A-Z Index     help.missouri.edu    
home

Best Practices

Apache Web Server

Best Practices

Cloud Computing Best Practices

Data Disposal

Disable Open Shares

Handheld Devices

LMHASH Removal

Macintosh Desktop

Mobile Devices

Protect Laptops From Theft

Red Hat Linux OS

Secure Administrator Passwords

Unix Systems

Windows Desktop

Did You Know ...

Applications Security (link)

Best Practices for Securing Your Home Network (link)

Database Security (link)

Social Engineering Report Shows Corporate America At Risk (link)

What is Cross Site Scripting? (link)

Security Alerts

Alerts are security-related items that require action...

2 million Facebook, Gmail and Twitter passwords stolen in massive hack (link)

6.46 million LinkedIn passwords leaked online (link)

Adobe Acrobat and Reader Multiple Code Execution Vulnerabilities (link)

Adobe patches a critical flaw in Shockwave Player (link)

Adobe Shockwave Player Vulnerabilities (link)

Advisory- Cisco AnyConnect Virtual Private Network (VPN) application for iOS

Apple Issues Huge Mac OS X Update (link)

Apple patches zero-day QuickTime flaw with 7.6.8 release (link)

Apple QuickTime ActiveX _Marshaled_pUnk Remote Code Execution Vulnerability (link)

Critical Java Update Plugs 51 Security Holes (link)

CVE-2012-2122: A Tragically Comedic Security Flaw in MySQL (link)

Fraudulent Email Alert: Don't Give Up Your University Password!

Heartbleed: Serious OpenSSL zero day vulnerability revealed (link)

Important Information on pcAnywhere (link)

Koobface worm targets Mac users on Facebook, Twitter (link)

Mac Flashback trojan exploits unpatched Java vulnerability, no password needed (link)

Microsoft's February Patch Tuesday Fixes 21 Bugs (link)

Microsoft Patch Tuesday for November (link)

Microsoft plans patches for IE10, Windows 8 next week (link)

Microsoft Security Bulletin Advance Notification for August 2012 (link)

Microsoft Security Bulletin Advance Notification for February 2013 (link)

Microsoft Security Bulletin Advance Notification for November 2011 (link)

Microsoft Security Bulletin Summary for February 2011 (link)

Microsoft Security Bulletin Summary for November 2012 (link)

Microsoft Security Bulletin Summary for October 2011 (link)

Microsoft Security Bulletin Summary for September 2011 (link)

Microsoft sounds alert on massive Web bug (link)

Microsoft to Fix 49 Flaws on October 11 (link)

More "Phishing" in Columbia - Don't take the bait!

Oracle Critical Patch Update Advisory - April 2011 (link)

Oracle Critical Patch Update Advisory - January 2011 (link)

Oracle Critical Patch Update Advisory - October 2010 (link)

Oracle Critical Patch Update Advisory - October 2011 (link)

Oracle Java Updates Available to Address Multiple Vulnerabilities

Oracle to issue 78 patches, including 27 for MySQL (link)

Oracle to release 88 security fixes (link)

RealNetworks RealPlayer and RealPlayer SP Multiple Security Vulnerabilities (link)

Risks of Default Passwords on the Internet (link)

Security Advisory: Out of Band Critical Microsoft Patches available on WSUS

Security Advisory: Patch now to avoid infection! (link)

SECURITY ADVISORY: Phishing scheme emails in Exchange environment

SECURITY ALERT: Adobe Updates for Multiple Vulnerabilities

Security update available for Adobe Flash Player (link)

Security updates available for Adobe Reader and Acrobat (link)

Security updates available for Adobe Reader and Acrobat (link)

University of Missouri Wants to Hear From You

University Response to Heartbleed Bug

VMware Security Advisory (link)

Why You Should Never Search For Free WordPress Themes in Google or Anywhere Else (link)

Security News

'Canary' Chrome chirps when it smells malware (link)

'The Moon' worm infects Linksys routers (link)

"Hand of Thief" trojan sniffs out banking credentials of Linux users (link)

18 Alaskan Teens Use Phishing Scam To Hack School System (link)

6 States Bar Employers From Demanding Facebook Passwords (link)

Adobe Breach Impacted At Least 38 Million Users (link)

