IT SECURITY
CISCO PATCH: Cisco patches three-year-old Telnet remote code execution bug in security appliances. There is a severe remote code execution vulnerability in a number of Cisco’s security appliances, a bug that was first disclosed nearly three years ago. The vulnerability is in Telnet and there has been a Metasploit module available to exploit it for years. Read more
[THREATPOST.COM]
SPAM: Spam email disrupts two-thirds of businesses each year [Infographic]. Spam continues to disrupt businesses and the volume of spam, even though it has come down to a degree, can still be in the region of 50 per cent of all email received. That is still a lot of spam. Five valid emails in 10. That is five possible email-borne security threats.Read more
[GFI.COM]
INTERVIEW: Fixing Two-Factor Failures. Not All Authentication Systems Are Created Equal. Enterprises and websites are increasingly adopting, if not requiring, the use of two-factor authentication. But as numerous high-profile attacks have demonstrated, two-factor authentication systems are not foolproof, says Ryan Lackey, a principal in the security practice at distributed-denial-of-service attack defense firm CloudFlare. Listen now
[GOVINFOSECURITY.COM]
FTC: COPPA means tightening compliance for mobile, tech companies. The FTC has settled two high-profile cases that demonstrate its newfound attention paid to the changes to COPPA. Read more
[INSIDECOUNSEL.COM]
SECURITY METRICS: New research refines security vulnerability metrics. Adequate security metrics have seemingly been an unattainable goal, especially when it comes to software security. Too often, organizations simply rely on vulnerability counts for flaws disclosed in an operating system or popular application as a measure of its security. Read more
[THREATPOST.COM]
FEDERAL GOVERNMENT
DEPARTMENT OF LABOR:Combatting long-term unemployment with federal money. Two job training centers in the San Francisco Bay Area have been tasked by the federal government to help the long-term unemployed find jobs in the tech sector. And they’ve been given millions of dollars to fund their efforts. U.S. Labor Secretary Thomas Perez, in a statement, called long-term unemployment (out of work for 27 weeks or more) “one of the most unfinished pieces left over from the recession.” Read more
[SFGATE.COM]
DEPT OF EDUCATION: Education Department to Expand Access to Student Loans. Parents with damaged credit histories will gain greater access to federal student loans to help cover their children’s undergraduate costs under a plan finalized Wednesday by the Obama administration. Read more
[ONLINE.WSJ.COM]
EDUCATION
NoSQL: Introduction to NoSQL by Martin Fowler. Useful summary of how various NoSQL databases work. [VIDEO] Watch now
[YOUTUBE.COM]
ANGULARJS: Bite-sized video training with AngularJS. Life’s too short for long boring lectures. Level up your programming skills today with these short video lessons. [VIDEO] Watch now
[EGGHEAD.IO]
==========
IT SECURITY SUPPORT: Blue Mountain Data Systems Inc. can implement FISMA and NIST standards for federal clients. Due to our extensive experience in this area, Blue Mountain has developed processes and organizational techniques to help ensure security deliverables are completed on time, and performed in the most efficient manner possible. We ensure that NIST-800-53 control requirements are treated consistently during definition, analysis, implementation, auditing, and reporting phases of a system. Call Paul Vesely at 703-502-3416 to discuss the IT security support you need.
==========