Monday, June 27, 2016

Cybersecurity Vulnerability and Patch Report for June 26, 2016


CYBERSECURITY VULNERABILITY

AND PATCH REPORT

FROM OUR FRIENDS AT CITADEL INFORMATION GROUP


Important Security Updates

Avast: Avast! Free Antivirus has released version 12.1.2272. Updates are available on Avast’s website.
Dropbox: Dropbox has released version 5.4.24 for its file hosting program. Updates are available at Dropbox’s website. [See Citadel’s warning below]
Google Chrome: Google has released Google Chrome version 51.0.2704.106 to address multiple vulnerabilities. Updates are available from within the browser or from Google Chrome’s website.
Panda Free Antivirus:  Panda Free Antivirus has released version 16.1.3. Updates are available on Panda Security’s website.
Piriform Ccleaner:  Piriform has released version 5.19.5633 for CCleaner. Updates are available from Piriform’s website.
ZoneAlarm Free: ZoneAlarm has released version 14.2.255.000 of its free firewall. Updates are available from ZoneAlarm’s website.

Current Software Versions

Adobe Flash 22.0.0.192
Adobe Reader DC 2015.016.20039
Dropbox 5.4.24 [Citadel warns against relying on security of Dropbox or other cloud-based file exchange systems. We recommend files containing sensitive information be independently encrypted with a program like Axcrypt; encryption keys be at least 15 characters long; and the master Dropbox [or other] password be at least 15 characters long and different from other passwords.]
Firefox 47.0 [Windows]
Google Chrome 51.0.2704.106
Internet Explorer 11.0.9600.18161
Java SE 8 Update 91 [Citadel recommends removing or disabling Java from your browser. Java is a major source of cyber criminal exploits. It is not needed for most internet browsing. If you have a particular web site that requires Java, Citadel recommends using a two-browser approach to minimize risk. If you normally browse the Web with Firefox, for example, disable the Java plugin in Firefox and use an alternative browser — such as Chrome, IE9, Safari, etc — with Java enabled to browse only the sites that require it.]
QuickTime 7.7.9 [Citadel recommends removing QuickTime. On April 14, US-CERT advised Microsoft Windows users to remove QuickTime. This followed a report in ars technica that Apple has no plans to update the Windows app despite at least two reliable QuickTime vulnerabilities that threaten Windows users who still have the program installed.]
Safari 9.1 [Mac OS X Mavericks, Yosemite, El Capitan]
Skype 7.25.0.103

For Your IT Department

Cisco Multiple Products: Cisco 8800 Series IP Phones running software Release 11.0(1), IOS XE Software, ASR 5000 Series Packet Data Network Gateways, and Prime Collaboration Deployment.  Apply updates. Cisco also reports unpatched vulnerabilities in its Cisco ISR models 800, 819, and 829, U, nified Contact Center Enterprise Software, and Email Security Appliance. There are no workarounds available. Additional details are available at Cisco’s website.
Novell eDirectory: Novell has released an update to fix multiple vulnerabilities in its eDirectory versions 8.8 SP8 and 9.  For version 8.8 SP8 apply patch eDirectory_88SP8_patch8_Windows_x64.exe.  For version 9 apply patch eDirectory_901_Windows_x86_64.exe.  Additional details are available at Novell’s website.
Novell iManager: Novell has released an update to fix multiple vulnerabilities in its iManager versions 2.7.7 and 3.  For version 2.7.7 apply patch iMan_2777_workstation_win.zip or iMan_2777_win.zip as applicable.  For version 3 apply patch iMan_301_workstation_win_x86_64.zip or iMan_301_win_x86_64.zip as applicable.  Additional details are available at Novell’s website.
Novell Open Enterprise Server: Novell has released an update to fix multiple vulnerabilities in its Open Enterprise Server versions 11.2 and 2015 (OES 11 SP2 and OES 2015).  For version 11.2 apply patches oes11sp2-ImageMagik-10938, oes11sp2-libxml2-10936,and oes11sp2-ntp-10940.  For version 2015 apply patch oes2015-ImageMagik-10939, oes2015-libxml2-10937, and oes2015-ntp-10941.  Additional details are available at Novell’s website.
WordPress: WordPress has released version 4.5.3 to address multiple vulnerabilities in previous versions. Update through the application.
If you are responsible for the security of your computer, Citadel’s Weekend Vulnerability and Patch Report is for you. We strongly urge you to take action to keep your workstation patched and updated.
If someone else is responsible for the security of your computer, forward our Weekend Vulnerability and Patch Report to them and follow up to make sure your computer has been patched and updated.
Vulnerability management is a key element of cyber security management. Cyber criminals take over user computers by writing computer programs that “exploit” vulnerabilities in operating systems (Windows, Apple OS, etc) and application programs (Adobe Acrobat, Office, Flash, Java, etc). When software companies find a vulnerability, they usually issue an update patch to fix the code running in their customer’s computers.
Citadel publishes our Weekend Vulnerability and Patch Report to alert readers to some of the week’s important updates and vulnerabilities. Our focus is on software typically found in the small or home office (SOHO) or that users are likely to have on their home computer. The report is not intended to be a thorough listing of updates and vulnerabilities.
Copyright © 2016 Citadel Information Group. All rights reserved.

