Thursday, April 30, 2015

View of the Week: 'A Message to Garcia' | BeLikeRowan.com

Please enjoy this courtesy of GiveMore as a "Virtual Token" for all the support shown:


On Being Safe in the Virtual World: An #Outsider Newsflash (The Latest From US-CERT)

As part of the mission of #Outsiders and this channel, we will feature weekly guidance we receive here @ #Outsiders on the state of threat.     What we received here is compelling that must be attended to by all:

NCCIC / US-CERT

National Cyber Awareness System:
04/29/2015 12:00 AM EDT

Original release date: April 29, 2015

Systems Affected

Systems running unpatched software from Adobe, Microsoft, Oracle, or OpenSSL.

Overview

Cyber threat actors continue to exploit unpatched software to conduct attacks against critical infrastructure organizations. As many as 85 percent of targeted attacks are preventable [1].
This Alert provides information on the 30 most commonly exploited vulnerabilities used in these attacks, along with prevention and mitigation recommendations.
It is based on analysis completed by the Canadian Cyber Incident Response Centre (CCIRC) and was developed in collaboration with our partners from Canada, New Zealand, the United Kingdom, and the Australian Cyber Security Centre.

Description

Unpatched vulnerabilities allow malicious actors entry points into a network. A set of vulnerabilities are consistently targeted in observed attacks.

Impact

A successful network intrusion can have severe impacts, particularly if the compromise becomes public and sensitive information is exposed. Possible impacts include:
  • Temporary or permanent loss of sensitive or proprietary information,
  • Disruption to regular operations,
  • Financial losses relating to restoring systems and files, and
  • Potential harm to an organization’s reputation.

Solution

Maintain up-to-date software.

The attack vectors frequently used by malicious actors such as email attachments, compromised “watering hole” websites, and other tools often rely on taking advantage of unpatched vulnerabilities found in widely used software applications. Patching is the process of repairing vulnerabilities found in these software components.
It is necessary for all organizations to establish a strong ongoing patch management process to ensure the proper preventive measures are taken against potential threats. The longer a system remains unpatched, the longer it is vulnerable to being compromised. Once a patch has been publicly released, the underlying vulnerability can be reverse engineered by malicious actors in order to create an exploit. This process has been documented to take anywhere from 24-hours to four days. Timely patching is one of the lowest cost yet most effective steps an organization can take to minimize its exposure to the threats facing its network.

Patch commonly exploited vulnerabilities.

Executives should ensure their organization’s information security professionals have patched the following software vulnerabilities. Please see patching information for version specifics.
Microsoft
CVE
Affected Products
Patching Information
CVE-2006-3227 Internet Explorer Microsoft Malware Protection Encyclopedia Entry
Office Word Microsoft Security Bulletin MS08-042
Office
Office for Mac
Open XML File Format Converter for Mac
Office Excel Viewer
Excel
Office Compatibility Pack for Word, Excel, and PowerPoint
Microsoft Security Bulletin MS09-067
CVE-2009-3674 Internet Explorer Microsoft Security Bulletin MS09-072
CVE-2010-0806 Internet Explorer Microsoft Security Bulletin MS10-018
Office
Office for Mac
Open XML File Format Converter for Mac
Excel
Microsoft Security Bulletin MS11-021
Office
SQL Server
BizTalk Server
Commerce Server
Visual FoxPro
Visual Basic
Office
SQL Server
Commerce Server
Host Integration Server
Visual FoxPro Visual Basic
CVE-2012-4792 Internet Explorer Microsoft Security Bulletin MS13-008
CVE-2013-0074 Silverlight and Developer Runtime Microsoft Security Bulletin MS13-022
CVE-2013-1347 Internet Explorer Microsoft Security Bulletin MS13-038
CVE-2014-0322 Internet Explorer Microsoft Security Bulletin MS14-012
Microsoft Word
Office Word Viewer
Office Compatibility Pack
Office for Mac
Word Automation Services on SharePoint Server
Office Web Apps
Office Web Apps Server
CVE-2014-1776 Internet Explorer Microsoft Security Bulletin MS14-021
Windows Microsoft Security Bulletin MS14-060
Oracle
CVE
Affected Products
Patching Information
Java Development Kit, SDK, and JRE
Java Development Kit and JRE Oracle Java SE Critical Patch Update Advisory - June 2013
Adobe
CVE
Affected Products
Patching Information
CVE-2009-3953
Reader
Acrobat
Adobe Security Bulletin APSB10-02
CVE-2010-0188
Reader
Acrobat
Adobe Security Bulletin APSB10-07
CVE-2010-2883
Reader
Acrobat
Adobe Security Bulletin APSB10-21
CVE-2011-0611
Flash Player
AIR
Reader
Acrobat
CVE-2011-2462
Reader
Acrobat
Adobe Security Bulletin APSB11-30
CVE-2013-0625 ColdFusion Adobe Security Bulletin APSB13-03
CVE-2013-0632 ColdFusion Adobe Security Bulletin APSB13-03
CVE-2013-2729
Reader
Acrobat
Adobe Security Bulletin APSB13-15
CVE-2013-3336 ColdFusion Adobe Security Bulletin APSB13-13
CVE-2013-5326
ColdFusion Adobe Security Bulletin APSB13-27
Flash Player
AIR
AIR SDK & Compiler
OpenSSL
CVE
Affected Product
Patching Information
OpenSSL

