Thursday, April 30, 2015

View of the Week: 'A Message to Garcia' | BeLikeRowan.com

Please enjoy this courtesy of GiveMore as a "Virtual Token" for all the support shown:

On Being Safe in the Virtual World: An #Outsider Newsflash (The Latest From US-CERT)

As part of the mission of #Outsiders and this channel, we will feature weekly guidance we receive here @ #Outsiders on the state of threat. What we received here is compelling that must be attended to by all:

National Cyber Awareness System:

TA15-119A: Top 30 Targeted High Risk Vulnerabilities

04/29/2015 12:00 AM EDT

Original release date: April 29, 2015

Systems Affected

Systems running unpatched software from Adobe, Microsoft, Oracle, or OpenSSL.

Overview

Cyber threat actors continue to exploit unpatched software to conduct attacks against critical infrastructure organizations. As many as 85 percent of targeted attacks are preventable [1].
This Alert provides information on the 30 most commonly exploited vulnerabilities used in these attacks, along with prevention and mitigation recommendations.
It is based on analysis completed by the Canadian Cyber Incident Response Centre (CCIRC) and was developed in collaboration with our partners from Canada, New Zealand, the United Kingdom, and the Australian Cyber Security Centre.

Description

Unpatched vulnerabilities allow malicious actors entry points into a network. A set of vulnerabilities are consistently targeted in observed attacks.

Impact

A successful network intrusion can have severe impacts, particularly if the compromise becomes public and sensitive information is exposed. Possible impacts include:

Temporary or permanent loss of sensitive or proprietary information,
Disruption to regular operations,
Financial losses relating to restoring systems and files, and
Potential harm to an organization’s reputation.

Solution

Maintain up-to-date software.

The attack vectors frequently used by malicious actors such as email attachments, compromised “watering hole” websites, and other tools often rely on taking advantage of unpatched vulnerabilities found in widely used software applications. Patching is the process of repairing vulnerabilities found in these software components.
It is necessary for all organizations to establish a strong ongoing patch management process to ensure the proper preventive measures are taken against potential threats. The longer a system remains unpatched, the longer it is vulnerable to being compromised. Once a patch has been publicly released, the underlying vulnerability can be reverse engineered by malicious actors in order to create an exploit. This process has been documented to take anywhere from 24-hours to four days. Timely patching is one of the lowest cost yet most effective steps an organization can take to minimize its exposure to the threats facing its network.

Patch commonly exploited vulnerabilities.

Executives should ensure their organization’s information security professionals have patched the following software vulnerabilities. Please see patching information for version specifics.

**Microsoft**
CVE	Affected Products	Patching Information
CVE-2006-3227	Internet Explorer	Microsoft Malware Protection Encyclopedia Entry
CVE-2008-2244	Office Word	Microsoft Security Bulletin MS08-042
CVE-2009-3129	Office Office for Mac Open XML File Format Converter for Mac Office Excel Viewer Excel Office Compatibility Pack for Word, Excel, and PowerPoint	Microsoft Security Bulletin MS09-067
CVE-2009-3674	Internet Explorer	Microsoft Security Bulletin MS09-072
CVE-2010-0806	Internet Explorer	Microsoft Security Bulletin MS10-018
CVE-2010-3333	Office Office for Mac Open XML File Format Converter for Mac	Microsoft Security Bulletin MS10-087
CVE-2011-0101	Excel	Microsoft Security Bulletin MS11-021
CVE-2012-0158	Office SQL Server BizTalk Server Commerce Server Visual FoxPro Visual Basic	Microsoft Security Bulletin MS12-027
CVE-2012-1856	Office SQL Server Commerce Server Host Integration Server Visual FoxPro Visual Basic	Microsoft Security Bulletin MS12-060
CVE-2012-4792	Internet Explorer	Microsoft Security Bulletin MS13-008
CVE-2013-0074	Silverlight and Developer Runtime	Microsoft Security Bulletin MS13-022
CVE-2013-1347	Internet Explorer	Microsoft Security Bulletin MS13-038
CVE-2014-0322	Internet Explorer	Microsoft Security Bulletin MS14-012
CVE-2014-1761	Microsoft Word Office Word Viewer Office Compatibility Pack Office for Mac Word Automation Services on SharePoint Server Office Web Apps Office Web Apps Server	Microsoft Security Bulletin MS14-017
CVE-2014-1776	Internet Explorer	Microsoft Security Bulletin MS14-021
CVE-2014-4114	Windows	Microsoft Security Bulletin MS14-060