Jeff Snyder’s, SecurityRecruiter.comJeff Snyder CoachingSecurity Recruiter Blog, 719.686.8810

Cybersecurity News for the Week of June 26, 2016

CYBERSECURITY NEWS

FROM OUR FRIENDS AT CITADEL INFORMATION GROUP


Individuals at Risk

Identity Theft

154 million US voter records exposed following hack: MacKeeper security researcher Chris Vickery has discovered yet another database containing voter profiles of US citizens, accessible to anyone who stumbled upon it or knew where to look. HelpNetSecurity, June 23, 2016
International identity-theft ring victimized hundreds, including Hollywood actress, authorities say: Federal agents said they have uncovered a massive international identity-theft scheme that victimized at least hundreds and maybe thousands of people, including an actress who appeared in the television shows “Smallville” and “Supergirl.” The Washington Post, June 17, 2016
Acer security breach exposes data of 34,500 online shoppers: Computer maker Acer recently revealed to California’s Attorney General (AG) that hackers broke into the company’s online store and grabbed sensitive customer data. The leaked data includes information such as customer names, addresses, and credit card numbers including expiry dates and three-digit CVC security codes. The hack affects 34,500 customers based in the United States, Canada, and Puerto Rico, as first reported by ZDNet, which Acer later confirmed to PCWorld. ComputerWorld, June 20, 2016

Cyber Privacy

US district judge rules FBI doesn’t need a warrant to query a suspect’s computer: A senior US district judge has decided that the warrant authorizing the search of a suspect’s home computer by the FBI was issued based of probable cause, but even if it wasn’t, it wouldn’t matter, “because the Government did not need a warrant to capture Defendant’s IP address,” and did not need it to extract additional information from his computer. HelpNetSecurity, June 24, 2016
Firm pays $950,000 penalty for using Wi-Fi signals to secretly track phone users: A mobile advertising company that tracked the locations of hundreds of millions of consumers without consent has agreed to pay $950,000 (£640,000) in civil penalties and implement a privacy program to settle charges that it violated federal law. ars technica, June 22, 2016

Cyber Danger

This Android malware can secretly root your phone and install programs: Android users beware: a new type of malware has been found in legitimate-looking apps that can “root” your phone and secretly install unwanted programs. PCWorld, June 22, 2016

Cyber Update

Carbonite resets user passwords to protect against password reuse attack: If you’re a user of online backup service Carbonite, you’re getting a new password. Don’t make it one you’ve used somewhere before. TheRegister, June 22, 2016
Apple fixes memory corruption vulnerability in AirPort product line: Addressing a vulnerability that could have potentially resulted in remote code execution, Apple yesterday announced a firmware update for several of its AirPort Wi-Fi products. SCMagazine, June 21, 2016
Citing Attack, GoToMyPC Resets All Passwords: GoToMyPC, a service that helps people access and control their computers remotely over the Internet, is forcing all users to change their passwords, citing a spike in attacks that target people who re-use passwords across multiple sites. KrebsOnSecurity, June 20, 2016

Cyber Defense

Apple Safari blocks outdated versions of Adobe Flash on MAC OS X devices: Mac OS X users with the Flash plug-in installed in Safari will need to make sure they’re running the latest version. CNet, June 21, 2016

