Security Newsletter May 25-29, 2015

Printer-friendly version

Mark your calendar to join us the  3rd Wednesday of every month at 8 PM for #MOREnetSecurity Twitter Chat. Want to moderate or suggest a topic? Just DM us or email security@more.net. Don’t have a Twitter account yet? Click here for help on how to set one up.

 

WEEKLY THREAT RESOURCE SITE

Threat Modeling: A Process to Ensure Application Security

 

KNOW YOUR ENEMY – THREAT OF THE WEEK

While the Angler Exploit Kit may have already established itself as one of the more sophisticated kits on the underground market, it appears it’s still finding ways to evolve.
Angler Exploit Kit Exploiting New Adobe Vulnerability, Dropping Cryptowall 3.0

TOP HEADLINES THIS WEEK

Dangers of Apple Watch, Microsoft’s new Outlook, and rethinking Security

Google is Readying its own OS for Running the Internet of Things

Teen hires Attacker to DDoS his School District

Does Wi-Fi Make People Sick? Probably Yes!

PCI Council Launches Group to Help Improve SME Compliance

Federal Reserve Bank of St. Louis Hit by Cyber Attack

Windows 10: Securing Identity, Information and Devices

IRS Was Not Hacked – Taxpayer Data Stolen for 100,000 People

Here’s how Android apps can track you without asking permission

A Bug Lets you Crash Anyone’s iPhone with a text Message

How to Stop Wi-Fi Hackers Cold

Death to passwords FIDO Alliance finds a friend at DOCOMO

Yahoo to face US class action lawsuit over email spying allegations

Hack Hall of Shame – May 2015

 

VULNERABILITIES AND PATCHES

Researchers in Bluetooth LoT Privacy Warning

Microsoft confirms patch KB 3022345 breaks SFC /scannow

Microsoft Issues Patch KB 3065979 to fix Win7 GDI+ Drawing Problems brought on by KB 3045171

Synology patches Serious Flaws in its Network-attached Storage Devices

Apache Cordova fixes flaw that could cause apps to crash

Prank Texts Clobber iPhones

 

SECURITY TOOLBOX

Web Security Dojo 2.0 – Self-Contained Web Hacking Training

RouterCheck – Android app to ensure the Safety of your Router

WakeMeOnLan v1.71

Fedora 22 Provides Three Ways to don Red Hat

Third Party Patch Roundup – May 2015

 

HOW DO THEY DO THAT

When Adware Attacks! And How to Defeat it! (Mac)

5 Tips to Improve your Linux Desktop Security

 

FREE ONLINE COURSES

8 Free online courses to grow your tech skills

10 Free Sources to learn IT Security

 

FEATURED SERVICE

Mobility Management with AirWatch by VMWare - AirWatch by VMware helps schools, universities and other organizations embrace the next generation of learners and practitioners with a suite of services to assist with the management of mobility.

 

UPCOMING TRAINING AND EVENTS

    1. 2015 MOREnet Annual Conference – Monday, October 5 – Thursday, October 8, 2015, Union Station, St. Louis -- Register and reserve your room for conference now. Click here for registration information.

    1. TWIG – Google Forms, Sheets and Add-Ons—Tuesday, June 16—9:00am to 4:00 pm, MOREnet, 221 Stadium Blvd., Ste. 201, Columbia – This class will introduce the features and functionality of Google Forms. Click here to register.

    1. TWIG – Google Docs and Add-Ons—Wednesday, June 17, 9:00am to 12:00pm, MOREnet, 221 Stadium Blvd., Ste. 201, Columbia -- This class will introduce the features and functionality of Google Docs, an online, collaborative word processing Google tool. Click here to register.

    1. TWIG- Gmail and Google Calendar—Wednesday, June 17, 1:00pm to 4:00pm, MOREnet, 221 Stadium Blvd., Ste. 201, Columbia -- This class will introduce the features and functionality of Gmail and Google Calendar. Click here to register.

    1. *CompTIA Network+ -- Monday, June 22 – Friday, June 26, 2015, MOREnet, 221 Stadium Blvd., Ste. 201, Columbia -- This course is intended for entry-level computer support professionals with a basic knowledge of computer hardware, software, and operating systems to prepare for the CompTIA® Network+® (Exam N10-005), or who wish to increase their knowledge and understanding of networking concepts and acquire the required skills to prepare for a career in network support or administration. Click here to register

*NOTE: This course needs a minimum of 10 attendees and will be withdrawn from the schedule 2 weeks prior to date of training if minimum is not met. Don’t wait till the last minute!

    1. Introduction to Windows 2012 Server Administration – Tuesday, July 14 – Wednesday, July 15, MOREnet 221 Stadium Blvd., Ste. 201, Columbia -- Designed to build a foundation in basic server administration, this class introduces students to many of Windows Server 2012 features. The class includes extensive exercises which reinforce Microsoft Windows Server 2012 network administration skills as they are learned. Click here to register

    1. Windows 2012 Group Policy – Thursday, July 16, MOREnet 221 Stadium Blvd., Ste. 201, Columbia -- This class is designed to allow students to centrally manage workstations and servers with Group Policy Objects (GPOs) within a Windows Active Directory domain. Click here to register

    1. Cyber Security Awareness – Social Media and Digital Footprints—Thursday, July 23, 2015—10:00am to 11:30am, Daniel Boone Regional Library, 100 West Broadway, Columbia, MO – This FREE workshop is geared toward parents and grandparents. If you'd like to learn more about Social Media and Digital Footprints, please join us to find out what kids are doing online today and how it can affect their future. No registration necessary.

 

Do you know of any upcoming security-related training or events?  Please send them to security@more.net for inclusion in this newsletter.

 

SECURITY QUOTE OF THE WEEK

“The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards.”– Gene Spafford