MOREnet Security News Review -- September 8 - 12, 2014
October is National Cyber Security Awareness Month – Now’s the time to start putting things in motion! Check out the following resources to help you plan events and activities for your organization.
WEEKLY THREAT RESOURCE SITE
KNOW YOUR ENEMY – THREAT ID OF THE WEEK
Malvertising – Have you visited a legitimate website lately and then discovered that your device was infected? You may have been a victim of Malvertising. Check out the following links to find out more.
Threat Spotlight: “Kyle and Stan” Malvertising Network Threatens Windows and Mac Users With Mutating Malware
TOP HEADLINES THIS WEEK
August 2014 Cyber Attacks Statistics
How a DNS Sinkhole Can Protect Against Malware
The 21 most common misconfigurations that will come back to haunt you!
Fresh phish served with a helping of AES
Hacker publishes tech support phone scammer Slammer
Making Best Practice Common Practice
Patch Tuesday wrap-up, September 2014 – why even a single-bit data leak is worth fixing
Teen’s open Facebook invite leads to 500 unexpected gatecrashers
Heartbleed patch efforts ignored on thousands of websites
InfoSec Book Club: What’s On Your Fall Reading List?
VULNERABILITIES AND PATCHES
Microsoft Security Bulletin Summary for September 2014
Adobe Security Bulletin
US-CERT Vulnerability Summary for the Week of September 1, 2014
WordPress 4.0 “Benny” released
VMware NSX and vCNS product updates address a critical information disclosure vulnerability
FreeBSD Security Advisory
Cisco Security Advisories, Responses, and Notices
HOW DO THEY DO THAT?
Domain Name System -- MOREnet will provide registration and maintenance services for .mo.us domain names, subdomains and host names. MOREnet also assists it members with domain registrations and will host member domain names, subdomains and host names. Click this link for more information
UPCOMING TRAINING AND EVENTS
- 2014 MOREnet Annual Conference – Monday, October 27 – Thursday, October 30, Columbia, MO – It’s not always about the technology- It’s also about what the technology can do for you. MOREnet’s Annual Conference is a professional development opportunity that allows our members to choose the track that’s right for you. Do you want to mix and match sessions tracks? That’s okay, too! Click this link for more information
FREE ONLINE SECURITY TRAINING
Penetration Testing Practice Lab – Vulnerable Apps/Systems
Do you know of any upcoming security-related training or events? Please send them to firstname.lastname@example.org for inclusion in this newsletter.
CYBER SECURITY QUOTE OF THE WEEK
In 2011 RSA, a major technology company, was hacked when an employee responded to a phishing attempt. This is a company whose whole business was security, and fell victim to what hackers know… No matter how secure a target the user is always the weakest link. — Jim Guckin