Information Security Management in the Organization

Information Security Governance

Cybercriminals Prey on Smaller Firms as Larger Targets Harden Security: A tech startup in the New York area was flying high after a big funding round. The cash landed in the company’s bank account, but then disaster struck: Cyber criminals had heard about the funding round too, and decided to steal the money. Fortune, June 23, 2016
Cybersecurity Efforts Require Individualized Planning and Execution: As cybersecurity risks have increased world-wide, both the SEC and the NFA have dictated that hedge funds and private equity funds have a plan to assess, manage and address risks and incidents. The security threat to private funds is real for all types of funds, big and small, complex and simple. However, cybersecurity planning for this group must be individualized to a great extent due to the wide range of IT configurations that exist. This article will discuss the required elements of cybersecurity planning as they relate to a variety of typical private funds, including hedge funds and private equity funds. Forbes, June 21, 2016

Cyber Awareness

Training? What training? Workers’ lack of cybersecurity awareness is putting the business at risk: Human error is responsible for the worst data breaches and, because of a lack of cybersecurity awareness, organisations are risking their reputation, customer trust, and potentially their bottom lines when employees mishandle data. ZDNet, March 7, 2016
Cyber Security Awareness Campaigns: Why do they fail to change behaviour?: The present paper focuses on Security Awareness Campaigns, trying to identify factors which potentially lead to failure of these in changing the information security behaviours of consumers and employees. GLobal CYber Security Capacity Centre, July 2014

Cyber Crime

Backups not available. NASCAR team pays cybercriminal to unlock critical data after ransomware attack: NASCAR, America’s favorite no-right-turn racing format, has joined the growing ranks of people hit by, and paying out to fix, ransomware. TheRegister, June 24, 2016
Bitcoin rival Ethereum fights for its survival after $50 million heist: Imagine a $50 million diamond heist that isn’t investigated by any police body, and more than four days later, the broken vault that made the whole thing possible remains unfixed and suffers follow-on attacks by a group of marauding copycats. In essence, that’s what’s happening to an elite group of investors holding Bitcoin rival Ethereum, and the events threaten the very survival of the fledgling cryptocurrency. ars technica, June 21, 2016

Cyber Warning

Rise of Darknet Stokes Fear of The Rogue Insider: With the proliferation of shadowy black markets on the so-called “darknet” — hidden crime bazaars that can only be accessed through special software that obscures one’s true location online — it has never been easier for disgruntled employees to harm their current or former employer. At least, this is the fear driving a growing stable of companies seeking technical solutions to detect would-be insiders. KrebsOnSecurity, June 22, 2016
Crypto Ransomware Drives 20% Infection Rate Increase: Encryption malware represented 54 percent of all ransomware in April compared to barely 10 percent a year ago, Kaspersky Lab found. DarkReading, June 22, 2016

Cyber Defense

How To Lock Down So Ransomware Doesn’t Lock You Out: Ransomware has mutated into many different forms – and it’s not always easy to catch them all, but here are some things you can do. DarkReading, June 22, 2016
Tor onion hardening will be tear-inducing for feds: The University of California wants to defeat deanonymisation with a hardened version of the Tor browser. The Register, June 23, 2016

Cyber Insurance

Grandpoint Bank Teams with LBW Insurance to Sell Hiscox Cyber Insurance to Its Business Customers: Los Angeles-based Grandpoint Bank is now selling cyber insurance policies to its business customers to provide coverage for wire-transfer and cyber fraud. InsuranceJournal, June 22, 2016

Cyber Security in Society

Cyber Attack

Clinton Foundation Said to Be Breached by Russian Hackers: The Bill, Hillary and Chelsea Clinton Foundation was among the organizations breached by suspected Russian hackers in a dragnet of the U.S. political apparatus ahead of the November election, according to three people familiar with the matter. Bloomberg, June 21, 2016

Cyber Espionage

Why Russian hackers, not a lone wolf, were likely behind the DNC breach: Proving who pulled off a cyber attack is never easy and sometimes impossible. That’s the reality investigators face as they try to figure out who breached the network of the Democratic National Committee, which revealed last week that hackers had made off with confidential documents including research on Republican presidential opponent Donald Trump. PCWorld, June 23, 2016
Kremlin-linked hackers breached Democratic Party networks, say cybersecurity experts: Multiple cybersecurity firms analysing malware samples collected from the recent hack at the Democratic National Committee (DNC) have found evidence backing up assertions that Russian state-sponsored hackers were responsible for the politically-motivated cyberattack. IBTimes, June 21, 2016

