Digital circuit board with white padlock in the middle of itSECURITY PATCHES

MICROSOFT: Patches Recent ALPC zero-day in September 2018 Patch Tuesday Updates. The monthly Microsoft security updates –known as the Patch Tuesday updates– are out, and this month, the OS maker has fixed 62 security flaws, including a recent zero-day vulnerability that was dumped on Twitter last month, and later adopted by a malware campaign. Patches were made available for products such as Microsoft Windows, Microsoft Edge, Internet Explorer, ASP.NET, the .NET Framework, Edge’s ChakraCore component, Adobe Flash Player, Microsoft.Data.OData, Microsoft Office, and Microsoft Office Services and Web Apps. Read more
[ZDNET.COM]

APPLE: iOS 12 Patches Memory Bugs, Safari 12 Fixes Data Leaks. A new round of security updates is available from Apple, fixing bugs in Safari, watchOS, tvOS, and iOS. Some of the vulnerabilities were disclosed ahead of these releases, creating a window of opportunity for ill-intended users. Apple released its newest version of iOS on September 17, and apart from adding a performance boost to older iPhone models, it also comes with solutions for security problems. Read more
[BLEEPINGCOMPUTER.COM]

VPNs: Popular VPNs Contained Code Execution Security Flaws, Despite Patches. Patches applied to a vulnerability in ProtonVPN and NordVPN builds led to the discovery of separate bugs which had to be resolved quickly in recent updates. Read more
[ZDNET.COM]

NETWORKS: The Top 5 Security Threats & Mitigations for Industrial Networks. While vastly different than their IT counterparts, operational technology environments share common risks and best practices. Read more
[DARKREADING.COM]

==========

NOW ON SLIDESHARE: Tech Update Summary from Blue Mountain Data Systems September 2018 https://www.slideshare.net/BMDS3416/tech-update-summary-from-blue-mountain-data-systems-september-2018.

IT SECURITY SUPPORT: Blue Mountain Data Systems is actively involved in implementing FISMA and NIST standards with Federal Civilian Agencies. Due to our extensive experience in this area, Blue Mountain has developed processes and organizational techniques to help ensure security deliverables are completed on time, and performed in the most efficient manner possible. We ensure that NIST-800-53 control requirements are treated consistently during definition, analysis, implementation, auditing, and reporting phases of a system. Find out more about Blue Mountain Data Systems IT Security Support Services. Call us at 703-502-3416.

BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.

==========

Security Patches – Daily Tech Update – October 17, 2018