**Oracle**
CVE	Affected Products	Patching Information
CVE-2012-1723	Java Development Kit, SDK, and JRE	Oracle Java SE Critical Patch Update Advisory - June 2012
CVE-2013-2465	Java Development Kit and JRE	Oracle Java SE Critical Patch Update Advisory - June 2013

**Adobe**
CVE	Affected Products	Patching Information
CVE-2009-3953	Reader Acrobat	Adobe Security Bulletin APSB10-02
CVE-2010-0188	Reader Acrobat	Adobe Security Bulletin APSB10-07
CVE-2010-2883	Reader Acrobat	Adobe Security Bulletin APSB10-21
CVE-2011-0611	Flash Player AIR Reader Acrobat	Adobe Security Bulletin APSB11-07 Adobe Security Bulletin APSB11-08
CVE-2011-2462	Reader Acrobat	Adobe Security Bulletin APSB11-30
CVE-2013-0625	ColdFusion	Adobe Security Bulletin APSB13-03
CVE-2013-0632	ColdFusion	Adobe Security Bulletin APSB13-03
CVE-2013-2729	Reader Acrobat	Adobe Security Bulletin APSB13-15
CVE-2013-3336	ColdFusion	Adobe Security Bulletin APSB13-13
CVE-2013-5326	ColdFusion	Adobe Security Bulletin APSB13-27
CVE-2014-0564	Flash Player AIR AIR SDK & Compiler	Adobe Security Bulletin APSB14-22

**OpenSSL**
CVE	Affected Product	Patching Information
CVE-2014-0160	OpenSSL	CERT Vulnerability Note VU#720951

Implement the following four mitigation strategies.

As part of a comprehensive security strategy, network administrators should implement the following four mitigation strategies, which can help prevent targeted cyber attacks.

Ranking	Mitigation Strategy	Rationale
1	Use application whitelisting to help prevent malicious software and unapproved programs from running.	Application whitelisting is one of the best security strategies as it allows only specified programs to run, while blocking all others, including malicious software.
2	Patch applications such as Java, PDF viewers, Flash, web browsers and Microsoft Office.	Vulnerable applications and operating systems are the target of most attacks. Ensuring these are patched with the latest updates greatly reduces the number of exploitable entry points available to an attacker.
3	Patch operating system vulnerabilities.
4	Restrict administrative privileges to operating systems and applications based on user duties.	Restricting these privileges may prevent malware from running or limit its capability to spread through the network.

It is recommended that users review US-CERT Security Tip (ST13-003) and CCIRC’s Mitigation Guidelines for Advanced Persistent Threats for additional background information and to assist in the detection of, response to, and recovery from malicious activity linked to advance persistent threats [2, 3].

References

Revision History

April 29, 2015: Initial release

Wednesday, April 29, 2015

Notations From the Grid: On Decision Making & Leadership

In our daily assessment on the "Grid", we ran across this very insightful artilce from the +Harvard Business Review that reminds all to insure that the process is right which is available on the Daily Outsider Facebook page which has been released here for this editon of "Notations From the Grid":

Crucial 4 success..an important "view of the week (II)" to share which will be featured on the Education Road in the "Daily Outsider"
Posted by The Daily "Outsider" on Tuesday, April 28, 2015

Tuesday, April 28, 2015

Notations From the Grid: The latest From #Facebook

Facebook Messenger launches free VOIP video calls over cellular and Wi-Fi http://t.co/zcna46nl8S pic.twitter.com/0wQvoYa9LM
— TechCrunch (@TechCrunch) April 27, 2015

Monday, April 27, 2015

An #Outsider Newsflash: A Last Minute Opportunity For a Fellowship

Onion Inc, Editorial Fellowship

Chicago, IL
Contract

Company Description

The Onion is truly one of a kind. It is among the most influential and respected media companies in the world, and its websites are the preferred digital destination for millions of millennials seeking the highest quality comedy and pop culture content, complemented by the most compelling—and entertaining—native advertising campaigns. The Company’s digital properties, The Onion, The A.V. Club and ClickHole, have leveraged a shared sensibility for creating smart content that attracts a dream audience for advertisers. Together the sites reach a monthly audience of more than 25MM unique visitors and over 12 million social followers.
As the media landscape has morphed, over the past decade, The Onion has transformed itself—and thrived. Onion Labs, the Company’s in-house content marketing team, has capitalized on the franchise’s award-winning creative teams and outsized social network to craft content solutions for a wide array of blue-chip advertisers.
The Onion, which began as a humble college tabloid in Madison, WI, completed its transition to all-digital publishing in 2013. The Onion is the premier satirical comedy brand providing content to the most highly coveted cohort—young, educated, employed, conspicuously consuming, influential, highly social and utterly engaged.