National Cyber Security

Chinese Curb Cyberattacks on U.S. Interests, Report Finds: WASHINGTON — Nine months after President Obama and President Xi Jinping of China agreed to a broad crackdown on cyberespionage aimed at curbing the theft of intellectual property, the first detailed study of Chinese hacking has found a sharp drop-off in almost daily raids on Silicon Valley firms, military contractors and other commercial targets. The Washington Post, June 20, 2016

Cyber Law

The ‘Right to Be Forgotten’ and Other Cyberlaw Cases Go to Court: “The law can’t be right if it’s 50 years old. Like, it’s before the internet.” The quote is from a speech Larry Page made at a Google developers conference in 2013, and it’s a fair summary of how technology companies have traditionally viewed the legal system. Regulations can’t keep pace with technological change, so opt for forgiveness over permission. If your idea is successful, you’ll be able to defend it by the time authorities tell you to stop. Bloomberg, June 23, 2016

Financial Cyber Security

Fed weighs enhanced security scrutiny on transfers after $81M cyberheist: The Federal Reserve is considering “enhanced monitoring” for certain kinds of transactions, after hackers stole $81 million from the Bangladesh central bank’s account at the New York branch, Fed chairman Janet Yellen told lawmakers Wednesday. TheHill, June 22, 2016

Internet of Things

‘Smart’ Building Industry Mulls Cybersecurity Challenges: New ‘attraction and curiosity’ for infosec at the Intelligent Buildings Conference this week. DarkReading, June 23, 2016
New Technology May Help Your Car Learn to Recognize Hackers: New software protects autos against hackers by figuring out what normal Internet traffic should look like. MIT Technology Review, June 21, 2016

Cyber Sunshine

Suspect in identity theft scheme allegedly targeted former FBI director: Criminal charges against a 35-year-old Filipino who allegedly targeted former FBI Director Robert Mueller and other high-profile victims were unsealed Friday in what federal prosecutors in New Jersey called a sophisticated identity theft scheme. nj.com, June 24, 2016

Secure the Village

GO-Biz to Host Cyber Innovation Challenge for High School Students – 6/29, Sacramento: As part of California’s continued leadership in cybersecurity, the Governor’s Office of Business and Economic Development (GO-Biz) is hosting the first-ever California Cyber Innovation Challenge (CCIC) at Sacramento City College. In this demonstration event, eight teams of high school students will complete a series of timed cybersecurity challenges, defend the integrity of computer networks and crack complex codes. California Governors Office, Event Date: June 29, 2016
PIHRA Woodland Hills – Protect One of Your Company’s Most Valuable Assets: Information – July 21: Join Citadel’s Kimberly Pease, Secure the Village’s Sandra Lollino and an all-star panel as they discuss cyberattacks and data breaches, how they can affect employees at all levels of the company, the potential impact of data breaches and what to do if it happens to you. In the age of information, companies are more and more vulnerable to hacking, cyber breaches, Internet fraud and identity theft, just to name a few. Did you know that cybercrime affects organizations of all sizes? Criminals are after W2s, medical records, as well as employee and customer personal data. Did you know a reported 80% of data breaches are preventable? Is YOUR workplace protected? Do you have plans, policies, and training for your employees in place so that you could handle a possible breach? PIHRA, Event Date: July 21, 2016
Information Security for CPAs, Clients, & Professionals, Dr. Stan Stahl, CalCPABakersfield, July 28: Citadel and Secure the Village President Stan Stahl discusses information security management strategies and tactics for busineses. Cybercrime costs businesses and non-profits billions of dollars annually in theft, fraud, embezzlement and other losses. While breaches of high-profile targets like Sony, Anthem, Target and JPMorgan Chase make the news, it’s small and medium-sized organizations that are most at risk. Statistics show that 30% of cybercrime victims are small organizations and that 60% of them go out-of-business within 6 months of being attacked. Other statistics show that as many as 80% of these crimes did not need to happen. CalCPA, Event Date: July 28, 2016
Cisco Intros $10 Million Global Cyber Security Scholarship Program: Cisco recently announced plans to invest $10 million in a two-year Global Cybersecurity Scholarship program in an effort to increase the pool of available talent with proficiency in cyber security. eSecurity Planet, June 17, 2016

Jeff Snyder’s, SecurityRecruiter.comJeff Snyder CoachingSecurity Recruiter Blog, 719.686.8810

Friday, June 24, 2016

Cybersecurity Jobs Coming to SecurityRecruiter.com



The past couple of weeks, since returning from a public speaking opportunity in San Francisco have been really busy.

