Malware Samples Are Complex</span><br />
<span style="font-size: 13px;"><a href="http://isc.sans.edu/forums/diary/Not+All+Malware+Samples+Are+Complex/22163/" title="https://isc.sans.edu/forums/diary/Not+All+Malware+Samples+Are+Complex/22163/" alias="https://isc.sans.edu/forums/diary/Not+All+Malware+Samples+Are+Complex/22163/" conversion="false">https://isc.sans.edu</a></span></font><br />
<br />
<font color="#474b55" face="Arial"><span style="font-size: 13px;">Struts Vulnerability Included in Metasploit</span><br />
<span style="font-size: 13px;"><a href="http://github.com/rapid7/metasploit-framework/issues/8064" title="https://github.com/rapid7/metasploit-framework/issues/8064" alias="https://github.com/rapid7/metasploit-framework/issues/8064" conversion="false">https://github.com</a></span><br />
<span style="font-size: 13px;"><a href="http://cwiki.apache.org/confluence/display/WW/S2-045?from=groupmessage" title="https://cwiki.apache.org/confluence/display/WW/S2-045?from=groupmessage" alias="https://cwiki.apache.org/confluence/display/WW/S2-045?from=groupmessage" conversion="false">https://cwiki.apache.org</a></span></font>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table></td></tr></table></td></tr></table>
</td>
</tr>
<tr bgcolor="#ffffff">
<td align="left" valign="top" class="drop"> <br>
</td>
</tr>
<tr><td colspan="3"><hr size="1" color="#bbd0e1"></td></tr>
</table>
</td>
</tr>
</table><!-- End One Column -->
<!-- 2 Column Images & Text Side by SIde --><table width="650" cellpadding="0" cellspacing="0" align="center" class="deviceWidth" bgcolor="#ffffff" style="margin:0 auto;">
<tr>
<td>
<table align="center">
<tr align="center">
<td valign="middle" align="center" style="padding:10px 20px"><span style="color:#a4a7aa; text-align:center; font-size: 22px;">The Editorial Board of SANS NewsBites</span><br><br>
</td>
</tr>
</td>
</tr>
</table>
<table width="100%" border="0" cellpadding="0" cellspacing="0" align="center" class="deviceWidth" bgcolor="#ffffff" style="margin:0 auto;">
<tr align="left">
<td align="left">
<table align="left" width="49%" cellpadding="0" cellspacing="0" border="0" class="deviceWidth" style="text-align: left;">
<tr align="left">
<td valign="top" align="left" style="text-align: center;">
<span style="color:#474b55; font-size: 12px;"><a href="https://www.sans.org/newsletters/newsbites/editorial-board#alan-paller" title="Alan Paller">Alan Paller</a><br><a href="https://www.sans.org/newsletters/newsbites/editorial-board#brian-honan" title="Brian Honan">Brian Honan</a><br><a href="https://www.sans.org/newsletters/newsbites/editorial-board#david=hoelzer" title="David Hoelzer">David Hoelzer</a><br><a href="https://www.sans.org/newsletters/newsbites/editorial-board#david-turley" title="David Turley">David Turley</a><br><a href="https://www.sans.org/newsletters/newsbites/editorial-board#eric-cole" title="Dr. Eric Cole">Dr. Eric Cole</a><br><a href="https://www.sans.org/newsletters/newsbites/editorial-board#ed-skoudis" title="Ed Skoudis">Ed Skoudis</a><br><a href="https://www.sans.org/newsletters/newsbites/editorial-board#eric-cornelius" title="Eric Cornelius">Eric Cornelius</a><br><a href="https://www.sans.org/newsletters/newsbites/editorial-board#gal-shpantzer" title="Gal Shpantzer">Gal Shpantzer</a><br><a href="https://www.sans.org/newsletters/newsbites/editorial-board#jake-williams" title="Jake Williams">Jake Williams</a><br><a href="https://www.sans.org/newsletters/newsbites/editorial-board#johannes-ullrich" title="Dr. Johannes Ullrich">Dr. Johannes Ullrich</a><br><a href="https://www.sans.org/newsletters/newsbites/editorial-board#john-pescatore" title="John Pescatore">John Pescatore</a></span>