Implement the following four mitigation strategies.

As part of a comprehensive security strategy, network administrators should implement the following four mitigation strategies, which can help prevent targeted cyber attacks.
Ranking
Mitigation Strategy
Rationale
1
Use application whitelisting to help prevent malicious software and unapproved programs from running.
Application whitelisting is one of the best security strategies as it allows only specified programs to run, while blocking all others, including malicious software.
2
Patch applications such as Java, PDF viewers, Flash, web browsers and Microsoft Office.
Vulnerable applications and operating systems are the target of most attacks. Ensuring these are patched with the latest updates greatly reduces the number of exploitable entry points available to an attacker.
3
Patch operating system vulnerabilities.
4
Restrict administrative privileges to operating systems and applications based on user duties.
Restricting these privileges may prevent malware from running or limit its capability to spread through the network.
It is recommended that users review US-CERT Security Tip (ST13-003) and CCIRC’s Mitigation Guidelines for Advanced Persistent Threats for additional background information and to assist in the detection of, response to, and recovery from malicious activity linked to advance persistent threats [2, 3].

References

Revision History

  • April 29, 2015: Initial release
Powered by GovDelivery

Wednesday, April 29, 2015

Notations From the Grid: On Decision Making & Leadership

In our daily assessment on the "Grid", we ran across this very insightful artilce from the +Harvard Business Review  that reminds all to insure that the process is right which is available on the Daily Outsider Facebook page which has been released here for this editon of "Notations From the Grid":

Crucial 4 success..an important "view of the week (II)" to share which will be featured on the Education Road in the "Daily Outsider"

Posted by The Daily "Outsider" on Tuesday, April 28, 2015

Monday, April 27, 2015

An #Outsider Newsflash: A Last Minute Opportunity For a Fellowship

Onion Inc, Editorial Fellowship

  • Chicago, IL
  • Contract

Company Description

The Onion is truly one of a kind. It is among the most influential and respected media companies in the world, and its websites are the preferred digital destination for millions of millennials seeking the highest quality comedy and pop culture content, complemented by the most compelling—and entertaining—native advertising campaigns. The Company’s digital properties, The Onion, The A.V. Club and ClickHole, have leveraged a shared sensibility for creating smart content that attracts a dream audience for advertisers. Together the sites reach a monthly audience of more than 25MM unique visitors and over 12 million social followers.
As the media landscape has morphed, over the past decade, The Onion has transformed itself—and thrived. Onion Labs, the Company’s in-house content marketing team, has capitalized on the franchise’s award-winning creative teams and outsized social network to craft content solutions for a wide array of blue-chip advertisers.
The Onion, which began as a humble college tabloid in Madison, WI, completed its transition to all-digital publishing in 2013. The Onion is the premier satirical comedy brand providing content to the most highly coveted cohort—young, educated, employed, conspicuously consuming, influential, highly social and utterly engaged.

Job Description

  • Based in our Chicago, IL headquarters
  • Editorial department position
  • We are looking for creative, detail-oriented, motivated, and humble individuals interested in contributing to The Onion’s editorial process. Fellows are given the opportunity to aid in the production of Onion content.