I'm at various stages of negotiation with regards to contracts that will bring new searches to my desk.

Some contracts are already signed and in hand and other contracts are getting close to being signed.  

Here's what the contracts are connected to in terms of Cybersecurity Jobs and Cyber Threat Intelligence Jobs.

Dallas, Texas or Oklahoma City or Waco, TX


  • 3rd Party Vendor Risk Analyst
  • Security Policy Risk Analyst


Boston, MA


  • Manager, Cyber Risk and Cyber Threat Intelligence


Indianapolis, IN


  • Cyber Threat Analyst


Chicago, IL


  • Director, Information Security
  • Manager, Information Security (x2)
  • Manager, Security Operations
  • Application Security Engineer


New York, NY


  • Application Security Engineer


Washington, D.C. 


  • Application Security Consultant (x8)


Each of these Security Jobs will come out with a full description in the Security Recruiter Blog as they are ready to be filled.





Thursday, June 23, 2016

Public Speaking Opportunity, Austin Texas: The Topic is Ransomware



The Austin, TX Chapter of InfraGard is looking for a speaker to discuss the current state of Ransomware.

This volunteer speaker will address the InfraGard audience for approximately 45 minutes followed by 15 minutes of Q&A on the current state of Ransomware.  The desired speaker should be able to address this topic with real-world stories, trends, best prevention practices and/or incident response. 

The next Austin, TX InfraGard meeting is on Thursday, August 11, 2016.


Contact Jeff Snyder at SecurityRecruiter.com directly at 719.686.8810 and I’ll put you in touch with the appropriate person in Austin, TX.

Tuesday, June 21, 2016

The latest issue of the Journal of Physical Security (JPS) is available for free!



The latest issue of the Journal of Physical Security (JPS) is now available online for free at:  http://jps.rbsekurity.com.  Back issues can be viewed or downloaded there as well.

In addition to the usual security news and editor’s rants about security, this issue (Volume 9, Issue 1, June 2016) has papers about modeling the optimum number of security guards;  mitigating workplace violence;  the problem of missing vulnerability assessments;  modeling, designing, and evaluating a physical security system for protecting radioactive material;  and nuclear licensing and regulatory requirements in Egypt.

JPS, a peer reviewed journal, is hosted by Right Brain Sekurity (RBS) as a free public service.  RBS (http://rbsekurity.com) is a small company devoted to physical security consulting and vulnerability assessments.  


Please think about submitting a manuscript for consideration, or encouraging your colleagues or students to do so.  Any aspect of physical security R&D, experimentation, modeling, testing, evaluating, or analysis is welcome, in both technical and social science areas.

Monday, June 20, 2016

Cybersecurity Vulnerability and Patch Report for June 19, 2016

CYBERSECURITY VULNERABILITY

AND PATCH REPORT

FROM OUR FRIENDS AT CITADEL INFORMATION GROUP


Important Security Updates

Adobe Flash Player: Adobe has released version 22.0.0.192 to fix at least 18 vulnerabilities. Updates are available from Adobe’s website. Updates are also available for Adobe AIR with additional information available at Adobe’s website.
AVG Free Edition: AVG has released version 2016.81.7640 of its 64 and 32 bit Free Edition. Updates are available on AVG’s website.
Comodo Free Firewall: Comodo has released version 8.4.0.5068 of its free firewall. Updates are available from Comodo’s website.
Comodo Internet Security: Comodo has released version 8.4.0.5068 of its free security suite. Updates are available from Comodo’s website.
Google Chrome: Google has released Google Chrome version 51.0.2704.103 to address multiple vulnerabilities. Updates are available from within the browser or from Google Chrome’s website.
KeePass: KeePass has released version 2.34 of its open source password manager. Updates are available from the KeePass website.
LastPass for Windows: LastPass has released version 4.1.16 of LastPass for Windows. Updates are available from the LastPass website.
Microsoft Patch Tuesday: Microsoft’s Patch Tuesday released 16 updates to address at least 36 vulnerabilities, some of which are highly critical within Windows operating systems, Internet Explorer, Office, and other Microsoft products.  Additional details are available at Microsoft’s website.
Opera: Opera has released version 38.0.2220.31. Updates are available from within the browser or from Opera’s website.
Skype: Skype has released Skype 7.25.0.103. Updates are available from the program or Skype’s website.

