Microsoft New Zero Day FlawIT SECURITY

NEW ZERO-DAY FLAW: New exploit linked to Russian ‘Sandworm’ hackers. Microsoft is warning Windows users that they’re vulnerable to a new zero-day flaw that attackers have been exploiting to remotely execute arbitrary code. “At this time, we are aware of limited, targeted attacks that attempt to exploit the vulnerability through Microsoft PowerPoint,” Microsoft says in a security advisory issued late on Oct. 21. It says the flaw in Microsoft OLE is present in all versions of Windows except for Windows Server 2003. Read more
[GOVINFOSECURITY.COM]

MEDICAL INFO SECURITY: Stolen medical data is now a hot commodity. While credit cards are selling for a dollar or less on the black market, personal health credentials are commanding as much as $10 per patient. Here’s why. Read now
[DARKREADING.COM] [INFORMATIONWEEK.COM]

CLOUD SECURITY: It is predicted that the global cloud market will be worth $121 billion by 2015. Yet, many organizations think twice when it comes to entrusting their data to third parties. Read more
[FIREWALL.CX]

FEDERAL GOVERNMENT

INSPECTOR GENERALS & THE CLOUD: Cloud contracts lack security, assessment clauses. A review of federal cloud computing contracts revealed that none included proper security standards or metrics to assess service providers, leaving them significantly exposed, a Council of Inspectors General report states. Read more
[FEDERALTIMES.COM]

GSA:ReverseAuctions.gsa.gov is an efficient and cost-effective platform for buying non-complex commodities and simple services. It’s designed to drive down the total cost of acquisitions and increase savings to customers and taxpayers. Read more
[REVERSEAUCTIONS.GSA.GOV]

FBI: FBI Director James Comey says he wants Congress to update a 20-year-old law to give law enforcement authorities access to the encrypted data of suspected criminals. Read more
[GOVINFOSECURITY.COM]

WEB DEVELOPMENT

APACHE CORDOVA: Web developer Alex Wasner discusses using Apache Cordova to create cross-platform
applications via web technologies. Apache Cordova puts your HTML, CSS and JavaScript into a native web view and uses plug-ins to give you access to native features like the camera and GPS. [VIDEO] Watch now
[MASHABLE.COM]

RESPONSIVE WEB DESIGN FOR GOVERNMENT: Responsive Web Design Challenges Webinar Recap. In the September webinar on Responsive Web Design Challenges in Government, two agencies identify coordination, leadership buy-in and content decisions when mobilizing websites. Read more
[DIGITALGOV.GOV]

MOBILE COMMERCE: Responsive web design is key to getting reluctant mobile shoppers to buy. Most mobile device users have not made an online purchase using their devices in past three months. Read more
[FIERCEMOBILEIT.COM]

FOR THE CIO, CTO & CISO

CIO & BIG DATA: 11 Ways Data Analysis Can Boost Your Bottom Line. Learn how data analysts can increase revenue for your agency and help solve the ROI problem.Read more
[CIOINSIGHT.COM]

POLICY: F.T.C. Names Ashkan Soltani as Chief Technologist. Soltani is a privacy expert and former journalist, a signal that the commission intends to maintain a close watch on online privacy and security issues. Read more
[BITS.BLOG.NYTIMES.COM]

THE CISO & DATA DEFENSE: 6 tips to shift information security from defense to offense. In the new world of risk management, the CISO’s role is changing from security expert to business strategist as new technologies and threats are changing the risk landscape daily. Read more
[GOVHEALTHIT.COM]

==========

IT SECURITY SUPPORT: Blue Mountain Data Systems Inc. can implement FISMA and NIST standards for federal clients. Due to our extensive experience in this area, Blue Mountain has developed processes and organizational techniques to help ensure security deliverables are completed on time, and performed in the most efficient manner possible. We ensure that NIST-800-53 control requirements are treated consistently during definition, analysis, implementation, auditing, and reporting phases of a system. Call Paul Vesely at 703-502-3416 to discuss the IT security support you need.

==========

FOR: Federal & State CTOs CIOs CISOs: Daily Tech Update – October 22, 2014

Leave a Reply