Qualifications

  • We look for the following qualities in Onion, Inc. Creative Fellows:
  • Ambitious and hardworking
  • Deeply passionate and familiar with Onion, Inc.
  • Desire to work in creative group settings
  • Self-motivated

Additional Information

To be considered for an Onion Writing Fellowship you must:
  • Include a resume and cover letter detailing why you’d like to work for The Onion
  • Submit 10 headlines in Onion style
  • Be available to work in our Chicago office 30-40 hours per week. 
  • Be available to work July - December
  • Applications are due May 1st, 2015
This is a Paid Fellowship

Notations For the Day: A Potential Employment Opportunity (A New Feature)

We here @ #outsiders wanted to introduce a new feature here in #Outsiders:   Potential Job Opportunities.     For this, we wanted to share this courtesy of Work for Progress Jobs which we here at #Outsiders periodically receive updates on.    

An Excerpt of the Bulletin is noted below and further information can be accessed by clicking on the link below.  The position is in Washington D.C: 

Bring Down The Cost Of Higher Education, Fellowship Position

Higher education in America continues to be critical for both individual success and the social and economic health of our country. While college attendance rates have grown over the past two decades, state appropriations and federal aid have failed to keep pace with the rising cost of college, shifting more costs to students. As a result, more students than ever must rely on student loans to pay for a college degree, with the average borrower now graduating with more than $29,000 in loan debt.

Heavy student loan debt carries negative consequences for borrowers, who must make monthly payments with their hard-earned dollars rather than save up and get ahead. High debt can affect where graduates live, the kind of careers they pursue, when they start a family or purchase a home, and whether they can save for retirement.

View of the Week: A Compelling "Thought" to Consider


This compelling Thought for the Week is ever so critical for us to reflect upon especially as we are witness to the horrific scenes from Baltimore that we noted in "Ordinary Faces".    It was a startling comment by a commentator on Al Jazeera America as he noted how the Police actually grew out of the old "Slave Catching" squads designed to catch slaves.    

This is an admonition to truly consider:  
People are always thinking and talking about one of four things, driven by one of four psychological motivations:1)...
Posted by Darren Hardy on Monday, April 27, 2015

Notations From the Grid: On Google's Upcoming Education Conference

#Google has been at the forefront of transforming Educatoin as in other areas.    We wanted to report on this upcoming conference that should be quite insightful for all to observe:


Friday, April 24, 2015

View of the Week: The Chrome Live Archive

For this edition of "View of the Week", we hope all enjoy checking this very informative and engaging event that Google hosted.   It is available on demand for all:

The event that will change the way you think about Chrome.
Chrome Live is now available on-demand
On April 22, Chrome Live shed new light on what the web can do for businesses. In case you missed hearing about the future of Chrome—or the ways in which top companies like Netflix, Pinterest and Chico’s are using Chrome to streamline operations and reimagine the web, meeting technology, and digital displays—we’ve created a recap of the event sessions.

You can watch the event in its entirety or see specific topics you missed by accessing Chrome Live on-demand now.

We hope you enjoy the highlights, and we hope to see you at the next event.

Wednesday, April 22, 2015

On Love: A V-Thought 4 the Week

We wanted to share something different courtesy of the team @ givemore.com throughout all the channels of #Outsiders  that reflects upon the goodness of life as our World continues to be witness to the horror and destruction of War--a Way to think different which is one of the implicit objectives of our team here @Outsiders--We hope all enjoy it as a token of our appreciation:

Love Your People video
(Click on the image above to watch the video)
 
We need more love at work.
We need to get rid of the bad stuff and
help each other enjoy more of the day.

Tuesday, April 21, 2015

Notations From The Grid: On The View From Iran (A Historical Analysis)

A View of the week (II) courtesy of the folks Truthdig: They have done a nice job laying out key historical facts on...

Posted by The Daily "Outsider" on Tuesday, April 21, 2015

Monday, April 20, 2015

Notations From the Grid: On #EarthDay2015 & Climate Change



Earth Day 2015 is coming up.     The community of Laguna Niguel celebrated it early and we reported on it in the South County Channel.    How Earth is under assault was underscored by this beautiful rendition from the Economist KAL.    

