3rd Unscheduled Flash Patch for 2015

Adobe has released another patch for Flash.  Update when you can.

Another 0Day Adobe Flash Vulnerability

Third one so far this year, Adobe has yet to release a patch.

Windows 10 on a Surface Pro 3

TechCrunch tests out MS latest OS.

GHOST Linux vulnerability can be exploited via WordPress

Along with Exim and a few other services, it now appears that WordPress can be vulnerable to GHOST.

Microsoft to invest in Cyanogen

MS plans to back the Android rival OS.

OneDrive for Business now on iOS and OS X

You now can get access to the “professional” OneDrive given to Office 365 users.

Adobe updates its Flash Update

It’s time to patch Flash again.

Microsoft releases “Office for Android”

Microsoft has released a mobile version of Office for Android on the Google Play Store for free.

IOS 8.1.3

Apple has released an update for iOS, patch when you can.

Constant Vigilance! UTC IT Security  

In IT everyone knows that security is important part of their job, but for Mr. Michael Dinkins and Mr. David Bean security is their entire job. Speaking at a meeting on January 21, 2015 Mr. Bean outlined the potential security threats that had manifested over the past year with several chilling examples. The Home Depot hack, 56 million payment card numbers and 53 million email addresses stolen. Total cost: Approximately 62 million dollars. JP Morgan Chase, 76 million households and 7 million small businesses were affected (and no one knows whether their data has actually been stolen or not for sure). Total cost for increased security: 250 million dollars per year. Ebay, a breach that took 2-3 months to be revealed to the users of the website and is estimated to have had 112.3 million active users and 145 million records stolen.

According to Mr. Bean, schools are no less vulnerable to cyber attacks than these large companies. In fact between 2005 and 2014 higher education has the highest percentage of data breaches, even top schools like UNC are not only vulnerable but have already been compromised. Even worse, approximately a third of all colleges breached have been breached more than once. “It is a question of when, not if.” Mr. Bean said while a real-time image of attacks originating from all across the globe rained down on the United States behind him. With the estimated cost of $111 per single record breached it is no wonder that both Mr. Bean and Mr. Dinkins take security seriously, the effects can be ruinous.

Some of the biggest security concerns in 2015 are mobile devices, the “internet of things” (Bluetooth or wireless devices), contractors (the source behind many a security breach), and more sophisticated malware like encrypted key loggers. As an illustration of how this impacts UTC Mr. Bean quoted the following metric: “Within 72 hours we received 29,484 alerts.” Granted, as he elaborated, not all of them were cyber attacks, numbers one and two on the alert list are machines running out of date versions of Java, but this gives an idea of the amount of traffic that flows into and out of UTC in a relatively short period of time.

So, what can be done on the users end to protect student and faculty information? As Mr. Bean pointed out, the biggest things you can do are:

  1. Be aware of the danger and thoughtful about what websites you go to.
  2. Be cautious about what apps you install. (Read the End User License Agreement before agreeing to install)
  3. Make security a part of your regular workday, change your passwords.
  4. Don’t give people any opportunities (don’t store sensitive data in non-secure locations)