Job Description

Based in our Chicago, IL headquarters
Editorial department position
We are looking for creative, detail-oriented, motivated, and humble individuals interested in contributing to The Onion’s editorial process. Fellows are given the opportunity to aid in the production of Onion content.

Qualifications

We look for the following qualities in Onion, Inc. Creative Fellows:
Ambitious and hardworking
Deeply passionate and familiar with Onion, Inc.
Desire to work in creative group settings
Self-motivated

Additional Information

To be considered for an Onion Writing Fellowship you must:

Include a resume and cover letter detailing why you’d like to work for The Onion
Submit 10 headlines in Onion style
Be available to work in our Chicago office 30-40 hours per week.
Be available to work July - December
Applications are due May 1st, 2015

This is a Paid Fellowship

Notations For the Day: A Potential Employment Opportunity (A New Feature)

We here @ #outsiders wanted to introduce a new feature here in #Outsiders: Potential Job Opportunities. For this, we wanted to share this courtesy of Work for Progress Jobs which we here at #Outsiders periodically receive updates on.

An Excerpt of the Bulletin is noted below and further information can be accessed by clicking on the link below. The position is in Washington D.C:

Bring Down The Cost Of Higher Education, Fellowship Position

Higher education in America continues to be critical for both individual success and the social and economic health of our country. While college attendance rates have grown over the past two decades, state appropriations and federal aid have failed to keep pace with the rising cost of college, shifting more costs to students. As a result, more students than ever must rely on student loans to pay for a college degree, with the average borrower now graduating with more than $29,000 in loan debt.

Heavy student loan debt carries negative consequences for borrowers, who must make monthly payments with their hard-earned dollars rather than save up and get ahead. High debt can affect where graduates live, the kind of careers they pursue, when they start a family or purchase a home, and whether they can save for retirement.

View of the Week: A Compelling "Thought" to Consider

This compelling Thought for the Week is ever so critical for us to reflect upon especially as we are witness to the horrific scenes from Baltimore that we noted in "Ordinary Faces". It was a startling comment by a commentator on Al Jazeera America as he noted how the Police actually grew out of the old "Slave Catching" squads designed to catch slaves.

This is an admonition to truly consider:

People are always thinking and talking about one of four things, driven by one of four psychological motivations:1)...
Posted by Darren Hardy on Monday, April 27, 2015

Notations From the Grid: On Google's Upcoming Education Conference

#Google has been at the forefront of transforming Educatoin as in other areas. We wanted to report on this upcoming conference that should be quite insightful for all to observe:

All you need is an internet connection to learn from fellow educators. Sign up for #GoogleEduOnAir today: http://t.co/aCVYs6Q3uE
— Google For Education (@GoogleForEdu) April 16, 2015

Friday, April 24, 2015

View of the Week: The Chrome Live Archive

For this edition of "View of the Week", we hope all enjoy checking this very informative and engaging event that Google hosted. It is available on demand for all:

The event that will change the way you think about Chrome.

Chrome Live is now available on-demand

On April 22, Chrome Live shed new light on what the web can do for businesses. In case you missed hearing about the future of Chrome—or the ways in which top companies like Netflix, Pinterest and Chico’s are using Chrome to streamline operations and reimagine the web, meeting technology, and digital displays—we’ve created a recap of the event sessions.

You can watch the event in its entirety or see specific topics you missed by accessing Chrome Live on-demand now.

We hope you enjoy the highlights, and we hope to see you at the next event.

Wednesday, April 22, 2015

On Love: A V-Thought 4 the Week

We wanted to share something different courtesy of the team @ givemore.com throughout all the channels of #Outsiders that reflects upon the goodness of life as our World continues to be witness to the horror and destruction of War--a Way to think different which is one of the implicit objectives of our team here @Outsiders--We hope all enjoy it as a token of our appreciation:

(Click on the image above to watch the video)

We need more love at work.

We need to get rid of the bad stuff and
help each other enjoy more of the day.

Tuesday, April 21, 2015

Notations From The Grid: On The View From Iran (A Historical Analysis)

A View of the week (II) courtesy of the folks Truthdig: They have done a nice job laying out key historical facts on...
Posted by The Daily "Outsider" on Tuesday, April 21, 2015

Monday, April 20, 2015

Notations From the Grid: On #EarthDay2015 & Climate Change

Earth Day 2015 is coming up. The community of Laguna Niguel celebrated it early and we reported on it in the South County Channel. How Earth is under assault was underscored by this beautiful rendition from the Economist KAL.