The idea that somehow Science is up for debate has become somewhat problematic as we have been witness to an extended drought in California and a day does not pass by without some natural calamity before us.    What Neil DeGrasse Tyson noted has to be taken to heart by all:


Some real talk from Neil deGrasse Tyson.
Posted by Climate Progress on Monday, April 20, 2015

 Will the World listen?



Saturday, April 18, 2015

View of the Week: On #Failure

As we go "dark"and gear up for a new week throughout #Outsiders , we wanted to share this courtesy of +Jonathan Huie which we follow closely here @ #Outsiders that underscores some poignant advise as a new week dawns here throughout the #Outsiders network along with this "classic" clip from our archives:

 




Don't give up.
There are too many nay-sayers out there who will try to discourage you.
Don't listen to them.
The only one who can make you give up is yourself.
- Sidney Sheldon

Keep moving. Don't stop. But don't rush.
Don't race around.
Sure and steady gets you there every time.
- Neale Donald Walsch

You make a mistake, you keep going.
- Linda Gray

Achievement seems to be connected with action.
Successful men and women keep moving.
They make mistakes, but they don't quit.
- Conrad Hilton

Notations For the Week-End: A Blast From the Past


سال ۱۳۴۱ - دیدار شهبانو و شاه از دیزنی لند در کالیفرنیا در یک روز غیر رسمی‌ هنگام یک سفر رسمی‌ چهار روزه به جنوب کالیفرن...

Posted by Tzaman on Thursday, April 16, 2015
The late Shah of Iran and Empress Farah were in the United States on a Private Visit in 1962 and checked out Disneyland. Walt Disney himself played host.

Friday, April 17, 2015

Thought 4 The Week : On the Quest For The Education Road


Thursday, April 16, 2015

Notations From the Grid: #Israel Surprises....

Israel unevieled a new Stamp to honor Cyrus the Great depiciting the Cyrus Cylinder:

رونمایی از تمبر بزرگ‌داشت کورش در اسرائیلدر کشور اسرائیل دو روز پیش، ۱۴ آوریل برابر با ۲۵ فروردین، از تمبری که برای بز...

Posted by ‎Tavaana: E-Learning Institute for Iranian Civil Society توانا: آموزشکده جامعه مدنی ایران‎ on Thursday, April 16, 2015
As we reviewed the Daily "Updates" From the Grid, we here could not help but be surprised in lieu of some of the on-going challenges and stance by the current Israeli Prime Minister we've noted in the Ordinary Faces Channel. It is still a historical fact which we wanted to report on in line with the mission of this Channel in the Outsider Network.

Monday, April 13, 2015

Notations From the Grid (II): On The Passing of Gunther Gras

A giant left us--This tribute says it all:

Remembering....and honoring....

Posted by The Daily "Outsider" on Monday, April 13, 2015

Notations From the Grid: On Selective Outrage :-(


For this edition of "Notations From the Grid", a telling indictment of how the World assesses outrage and how the need to be educated ever more is so crucial:

My new column for the Guardian, on our "selective outrage" over events in the Middle East...
Posted by Mehdi Hasan on Monday, April 13, 2015

Thursday, April 9, 2015

Thought 4 the Week

Entrepreneur of the week: Steve Jobs"Your time is limited, so don’t waste it living someone else’s life." *How will you spend your time on this earth? What will you do? #JoinTheRide

Posted by Darren Hardy on Thursday, April 9, 2015

Friday, April 3, 2015

On This Easter Week-End...A "Thought 4 the Week-End" :-)

On this Easter Week-End 2015, Sharing this as we go "Dark" on the "Outsider Network"--Happy Easter & Happy Passover!!!




We all know Helen Keller’s inspirational story, but do you know her legacy of effecting positive social change? In honor...
Post by Walden University.


Thought 4 the Week


Wednesday, April 1, 2015

As The New Quarter Dawns: A "Thought 4 the Day".....

As we begin a new quarter at #Outsiders, we have been assessing the mission and purpose.   As we reflected upon the quarter, one key thought courtesy of +BrainyQuote underscores the pursuit of Education which is a driving force for this channel which we hope is the ultimate purpose of the development of #Outsiders which we wanted to report on: