Churchill statue - Fulton, MO

MOREnet Security News Review -- May 19 - 23, 2014

Friday, May 23, 2014

Dates for the MOREnet Security Roadshow are fast approaching… Have you registered?

MOREnet Security is excited to hit the road again this summer to bring the 2014 Security Roadshow to a location near you.  Since we’re making the rounds in June this year, we decided to take a slightly different approach and are going to focus on different aspects of the current threat landscape – from a MOREnet member’s perspective – and what you can do to better protect/secure your organization.  We also hope you’ll take the opportunity during each session to share best practices and brainstorm solutions with MOREnet members in your part of the state.
 
Roadshow Dates and Locations:
Tuesday, June 3 - Houston R-1 School District
Wednesday, June 4 - Wentzville R-IV School District
Tuesday, June 10 - Moberly Area Community College
Wednesday, June 11 - Mid-Continent Public Library, Kansas City
Thursday, June 12 - Online Webinar
Click this link to register
 

WEEKLY THREAT RESOURCE SITE

Kaspersky Cyberthreat Real-Time Map
 

KNOW YOUR ENEMY – THREAT ID OF THE WEEK

Have you ever heard of Police Ransomware? – Ransomware is a kind of trojan that infects a device by encrypting user files and rendering the device useless. Typically a “ransom note” is displayed giving the user instructions on paying so they can receive the encryption keys. Police Ransomware differs in that the note appears to come from law enforcement. “Check out the following links for more information.
 
Android “police warning” ransomware – how to avoid it, and what to do if you get caught
Cryptolocker-like Ransomware Spreads to Android Devices
Removing ‘Police-themed’ Ransomware
MS Malware Protection Center -- Ransomware
 

TOP HEADLINES THIS WEEK

SNMP DDoS Attacks Spike
Majority of Organizations Have No BYOD Policies
10 BYOD policy guidelines for a secure work environment
FBI is officially looking for malware development
If You Don’t Want to Appear in Google Ads, Read This
eBay becomes the latest online giant to own up to a password breach
Education data mining puts kids’ privacy at risk
SourceForge’s turn to reset passwords – this time in a good cause!
6 Tips for Securing Social Media In The Workplace
Privileged Use Also a State of Mind, Report Finds
 

VULNERABILITIES AND PATCHES

(0Day) Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability
US-CERT Vulnerability Summary for the Week of May 12, 2014
Exposure of Critical Information Via SNMP Public Community String
Technical Analysis of CVE-2014-0515 Adobe Flash Player Exploit
Apple Safari 7.0.4 closes 22 holes, including 21 listed under “arbitrary code execution”
 

SECURITY TOOLBOX

Tech Insight: Free Tools for Offensive Security
 

FEATURED SERVICE

Managed Web Hosting  – MOREnet's Managed Web Hosting service provides subscribers the freedom and flexibility to manage their organization's web presence simply, securely and inexpensively. Subscribers can control their web presence without the complexity and expense of managing and maintaining servers and hardware. Local administration, content and access are all controlled by the subscriber. Check out the following link for additional information. http://www.more.net/services/managed-web-hosting-0
 

UPCOMING TRAINING AND EVENTS

  1. Security Roadshow! – MOREnet Security is excited to hit the road again this summer to bring the 2014 Security Roadshow to a location near you.  Since we’re making the rounds in June this year, we decided to take a slightly different approach and are going to focus on different aspects of the current threat landscape – from a MOREnet member’s perspective – and what you can do to better protect/secure your organization.  We also hope you’ll take the opportunity during each session to share best practices and brainstorm solutions with MOREnet members in your part of the state. Click this link to register
  2. Introduction to Windows 2012 Server Administration – Tuesday, July 22 – Wednesday, July 23, MOREnet, Columbia, MO -- Designed to build a foundation in basic server administration, this class introduces students to many of Windows Server 2012 features. The class includes extensive exercises which reinforce Microsoft Windows Server 2012 network administration skills as they are learned. Click this link to register

Do you know of any upcoming security-related training events?  Please send them to security@more.net for inclusion in this newsletter.

SECURITY AWARENESS TIP OF THE WEEK

Account Auditing – Do you have year-end processes in place to clean up user accounts? If not, now would be a good time to develop one. Old and/or unused accounts can pose a security risk to your network.