MOREnet Security News Review -- April 7 - April 11, 2014
M3 CALL FOR PRESENTATIONS IS OPEN!
Do you have expertise in a specific area or experiences you’d like to share that would help others make informed decisions or avoid mistakes? Click the following link to submit your presentation for MOREnet’s Annual Conference that will be held October 27-30 at the Holiday Inn Executive Center in Columbia, MO.
WEEKLY THREAT RESOURCE SITE
KNOW YOUR ENEMY – THREAT ID OF THE WEEK
Heartbleed was THE news this week. MOREnet Systems Administrators have determined that the public facing servers we host for our members were not vulnerable to this bug. Members who have purchased Entrust SSL certificates through MOREnet and are using the certificates in MOREnet’s hosted environment are not vulnerable. If you have an Entrust SSL Certificate and your site is not hosted by MOREnet, you will need to check with your service provider regarding the vulnerability.
With the number of sites impacted with this vulnerability it is important that you research any sites with which you do business. Two places that you can use to check for a site’s current vulnerability status are:
Below are several articles discussing this issue.
OpenSSL 'Heartbleed' vulnerability (CVE-2014-0160)
"Heartbleed heartache" - should you REALLY change all your passwords right away?
Heartbleed Bug: What Can You Do?
Free Heartbleed-Checker Released for Firefox Browser
Internet Users Warned of Heartbleed Spam
TOP HEADLINES THIS WEEK
Microsoft to Start Blocking Adware
A Close Look at RTF Zero-Day Attack CVE-2014-1761 Shows Sophistication of Attackers
Online Student Testing System in Kansas Hit with DDOS Attacks
The 7 Steps Of The Cyber Kill Chain
Yahoo email anti-spoofing policy breaks mailing lists
Anonymous may be targeting educational institutions in 'OpSafeEdu'
Microsoft releases final fixes for Windows XP, Office 2003
Windows XP End of Life: What Your Organization Can Expect
Not just websites hit by OpenSSL's Heartbleed – PCs, phones and more under threat
The worst data breaches of 2014…so far (Q1)
Trick for Rewarding Good Behavior
Universities are a rich target for hackers
Universities now have access to cybersecurity education
VULNERABILITIES AND PATCHES
Vulnerability Summary for the Week of March 31, 2014
OpenSSL heartbeat extension read overflow discloses sensitive information
Websense Triton Unified Security Center 7.7.3 information disclosure vulnerability
WordPress 3.8.2 Addresses 2 Vulnerabilities, Includes 3 Security Hardening Changes
Four Vulnerabilities Fixed with the Release of Adobe Flash Player 126.96.36.199
WordPress Customers Receive Automatic Security Updates
Windows 8.1 Update is Required for Future Windows 8.1 Patches
Critical Update for JetPack WordPress Plugin
MOREnet offers not one… not two… but three FREE Security Services – Don’t get caught without them!!
Our GNN 1 service blocks the Windows Networking ports known to be prone to exploitation by viruses and other malware. This service also eases the load on your firewall by blocking the nuisance scanning of these ports and reducing the amount of traffic it needs to process. This service requires a MOREnet Internet connection and you must sign up.
Our GNN 2 service will prevent systems -- other than your email server -- from sending e-mail outside of your network. Malware will often install an SMTP server on infected systems in order to send spam. This service could prevent blacklisting of your network, keep systems from sending out infected attachments, and stop inappropriate messages that could tarnish your reputation. It will not prevent infected systems from sending messages through your authorized e-mail server.This service requires a MOREnet Internet connection and you must sign up.
Our Blackhole DNS service is an important layer in preventing malware infections. We blacklist thousands of malicious domains every week and often block newly registered domains before they are used for malicious activity! This service requires MOREnet membership. You will also have to make DNS configuration changes to the machines on your network.
UPCOMING TRAINING AND EVENTS
1. DDoS – You Can Be A Victim! – Wednesday, April 16, 2014 – Online Webinar -- Distributed Denial of Service (DDoS) and Amplification Attacks – You CAN be a victim. Have you noticed the increased number of headlines in the news lately about DDoS attacks targeting well-known organizations? Don’t be fooled into thinking that it could never happen to you. In this webinar we’ll take a look at recent DDoS activity (what happened and how it’s done) and the ways it can affect our members. We’ll also provide information on what you can do to minimize the risk to your network and also what to do if you become a victim. Click here to register for this event.
2. File Sharing 101 – Wednesday, May 7, 2014 – Online Webinar -- You just received a notification that someone on your network is sharing Copyrighted Material. Now What? While P2P file sharing technology is completely legal, many of the files shared through P2P are copyrighted and therefore could put your organization at risk of being involved in a lawsuit. In this Webinar we’re going to explore the different types of file-sharing applications, how they work, and if there’s anything you can do to control them. Click here to register for this event.
3. Security Roadshow! –MOREnet Security is excited to hit the road again this summer to bring the 2014 Security Roadshow to a location near you. Since we’re making the rounds in June this year, we decided to take a slightly different approach and are going to focus on different aspects of the current threat landscape – from a MOREnet member’s perspective – and what you can do to better protect/secure your organization. We also hope you’ll take the opportunity during each session to share best practices and brainstorm solutions with MOREnet members in your part of the state.
The first four sessions will be hosted at different locations around the state and will be a Lunch and Learn style where you BYOBB (Bring Your Own Brown Bag) from 11:00 a.m. – 1:00 p.m. The fifth session – for those of you who aren’t able to attend one of the hosted events – will be an interactive online webinar.
Here’s the preliminary agenda for each Roadshow session.
Welcome and Introductions
Social Media – A brief overview of the everyday risks to adults and kids with today’s social media apps.
Account Auditing and Security – School will soon be out for summer, and open accounts of users who are not returning are a great avenue for attack!
DDoS Mitigation – Is there anything you can do to prevent DNS and NTP amplification attacks?
Filesharing – What it is, How it works, and Can you control it?
Current Threat Landscape – What’s in the news and how it relates to our member organizations.
Discussion, Questions, and PRIZES!!!!
Tuesday, June 3, 2014
Houston R-I School District
905 Hill Street
Houston, MO 65483
Click this Link to Register
Wednesday, June 4, 2014
Wentzville R-IV School District
719 W. Pearce Blvd
Wentzville, MO 63385
Click this Link to Register
Tuesday June 10, 2014
Moberly Area Community College
Moberly Campus-Main Building Blue Room
101 College Ave, Moberly, MO 65270
Wednesday, June 11, 2014
Mid-Continent Public Library
Woodneath Library Center
8900 NE Flintlock Road
Kansas City, MO 64157
Click this Link to Register
Thursday, June 12, 2014
Do you know of any upcoming security-related training events? Please send them to email@example.com for inclusion in this newsletter!
SECURITY AWARENESS TIP OF THE WEEK
Are you looking for ideas to help educate your users? Check out SANS Securing the Human Tip of the Day!