Current Software Versions

Adobe Flash 22.0.0.192
Adobe Reader DC 2015.016.20039
Dropbox 4.4.29 [Citadel warns against relying on security of Dropbox or other cloud-based file exchange systems. We recommend files containing sensitive information be independently encrypted with a program like Axcrypt; encryption keys be at least 15 characters long; and the master Dropbox [or other] password be at least 15 characters long and different from other passwords.]
Firefox 47.0 [Windows]
Google Chrome 51.0.2704.103
Internet Explorer 11.0.9600.18161
Java SE 8 Update 91 [Citadel recommends removing or disabling Java from your browser. Java is a major source of cyber criminal exploits. It is not needed for most internet browsing. If you have a particular web site that requires Java, Citadel recommends using a two-browser approach to minimize risk. If you normally browse the Web with Firefox, for example, disable the Java plugin in Firefox and use an alternative browser — such as Chrome, IE9, Safari, etc — with Java enabled to browse only the sites that require it.]
QuickTime 7.7.9 [Citadel recommends removing QuickTime. On April 14, US-CERT advised Microsoft Windows users to remove QuickTime. This followed a report in ars technica that Apple has no plans to update the Windows app despite at least two reliable QuickTime vulnerabilities that threaten Windows users who still have the program installed.]
Safari 9.1 [Mac OS X Mavericks, Yosemite, El Capitan]
Skype 7.25.0.103

For Your IT Department

Cisco Multiple Products: Cisco reports patched vulnerabilities in its Cisco Prime Network Registrar 8.2 and 8.3, IOS Software 15.0 through 15.4, and cBR-8 Series Converged Broadband Routers.  Apply updates. Cisco also reports unpatched vulnerabilities in its Cisco RV110W Wireless-N VPN Firewall, RV130W Wireless-N Multifunction VPN Router, RV215W Wireless-N VPN Router, and Firepower Management Center 4.10.3, 5.2 through 5.4. There are no workarounds available. Additional details are available at Cisco’s website.
Novell Open Enterprise Server: Novell has released an update to fix multiple vulnerabilities in its Open Enterprise Server versions 11.2 and 2015 (OES 11 SP2 and OES 2015).  For version 11.2 apply patch oes11sp2-php53-10934.  For version 2015 apply patch oes2015-php53-10935.  Additional details are available at Novell’s website.
VMware Multiple Products: VMWare has released updates for its vCenter Server 5.0, 5.1, 5.5, 6.0. Apply updates.  Additional Details are available at the VMWare website.
If you are responsible for the security of your computer, Citadel’s Weekend Vulnerability and Patch Report is for you. We strongly urge you to take action to keep your workstation patched and updated.
If someone else is responsible for the security of your computer, forward our Weekend Vulnerability and Patch Report to them and follow up to make sure your computer has been patched and updated.
Vulnerability management is a key element of cyber security management. Cyber criminals take over user computers by writing computer programs that “exploit” vulnerabilities in operating systems (Windows, Apple OS, etc) and application programs (Adobe Acrobat, Office, Flash, Java, etc). When software companies find a vulnerability, they usually issue an update patch to fix the code running in their customer’s computers.
Citadel publishes our Weekend Vulnerability and Patch Report to alert readers to some of the week’s important updates and vulnerabilities. Our focus is on software typically found in the small or home office (SOHO) or that users are likely to have on their home computer. The report is not intended to be a thorough listing of updates and vulnerabilities.
Copyright © 2016 Citadel Information Group. All rights reserved.

 

Jeff Snyder’s, SecurityRecruiter.comJeff Snyder CoachingSecurity Recruiter Blog, 719.686.8810



SecurityRecruiter.com's Security Recruiter Blog