Adobe Connect Security Breach Exposes Personal Data of 150K Users (link)

Adobe fixes "critical" bugs in Reader, Acrobat and RoboHelp publishing tool (link)

Adobe plugs holes in Flash Player and ColdFusion (link)

Adobe releases another zero-day fix for Flash (link)

Adobe To Announce Source Code, Customer Data Breach (link)

Adobe to patch Reader zero-day this week with rush update (link)

Adobe to revoke code signing certificate (link)

Akamai Heartbleed patch not a fix after all (link)

Alaska agency must pay $1.7m after 500-person breach (link)

Android Malware Infects Activists' Phones (link)

Apple closes security holes in Mac OS X and Safari (link)

Apple finally fixes App Store flaw by turning on encryption (link)

Apple ratchets up App Store security (link)

Apple releases iOS 7 update for iPads and iPhones (link)

Apple won't let users run Flash unless it is the latest version (link)

AP Twitter hack looks like a security tipping point (link)

Arrested Canadian hacker 'believed' to have exploited Heartbleed bug (link)

AT&T Hit by DDoS Attack, Suffers DNS Outage (link)

AT&T shakes its banhammer at would-be pirates (link)

ATM malware may spread from Mexico to English-speaking world (link)

Attack exercise reveals threat-sharing roadblock within health orgs (link)

AutoCAD Worm Targets Design Documents In Possible Espionage Campaign (link)

Backdoor found in D-Link router firmware code (link)

BadNews infections in Google Play spread premium-rate SMS trojan (link)

Barnes & Noble halts use of PIN pad devices after data breach (link)

Beware of this sneaky watering hole attack I just found (link)

BlackBerry Enterprise Server vulnerable to dangerous TIFFs (link)

Chinese military hackers were 'noisy' (link)

Chrome 20 update fixes high-risk security vulnerabilities (link)

Chrome 21 update closes high-risk security holes (link)

Computer Whizzes Do Battle With 'Blizzard' and a 'Cyberattack' (link)

Critical denial-of-service flaw in BIND software puts DNS servers at risk (link)

Critical vulnerability in Blackberry 10 OS (link)

Cross-browser worm spreads via Facebook, security experts warn (link)

CTO of media company faked-out employees with "phishing" emails (link)

DHS seeks cyber fellows (link)

Don’t Get Sucker Pumped (link)

Dropbox Now Offers Two-Step Authentication (link)

Drupal resets account passwords after detecting unauthorized access (link)

Employee password reuse behind Dropbox spam outbreak (link)

Expanded '2-person rule' could help plug NSA leaks (link)

Facebook Adopts Secure Web Pages By Default (link)

Facebook got 25,000 government requests about users (link)

Facebook hacked, says no user data compromised (link)

Facebook password-bypass flaw fixed (link)

Facebook warns users of the end of the Internet via DNSChanger (link)

FBI warns globe trotters about malware lurking in hotel room connections (link)

FCC offers security advice to smartphone users (link)

FDA issues encryption, authentication rules for medical devices (link)

Feds Seized 1,700 Online Domains in 3 Years (link)

Feds step up HIPAA enforcement with hospice settlement (link)

Firefox skirts Windows security feature to make silent updates happen (link)

Firefox to force secure connections for selected domains (link)

First Flash patch for Windows 8 coming "shortly" (link)

Five indicted in massive hacking scheme (link)

Former DNSChanger addresses out in the wild again (link)

Former student accused of stealing identities pleads guilty (link)

For second time in a month, Apple blacklists Java Web plugin (link)

FTC Cracks Down on Senders of Spam Text Messages Promoting "Free" Gift Cards (link)

FTC gives final approval to Facebook privacy settlement (link)

FTC offers guidance for mobile application development (link)

FTC Sues Wyndham Hotels Over Data Security Failures (link)

FTC Takes Aim at Tech Support Scareware Scams (link)

Galaxy S3 hacked via NFC at Mobile Pwn2Own competition (link)

Gaming Company Certificates Stolen and Used to Attack Activists, Others (link)

Global Payments loses up to 1.5 million credit card records in data theft (link)

Google: No, app makers, you can't skip the Play Store (link)

Google Aurora Attackers Still On Loose, Symantec Says (link)

