(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

EVGA SC17 is a high-end gaming machine designed for overclockers and enthusiasts
With a massive pile of gaming laptops present in the market, EVGA SC17 is one of the few that features impressive hardware to provide gamers the same level of performance in gaming laptop as they experience from desktop gaming machines. The 17 inch ...

and more »
Bitcoin/Altcoin Stratum Pool Mass Duplicate Shares Exploit
ESA-2016-034: EMC Documentum D2 Configuration Object Vulnerability
[SE-2012-01] Broken security fix in IBM Java 7/8
CVE-2016-2191: optipng: invalid write

Panama Papers Leak Exposes Tax Evasion -- And Poor Data Security, Data Integrity Practices
Dark Reading
The news outlets involved in the collaboration did not pay for the documents. Before Süddeutsche Zeitung obtained the leak, German tax authorities bought a smaller set of Mossack Fonseca documents from a whistleblower, a move that triggered the raids ...

and more »

SANS to Debut New Course to Help Critical Infrastructure Protection Professionals with NERC CIP Version 5 and 6 ...
PR Newswire (press release)
BETHESDA, Md., April 4, 2016 /PRNewswire-USNewswire/ -- SANS Institute, the global leader in information security training, today announced the addition of a new security training course ICS456: Essentials for NERC Critical Infrastructure Protection (CIP).

and more »

Read only: Books CISOs ought to have
IT World Canada
There are just over 490 cyber security books listed on Amazon in the computers and technology section. Some are keepers. No doubt some of them — probably technical texts — are collecting dust on the bookshelves of infosec pros. But how many are ...

Wordpress Scoreme Theme - Client Side Cross Site Scripting Web Vulnerability
Techsoft Web Solutions CMS 2016 Q2 - SQL Injection Web Vulnerability
FortiManager & FortiAnalyzer 5.x (Appliance Application) - (filename) Persistent Web Vulnerability
ManageEngine Password Manager Pro Multiple Vulnerabilities

Security Intelligence (blog)

Cybersecurity Responsibility: Are Execs Passing the Buck?
Security Intelligence (blog)
As noted by CNBC, many C-suite executives don't feel prepared to handle a cyberattack but aren't making the effort to become personally invested in the InfoSec process. Instead, they're “handing this off to their techies, and they're really just ...


InfoArmor Releases Advanced Threat Intelligence for SME/SMB Market With VigilanteATI(SM) Accomplice
EIN News (press release)
/EINPresswire.com/ -- Infosec World Conference -- InfoArmor, Inc., an industry-leading provider of elite cyber intelligence services, today announced VigilanteATI(SM) Accomplice, a limited version of its award-winning VigilanteATI Advanced Threat ...

and more »
Bugcrowd CSV injection vulnerability
[security bulletin] HPSBGN03565 rev.1 - HPE Virtualization Performance Viewer, Local Denial of Service (DoS)
Open-Xchange Security Advisory 2016-04-02
[SECURITY] [DSA 3539-1] srtp security update
[SECURITY] [DSA 3540-1] lhasa security update
[security bulletin] HPSBGN3547 rev.1 - HP Device Manager, Remote Read Access to Arbitrary Files
[security bulletin] HPSBGN03567 rev.1 - HP Asset Manager using Java Deserialization, Remote Arbitrary Code Execution
Internet Storm Center Infocon Status