Columbia, MO Columns and Jesse Hall

MOREnet Security News Review -- July 21 - 25, 2014

Thursday, July 24, 2014

WEEKLY THREAT RESOURCE SITE

Microsoft Malware Protection Center
 

KNOW YOUR ENEMY – THREAT ID OF THE WEEK

Keyloggers – A keylogger is a software program or device designed to monitor and log all keystrokes. Keyloggers can be used for legitimate purposes – parental control, company security, etc. but they can also be used to steal user data… i.e. passwords and personal or confidential information. Check out the following links for more information and tips to protect yourself.
What Is Keylogger and How to Protect Yourself From It
How to Protect Yourself Against Keylogger Spyware
4 Ways to Protect Yourself Against Keyloggers
 

TOP HEADLINES THIS WEEK

Whole Product Dynamic “Real-World” Protection Test – AV Comparisons
Windows Previous Versions against ransomware
The ‘Fingerprinting’ Tracking Tool That’s Virtually Impossible to Block
Dirty Dozen Spampionship – which country is spewing the most spam?
6 steps to win executive support for security awareness programs
Intentional backdoors in iOS devices uncovered
8 online safety rules for college-bound kids
Wall Street Journal website vulnerable to SQL injection, gets hacked
Backup your data now: New, more powerful ransomware using Tor spotted in the wild
Google given 18 months to change its handling of user data
 

VULNERABILITIES AND PATCHES

US-CERT Vulnerability Summary for the Week of July 14, 2014
Drupal7 security update
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
US warns of Huawei WiFi modem XSS security threat
Mysql-5.5 Security Update
 

SECURITY TOOLBOX

FakeNet Malware Analysis
EFF releases Chrome, Firefox plugin to block third-party tracking
Extensively Adaptable Sploits and Tools for Encroaching on Router Security
OWASP Zed Attack Proxy
 

HOW DO THEY DO THAT?

Verifying Active Directory Delegation is Accurate
Intro to BurpSuite Part I: Setting Up BurpSuite with Firefox and FoxyProxy
Intro to BurpSuite Part II: Sighting in your Burp Scope
Intro to BurpSuite Part III: It’s all about Repetition
Intro to BurpSuite Part IV: Being Intrusive
Configuring the ModSecurity Firewall with OWASP Rules
Creepy Geolocation
 

FEATURED SERVICE

Internet Content Filtering  – With BYOD and Mobile Device Management, web filters are essential to protect against online threats. Schools, libraries and other government entities have unique security challenges that residential networks do not have on their radar. In addition to an ever-evolving user-group, these organization types seem to be home to some very progressive computer hackers. Based on feedback from our members, we are now pleased to offer two internet content filtering options. Click this link for more information.
 

UPCOMING TRAINING AND EVENTS

1.       2014 MOREnet Annual Conference – Monday, October 27 – Thursday, October 30, Columbia, MO – It’s not always about the technology- It’s also about what the technology can do for you. MOREnet’s Annual Conference is a professional development opportunity that allows our members to choose the track that’s right for you. Do you want to mix and match sessions tracks? That’s okay, too! Click this link for more information
 
Do you know of any upcoming security-related training events?  Please send them to security@more.net for inclusion in this newsletter.

SECURITY AWARENESS TIP OF THE WEEK

What are your security habits? Staying safe these days takes more than antivirus.Check out the following link to 10 fundamental things you can do to protect your PC and other devices.
10 critical security habits you should be doing (but aren’t)