Technology Resources Group

Technology Resources Group

Early November Security Updates

There have been a large number of security issues in the news lately.  Be sure you have taken a look at the latest news to keep yourself up to date:

CryptoLocker Ransomware:
A lot of organizations have taken a look at the CryptoLocker story, but one of the best articles comes from Krebs On Security at http://krebsonsecurity.com/2013/11/how-to-avoid-cryptolocker-ransomware/  If you haven't already read it, the above article is certainly worth the read!

Microsoft zero-day Graphics Vuln:
Microsoft announced on Tuesday, 11/3 that a zero-day vulnerability is being used to launch attacks.  Trend Micro has a rundown of the attack at http://blog.trendmicro.com/trendlabs-security-intelligence/how-to-avoid-the-latest-microsoft-office-zero-day-threat/ .

badBIOS:
Security researcher Dragos announced he had noticed an interesting new form of Malware.  While the media has covered this as "using a microphone and speaker to spread a virus," this really isn't what happens.  The reality is that two infected systems can use the mics/speakers to exchange information.  A good write up can be found on ars at http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/

Social Engineering via Phone more dangerous than Malware:
An article appeared on slashdot talking about the DEF CON 21 social engineering challenge where the results indicated that social engineering attacks are still really effective.  Write up at Help Net Security: http://www.net-security.org/secworld.php?id=15856






Technology Resources Group
Building: Media and Learning Center
Contact: Marty Kahn
Phone: 408.864.5656
sizeplaceholder


Last Updated: 11/8/13