</td>
</tr>
</table>
<table align="right" width="49%" cellpadding="0" cellspacing="0" border="0" class="deviceWidth">
<tr align="left">
<td valign="top" align="left" style="text-align: center;">
<span style="color:#474b55; font-size: 12px;"><a href="https://www.sans.org/newsletters/newsbites/editorial-board#mark-weatherford" title="Mark Weatherford">Mark Weatherford</a><br><a href="https://www.sans.org/newsletters/newsbites/editorial-board#mason-brown" title="Mason Brown">Mason Brown</a><br><a href="https://www.sans.org/newsletters/newsbites/editorial-board#michael-assante" title="Michael Assante">Michael Assante</a><br><a href="https://www.sans.org/newsletters/newsbites/editorial-board#rob-lee" title="Rob Lee">Rob Lee</a><br><a href="https://www.sans.org/newsletters/newsbites/editorial-board#sean-mcbride" title="Sean McBride">Sean McBride</a><br><a href="https://www.sans.org/newsletters/newsbites/editorial-board#shawn-henry" title="Shawn Henry">Shawn Henry</a><br><a href="https://www.sans.org/newsletters/newsbites/editorial-board#stephen-northcutt" title="Stephen Northcutt">Stephen Northcutt</a><br><a href="https://www.sans.org/newsletters/newsbites/editorial-board#suzanne-vautrinot" title="Suzanne Vautrinot">Suzanne Vautrinot</a><br><a href="https://www.sans.org/newsletters/newsbites/editorial-board#tom-liston" title="Tom Liston">Tom Liston</a><br><a href="https://www.sans.org/newsletters/newsbites/editorial-board#william-hugh-murray" title="William Hugh Murray">William Hugh Murray</a><br><a href="https://www.sans.org/newsletters/newsbites/editorial-board#lee-neely" title="Lee Neely">Lee Neely</a></span>
</td>
</tr>
</table>
</td>
</tr>
</table><!-- End 2 Column Images & Text Side by SIde -->
<br>
</td>
</tr>
<tr>
<td><div style="height:10px;margin:0 auto;"> </div></td>
</tr>
<tr bgcolor="#e2ecf4"><td bgcolor="#e2ecf4" style="font-family: Arial, sans-serif; font-size:12px; color:#353536; padding:20px;" align="left" width="650" class="deviceWidth"><b>SANS Institute</b><br>
8120 Woodmont Avenue, Suite 310, Bethesda, MD, 20814<br><br>
To create a SANS Portal Account visit <a href="https://www.sans.org/account/create" title="https://www.sans.org/account/create">create new account</a>.<br>To change your email address visit <a href="https://www.sans.org/account/details" alias="Update Profile" target="_blank">update profile</a>.<br>
To change your email preferences or unsubscribe visit <a href="https://www.sans.org/preference-center/f4d24eea46a60a6c13d744cc3bf0285041d8d980b3da29850d3f9b9047575f92d660697313c53588/b2706c8efafd413c533db3a908697c7e/129152/104" alias="Manage Subscriptions" target="_blank">manage subscriptions</a>.<br><br>
<a href="https://www.sans.org/privacy" alias="Privacy Policy" target="_blank">Privacy Policy</a>.</td></tr>
</table><custom type="footer" name="footer"><img src="https://click.email.sans.org/open.aspx?ffcb10-fecb15727c65017f-fe8317787d6d037970-fe9613727664077577-ff6a157071-fe8c157471600d797c-ffc912" width="1" height="1"><!-- End 3 Small Images -->
<!-- Three Column Images -->
</td>
</tr>
</table> <!-- End Wrapper -->
</body>
</html>