MOREnet Security News Review -- December 2-6, 2013
MOREnet is offering SANS SEC464: Hacker Guard: Security Baseline Training for IT Administrators and Operations with Continuing Education, February 25 – 26, 2014. MOREnet members are eligible for a price of $1200 Minimum registration must be met by December 20, 2013 so enroll today! Click here for registration information.
WEEKLY THREAT RESOURCE SITE
KNOW YOUR ENEMY – THREAT ID OF THE WEEK
Neverquest – is a banking Trojan currently in the news. It is also known as Snifula, an info-stealing Trojan.
Neverquest Banking Trojan Set to Explode
Dangerous New Banking Trojan Neverquest Is an Evolution of an Older Threat
Neverquest Trojan: Built to Steal from Hundreds of Banks
TOP HEADLINES THIS WEEK
2 million stolen passwords recovered
Lessons learned from 4 major data breaches in 2013
'ZeroAccess' click-fraud botnet disrupted, but not dead yet
Tips to Avoid Being Bit By Cryptolocker (and What to Do if You Are)
Zeus Being Spammed Out As An Anti-virus Update
Secret to Protecting Computers Against Keyloggers Lies in Patch Management
January 13-17, 2014: National Tax Identity Theft Awareness Week
VULNERABILITIES AND PATCHES
Vulnerability Summary for the Week of November 25, 2013
Windows XP Zero-Day vulnerability popular
Ruby on Rails security updates patch XSS, DoS vulnerabilities
Microsoft Lines Up Critical Windows, Office and IE Fixes for Next Week
Worm targets Linux PCs and embedded devices
Drupal CMS Issues Broad-Ranging Secuirty Update
NagiosQL 3.2 Service Pack 2 contains a reflected cross-site scripting vulnerability
Bypass of Internet Explorer Cross-Site Scripting Filter Possible
PHP Flaw Threatens Embedded Linux Devices
Security Authentication Handbook
Security App of the Week: AdwCleaner
Security App of the Week: Bitdefender Anti-CryptoLocker
Check if you have an account that has been compromised in a data breach
Anti-Virus Comparative Malware Removal Test
Network Consulting for Member Networks – MOREnet offers support on local and wide area networks. Support is available in the form of troubleshooting, consulting, design and analysis. Access to Network Consulting is included with MOREnet membership. However, there are times when you need more professional consulting which would require a MOREnet Network Consultant to come to your location. If this type of consulting is required, please ask technical support and network consulting for our hourly consulting rate and travel reimbursement policy. Click here for more information: http://www.more.net/services/network-consulting-member-networks
UPCOMING TRAINING AND EVENTS
1. Wireshark How-To Series – Display Filters – Tuesday, December 17, 2013 – Online Webinar -- This is the fourth installment of our Wireshark How-To Series. In this webinar we’ll step through the process of creating and applying display filters. (NOTE: Display filters use a different syntax than capture filters.) We’ll discuss how to use display filters, how to build display filters, and how to avoid common display filter mistakes. Click here to register for this event
2. Wireshark How-To Series – Personalized Profiles – Tuesday, January 7, 2014 – Online Webinar -- This is the fifth installment of our Wireshark How-To Series. In this webinar we’ll step through customizing Wireshark’s GUI Interface and capture options. We’ll cover the basics of profiles and how to customize Wireshark for specific tasks. Click here to register for this event
3. Wireshark How-To Series – Using Wireshark’s Expert System – Tuesday, January 21, 2014 – Online Webinar -- This is the sixth and final installment of our first series of Wireshark How-Tos. In this webinar we’ll step through how to use Wireshark’s Expert System. We’ll cover how to launch Expert Info, colorize Expert Info elements, filter elements, and how to understand what triggers each element. Click here to register for this event
4. SANS SEC464: Hacker Guard: Security Baseline Training for IT Administrators and Operations with Continuing Education – Tuesday, February 25 – Wednesday, February 26, 2013, MOREnet, Columbia, MO -- This educational program gives IT admins the tools and techniques to illuminate evidence of potentially malicious activity on their systems and to look deeper to determine whether the problems they see are real. It allows them to become the hacker guards for malicious activity in their organization. It uses hands-on exercises to ensure they are comfortable using the tools. MOREnet members are eligible for a price of $1200. Click here for registration information.
5. SANS Free Webcasts – Check out weekly security webcasts from SANS. https://www.sans.org/webcasts/
Do you know of any upcoming security-related training events? Please send them to firstname.lastname@example.org for inclusion in this newsletter!
SECURITY AWARENESS TIP OF THE WEEK
Ho Ho Ho! The holidays are upon us, and the criminals are ready. Here are a few tips to keep your holidays safe!
Festive season security myth: "If there are no links in an email, it can't be a phish."
High alert issued for these top 5 holiday scams
McAfee’s Online Safety Tips for the Top 12 Holiday Scams