Columbia, MO Courthouse Sculpture

MOREnet Security News Review -- January 27 - 31, 2014

Friday, January 31, 2014

WEEKLY THREAT RESOURCE SITE

Cisco Cyber Risk Reports
 

KNOW YOUR ENEMY – THREAT ID OF THE WEEK

Passwords are in the headlines again! Although we won’t always consider them a threat, weak and reused passwords are a vulnerability easily exploited by hackers.  It’s time to evaluate not only your passwords but perhaps additional methods of authentication for your online accounts.
 
Passwords Stolen from Third Party Used to Hack Yahoo Mail Accounts
Feb 1st Is National Change Your Password Day
The power of two - All you need to know about two-factor authentication
 

TOP HEADLINES THIS WEEK

Hasbro website keeps spreading malware says security firm
SEA hits CNN, may be linked to Microsoft law enforcement info heist
Sources: Card Breach at Michaels Stores
Neiman Marcus: 1.1 Million Credit Cards Exposed in Three-Month Hack
FBI warns of crimewave hitting cash registers
Cybercriminals Steal FTP Credentials with Fake FileZilla
Risky online behaviour is putting teens in danger
DNS amplification, application-layer attacks drive DDoS attack trends
 

VULNERABILITIES AND PATCHES

Mozilla Fixes Thunderbird Flaw That Allowed Hackers to Insert Malicious Code into Emails
Vulnerability Summary for the Week of January 20, 2014
iTunes 11.1.4 update bring fixes for 25 bugs
Java-based malware driving DDoS botnet infects Windows, Mac, Linux devices
 

SECURITY TOOLBOX

The First Five Quick Wins
Log Parsing with Mandiant Highlighter (1)
Four easy ways to protect your Mac from malware
2014 Data Protection & Breach Readiness Guide
 

FEATURED SERVICE

On-site Wireless Assessment Surveys - MOREnet offers On-site Wireless Assessment Surveys using industry-leading wireless assessment equipment and software. Whether troubleshooting existing wireless issues or planning to build or reconfigure a wireless network, MOREnet trained technicians can assist by providing members an on-site wireless survey and radio frequency (RF) survey map of the analysis.  In addition, MOREnet can also deliver an optional written summary with findings and recommendations for members to share with their organization as they begin their planning process.  http://www.more.net/services/wireless-assessment-surveys
 

UPCOMING TRAINING AND EVENTS

1.       Introduction to Windows 2008 Server Administration – Tuesday, February 4, – February 5, 2014 – MOREnet, Columbia, MO -- Designed to build a foundation in basic server administration, this class introduces students to many of Windows Server 2008 features. The class includes extensive exercises which reinforce Microsoft Windows Server 2008 network administration skills as they are learned. Click here to register for this event
2.       Social Media Series Part 1, Risks of Social Media – Wednesday, February 5, 2014 – Online Webinar – Does your staff or students understand the risks they take when posting comments or pictures to social media sites?  Join us for a discussion of the unseen risks to innocent posts. Click here to register for this event.
3.       Introduction to Windows 2008 DNS, DHCP and CSVde – Thursday, February 6, 2014 – MOREnet, Columbia, MO -- This course is designed to provide a foundation for understanding both Domain Name System and Dynamic Host Configuration Protocol. Students will install and configure these services for automated IP communications. At the end of the day the students will also use the bulk user import utility CSVde. Students must have taken Intro to Windows 2008 server to attend. Click here to register for this event
4.       Windows 2008 Group Policy – Friday February 7, 2014 – MOREnet, Columbia, MO -- This class is designed to allow students to centrally manage workstations and servers with Group Policy Objects (GPOs) within a Windows Active Directory domain. In class we will start at the beginning with defining what Group Policy is and what can be accomplished by using Group Policies within your organization. We will create simple group policies and test their effectiveness on a windows 7machine. We will explore some advanced Group Policy subjects such as redirecting user data and folders, deploying software and finish with using Group Policy Preferences to Map Drives and clean out folders. Click here to register for this event
5.        Social Media Series Part 2, Understanding the Privacy Settings of Popular Social Media Sites– Wednesday February 19, 2014 – Online Webinar.  Even if you understand the risks associated with social media, which settings are best and how do you find them on each site?  This webinar will focus primarily on Facebook privacy settings, but will include references to many other social media sites. Click here to register for this event.
6.       SANS SEC464: Hacker Guard: Security Baseline Training for IT Administrators and Operations with Continuing Education – Tuesday, February 25 – Wednesday, February 26, 2014, MOREnet, Columbia, MO -- This educational program gives IT admins the tools and techniques to illuminate evidence of potentially malicious activity on their systems and to look deeper to determine whether the problems they see are real. It allows them to become the hacker guards for malicious activity in their organization. It uses hands-on exercises to ensure they are comfortable using the tools. MOREnet members are eligible for a price of $1200. Last day to register is Friday, 2/14/2014. Click here for registration information.
7.       Social Media Series Part 3, Understanding the Privacy Settings of Popular Devices Media – Wednesday March 5, 2014 – Online Webinar – So your social media websites are locked down, but are all settings enforced the same if the device isn’t secured?  Join us for a discussion of device settings to review to protect yourself from social media and other apps.  Click here to register for this event.
 
Do you know of any upcoming security-related training events?  Please send them to security@more.net for inclusion in this newsletter! 
 

SECURITY AWARENESS TIP OF THE WEEK

Tuesday January 28th was Privacy Day.  Here are a few tips to help protect your privacy.
Take the 3-step Privacy Plan Diet
The Ultimate Guide to Secure Your Social Media Account