MOREnet Security News Review -- October 13 - 17, 2014

Friday, October 17, 2014

October is National Cyber Security Awareness Month – If you haven’t had a chance to put any activities or events together, check out the following links for some great Security Awareness Tips to share with your end users. This week’s focus is email security.

5 steps to lock down your webmail account
Top 10 Tips to Protect Your Email
10 must-know email security tips
Sophos IT Security Dos and DON’Ts Email Series
5 Email Security Tips
 

WEEKLY THREAT RESOURCE SITE

DHS Cybersecurity
 

KNOW YOUR ENEMY – THREAT ID OF THE WEEK

Watering Hole Attack – How much do you know about Watering Hole Attacks. Check out the following links to find out what they are, how they work, and how to protect yourself.
Watering Hole 101
Espionage Hackers Target ‘Watering Hole’ Sites
Proofpoint Threat Insight
Watering Hole Attacks: Tips on Outsmarting the Hackers
 

TOP HEADLINES THIS WEEK

Massive list of Dropbox credentials leaded, change your password immediately [Update]
SSL V3 Goes to the Dogs – POODLE Kills Protocol (Detailed configuration walkthroughs to protect browsers and servers)
SSL broken, again, in POODLE attack
POODLE attack takes bytes out of your encrypted data – here’s what to do
Army of UPnP Devices Could Be Leveraged for DDoS Attacks
The “Sandworm” malware what you need to know
Sandworm to Blacken: The SCADA Connection
The Internet of Things: 7 Scary Security Scenarios
Ebola Phishing Scams and Malware Campaigns
Infographic: How to spot a phish
 

VULNERABILITIES AND PATCHES

Microsoft Security Bulletin Summary for October 2014
Highly critical vulnerabilities in Mozilla Firefox and Thunderbird
There Is a New Security Vulnerability Named POODLE, and It Is Not Cute
Security updates available for Adobe Flash Player
SA-CORE-2014-005 – Drupal core – SQL injection
Oracle Critical Patch Update Advisory -- October 2014
Cisco Security Advisories, Responses, and Notices
US-CERT Vulnerability Summary for the Week of October 6, 2014
 

SECURITY TOOLBOX

Worried about the POODLE vulnerability?
Flow Basic Analysis Tool
NSX-v 6.1 – Security Hardening Guide
Lockheed Martin Cyber Kill Chain
Strengthening the Cyber Kill Chain with Cyber Threat Intelligence – Part 1 of 2
The Cyber Threat Kill Chain – Part 2 of 2
 

HOW DO THEY DO THAT?

How POODLE Happened
MindshaRE: Statically Extracting Malware C2s Using Capstone Engine
How to steal access to over 500,000 bank accounts: The insider view of a Russian cybercrime infrastructure
 

FEATURED SERVICE

Videoconferencing -- Video Services at MOREnet are offered on a reliable, dedicated network necessary for point-to-point and multipoint videoconferencing. Authorized users such as K-12 schools, higher education institutions, libraries, state government agencies and hospitals are assured the ability to communicate full-motion video via the high quality, statewide IP network maintained by MOREnet. Click this link for more information.
 
How secure are your video devices? Take a look at the following list for some Video Security Best Practices.

  1. Change password from the default but don’t leave it blank!
  2. Turn off FTP and SNMP in the settings.
  3. Regularly check for software updates from your manufacturer website.
  4. If your system is not behind a firewall, set the Auto Answer Point-to-Point Call Setting to NO! You don’t want your system to be vulnerable to someone connecting to the unit and listening in on your private conversations.
  5. In the Audio Settings, the option to Mute Auto Answer Calls should be checked.
  6. Unplugging or power off the unit when feasible or just put something over the camera when not in use.
  7. If you want your calls to be encrypted, especially in a medical facility (HPPA regulations), in the Security settings set AES Encryption option to “When Available” for Video Encrypted calls or set to “Off” for non-encrypted calls for sites not in a medical facility.
  8. If using video conferencing software on a computer, regularly check for manufacturer, security software and OS updates.

UPCOMING TRAINING AND EVENTS

  1. 2014 MOREnet Annual Conference – Monday, October 27 – Thursday, October 30, Columbia, MO – It’s not always about the technology- It’s also about what the technology can do for you. MOREnet’s Annual Conference is a professional development opportunity that allows our members to choose the track that’s right for you. Do you want to mix and match sessions tracks? That’s okay, too! Click this link for more information

Do you know of any upcoming security-related training or events?  Please send them to security@more.net for inclusion in this newsletter.
 

CYBER SECURITY QUOTE OF THE WEEK

Securing a computer system has traditionally been a battle of wits: the penetrator tries to find the holes, and the designer tries to close them. Gosser