GOOGLE: Android Security: Google’s June Update Splats Dozens of Critical, High-Severity Bugs. Google rolls out the June security update for Nexus and Android — but will your device be among those getting the fixes? Read more
JENKINS: Jenkins Security Patches Could Break Plug-Ins. The latest security update for Jenkins changed how build parameters are handled, impacting multiple plug-ins. The latest version changes how plug-ins use build parameters, though, so developers will need to adapt to the new process. The vulnerabilities affect all previous releases, including the mainline releases up to and including 2.2, and LTS releases up to and including 1.651.1. Administrators should update their Jenkins installations to mainline release Jenkins 2.3 or LTS 1.651.2. Read the rest
SYMANTEC & CISCO: Symantec Security Flaw and Cisco Web Security Patches – Security News IT Leaders Need to Know. A Google Project Zero researcher has discovered several remote code execution vulnerabilities in Symantec anti-malware software, the most serious of which was a flaw in the core scanning engine that required no user interaction for exploitation. CERT reports that Cisco has released fixes for four flaws in its web security appliance, any of which could allow a remote attacker to cause denial of service. Find out more
NETWORKS: NTP Patches Flaws That Enable DDoS. The network time protocol, at the center of a number of high-profile DDoS attacks in 2014, was updated last Thursday to ntp-4.2.8p8. The latest version includes patches for five vulnerabilities, including one rated high-severity. NTP, specifically the NTP daemon, synchronizes system clocks with time servers. Read more
NOW ON SLIDESHARE: Tech Update Summary from Blue Mountain Data Systems May 2016 http://www.slideshare.net/BMDS3416/tech-update-summary-from-blue-mountain-data-systems-may-2016.
IT SECURITY SUPPORT: Blue Mountain Data Systems is actively involved in implementing FISMA and NIST standards with Federal Civilian Agencies. Due to our extensive experience in this area, Blue Mountain has developed processes and organizational techniques to help ensure security deliverables are completed on time, and performed in the most efficient manner possible. We ensure that NIST-800-53 control requirements are treated consistently during definition, analysis, implementation, auditing, and reporting phases of a system. Find out more about Blue Mountain Data Systems IT Security Support Services. Call us at 703-502-3416.
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.