Security PatchesSECURITY PATCHES

ADOBE FLASH: The tooth gnashing you hear is from Flash users installing a new 0day patch. Remote code-execution bug under active attack, Adobe warns. Adobe Systems is once again rolling out an emergency Flash update that patches a critical vulnerability under active attack to compromise the computers of unsuspecting users. Install now. Read more
[ARSTECHNICA.COM]

MICROSOFT: Company stopping its free advance notifications for security patches. Microsoft Security Response Center senior director Chris Betz said this is due to tech environments and customer needs having “evolved.” Read more
[GMANETWORK.COM]

ORACLE: Issues 169 Security Fixes, 19 for Java. Oracle’s latest quarterly Critical Patch Update (CPU) provided 169 new security vulnerability fixes across Oracle’s product lines, including 19 for Java. This CPU dealt with fewer Java vulnerabilities than the last one, which provided patches for 25 security holes in Java SE and 9 in the Java Virtual Machine (JVM). Read more
[ADTMAG.COM]

PHP: PHP 5.6.5 is the newest version of the language, and it has patches for a handful of vulnerabilities, including a use-after-free flaw that could lead to remote code execution in some cases. Read more
[THREATPOST.COM]

FOR THE CTO, CIO & CISO

IBM: The company no longer sells the Intel-based servers that dominate the data center, and it no longer manufactures its own processors. Despite this shift away from hardware, IBM remains committed to its mainframes, the hulking, expensive computer systems that centralize computing instead of distributing it across a large number of inexpensive Intel-powered machines. Here’s why IBM is still building mainframes. Read more
[FOOL.COM]

CONTRACTORS: Contracting Commandment #4: Thou Shalt Stay Informed. Henry Ford once said, “Anyone who stops learning is old, whether he’s twenty or eighty.” Those words, spoken in the early 20th century, ring true today, and they certainly apply to people involved in government contracting, regardless of your position. Why? Because every contract or subcontract in which you are involved is just one part of a much bigger picture. The more you know about the big picture, the better you will be able to protect your organization. Read more
[FEDERALNEWSRADIO.COM]

OPERATIONS: Building A Cybersecurity Program: 3 Tips. Implementing an effective cybersecurity program should be a top priority for every organization. But, depending on size, industry, and other factors, cybersecurity requirements are going to vastly differ from one organization to the next. How do you get from needing a cybersecurity program to having one? It takes a systematic approach. Here are some suggestions to get you started. Read more
[DARKREADING.COM]

CYBERSECURITY

DNS: 6 DNS services protect against malware and other unwanted content. While many (but not all) users are familiar with the concept of security software, there are more basic ways to protect unwary surfers from phishing sites, botnets, intrusive advertising and other unwanted visitors: DNS services. Use one of these DNS services to protect your organization from phishing sites and other unwanted intruders. Read more
[COMPUTERWORLD.COM]

SECRET WEAPON: Cybersecurity Non-Profits Should Be America’s Secret Weapon in Obama’s Cyberwar Plan. There are dozens of non-profit organizations providing critical cybersecurity services to consumers, small businesses and even large companies and government agencies. These organizations receive almost zero funding from the government, yet are providing critical services to protect the country from cyberattacks. President Obama should enlist and fund these groups to help plan and develop America’s cyberwarfare capability. Find out more
[FORBES.COM]

==========

APPLICATION DEVELOPMENT: Blue Mountain Data Systems is dedicated to Application Development and Systems Integration for Federal Civilian Agencies, Document Management Systems that help in the preparation, scanning, indexing, categorizing and quality control of millions of pages of paper documents to electronic format and the Automation of Workflow Processes. Call us at 703-502-3416.

==========

Federal & State CTOs CIOs CISOs: Daily Tech Update – January 27, 2015

Leave a Reply