The idea that somehow Science is up for debate has become somewhat problematic as we have been witness to an extended drought in California and a day does not pass by without some natural calamity before us. What Neil DeGrasse Tyson noted has to be taken to heart by all:

Some real talk from Neil deGrasse Tyson.
Posted by Climate Progress on Monday, April 20, 2015

Will the World listen?

Sunday, April 19, 2015

A Week-End Musical Interlude: A Recent "Blast From the Past" :-)

Saturday, April 18, 2015

View of the Week: On #Failure

As we go "dark"and gear up for a new week throughout #Outsiders , we wanted to share this courtesy of +Jonathan Huie which we follow closely here @ #Outsiders that underscores some poignant advise as a new week dawns here throughout the #Outsiders network along with this "classic" clip from our archives:

Don't give up.
There are too many nay-sayers out there who will try to discourage you.
Don't listen to them.
The only one who can make you give up is yourself.
- Sidney Sheldon

Keep moving. Don't stop. But don't rush.
Don't race around.
Sure and steady gets you there every time.
- Neale Donald Walsch

You make a mistake, you keep going.
- Linda Gray

Achievement seems to be connected with action.
Successful men and women keep moving.
They make mistakes, but they don't quit.
- Conrad Hilton

Notations For the Week-End: A Blast From the Past

سال ۱۳۴۱ - دیدار شهبانو و شاه از دیزنی لند در کالیفرنیا در یک روز غیر رسمی‌ هنگام یک سفر رسمی‌ چهار روزه به جنوب کالیفرن...
Posted by Tzaman on Thursday, April 16, 2015

The late Shah of Iran and Empress Farah were in the United States on a Private Visit in 1962 and checked out Disneyland. Walt Disney himself played host.

Friday, April 17, 2015

Thought 4 The Week : On the Quest For The Education Road

I have no special talents. I am only passionately curious. - Albert Einstein #quote
— Mike Pouraryan (@mikepouraryan) April 17, 2015

Thursday, April 16, 2015

Notations From the Grid: #Israel Surprises....

Israel unevieled a new Stamp to honor Cyrus the Great depiciting the Cyrus Cylinder:

رونمایی از تمبر بزرگ‌داشت کورش در اسرائیلدر کشور اسرائیل دو روز پیش، ۱۴ آوریل برابر با ۲۵ فروردین، از تمبری که برای بز...
Posted by ‎Tavaana: E-Learning Institute for Iranian Civil Society توانا: آموزشکده جامعه مدنی ایران‎ on Thursday, April 16, 2015

As we reviewed the Daily "Updates" From the Grid, we here could not help but be surprised in lieu of some of the on-going challenges and stance by the current Israeli Prime Minister we've noted in the Ordinary Faces Channel. It is still a historical fact which we wanted to report on in line with the mission of this Channel in the Outsider Network.

Wednesday, April 15, 2015

V-Thought 4 the Week: On Success

Monday, April 13, 2015

Notations From the Grid (II): On The Passing of Gunther Gras

A giant left us--This tribute says it all:

Remembering....and honoring....
Posted by The Daily "Outsider" on Monday, April 13, 2015

Notations From the Grid: On Selective Outrage :-(

For this edition of "Notations From the Grid", a telling indictment of how the World assesses outrage and how the need to be educated ever more is so crucial:

My new column for the Guardian, on our "selective outrage" over events in the Middle East...
Posted by Mehdi Hasan on Monday, April 13, 2015

Sunday, April 12, 2015

A "Musical Interlude" To Enjoy: A. R. Rahman ft. Iggy Azalea - Million Dollar Dream (Lyric Video) (from ...

Notations For the Week-End: On the US Budget ( A Breakdown Courtesy of the National Priorities Project)

April 15 is Tax Day in the United States. The team at the +National Priorities Project has put together a very nice overview of where the money "went":

Thursday, April 9, 2015

Thought 4 the Week

Entrepreneur of the week: Steve Jobs"Your time is limited, so don’t waste it living someone else’s life." *How will you spend your time on this earth? What will you do? #JoinTheRide
Posted by Darren Hardy on Thursday, April 9, 2015

Friday, April 3, 2015

On This Easter Week-End...A "Thought 4 the Week-End" :-)

On this Easter Week-End 2015, Sharing this as we go "Dark" on the "Outsider Network"--Happy Easter & Happy Passover!!!

We all know Helen Keller’s inspirational story, but do you know her legacy of effecting positive social change? In honor...
Post by Walden University.