Google Chrome To Get 'Do Not Track' (link)

Google gives Chrome mulligan button (link)

Google shifts to SSL for all searches (link)

Google to replace SSL certificates (link)

Google to scan for malicious apps in Chrome Web Store (link)

Google to users: Your account may be under attack (link)

Google updates all Chrome editions (link)

Google warns 20,000 websites they could be infected with malware (link)

Google warns DNSChanger victims (link)

Grum takedown: '50% of worldwide spam is gone' (link)

Hacker group takes responsiblity for DNS attack on major media sites (link)

Hackers Encrypt Health Records and Hold Data for Ransom (link)

Hackers hit domain registrar, access credit card data and passwords (link)

Hackers pose as hacked software vendor to spread Zeus trojan (link)

Hack forces Apple and Amazon to change security policies (link)

Harvard College dean steps down after e-mail scandal (link)

Harvard to review privacy policies in wake of email search scandal (link)

Healing Heartbleed: LastPass outs automated checker, major sites admit vulnerability (link)

Heartbleed attack used to skip past multifactor authentication (link)

Heartbleed developer explains OpenSSL mistake that put Web at risk (link)

Here’s what Facebook sends the cops in response to a subpoena (link)

HHS posts final HIPAA omnibus rule (link)

House Committee to Probe e-Banking Heists (link)

How to protect yourself from the 'Heartbleed' bug (link)

http://krebsonsecurity.com/2013/08/microsoft-patches-plug-23-security-holes/ (link)

Hundreds of Canadian Tax ID Numbers Stolen in 'Heartbleed' Breach (link)

ICE Hacked Its Own Employees to Teach Self-Defense in Cyberspace (link)

Identity Theft Is a Growing Risk in Health Care: Ponemon Report (link)

IE10 under attack as hackers exploit zero-day bug (link)

Indiana Univ.: Personal data of 146,000 exposed (link)

Insurer to Schnucks: We won't pay for lawsuits related to your breach (link)

iOS 6 to ask if apps can access personal data (link)

It’s Data Privacy Day (link)

Java exploit used in Red October cyberespionage attacks, researchers say (link)

Johns Hopkins University web server breached; up to 1,300 affected (link)

Journalist blames Apple tech for allowing iCloud hack (link)

Judge rules hospital can ask ISP for help in ID'ing alleged hackers (link)

Last call to wipe DNSChanger before 'Internet doomsday' (link)

LinkedIn outage prompts security concerns (link)

LinkedIn Shuts Down Four XSS Flaws (link)

Mac Malware Spies On Email, Survives Reboots (link)

Major software flaws in iPhones, iPads fixed in update (link)

McAfee Report Examines Challenges Retailers Face to Secure In Store Payment Systems (link)

Merchant information may have been stolen from Global Payments (link)

Microsoft: Conficker Worm Continues to Plague Enterprises (link)

Microsoft: Hackers obtained high-profile Xbox Live accounts (link)

Microsoft: Hold Off Installing MS13-036 (link)

Microsoft's April Patch Tuesday brings no Pwn2Own fix (link)

Microsoft and Symantec collaborate to disable click-fraud botnet (link)

Microsoft delivers stopgap defense against active IE10 attacks (link)

Microsoft Drops Chinese Vendor After Windows Exploit Leak (link)

Microsoft fixes critical Hotmail password bug (link)

Microsoft Fixes Zero-Day, Four Other Flaws in IE (link)

Microsoft issues replacement for botched patch (link)

Microsoft joins list of recently hacked companies (link)

Microsoft Plans Critical Windows Security Patches (link)

Microsoft retains weapon to silently scrub XP (link)

Microsoft rolls out standards-compliant two-factor authentication (link)

Microsoft rushes IE8 zero-day fix into next week's Patch Tuesday (link)

Microsoft Security Bulletin Advance Notification for April 2013 (link)

Microsoft Security Bulletin Advance Notification for July 2012 (link)

Microsoft Security Bulletin Summary for June 2012 (link)

Microsoft sketches out final Windows XP security updates for next week (link)

Microsoft slashes Windows XP custom support prices just days before axing public patches (link)

Microsoft slates IE, Windows, Office updates for next week (link)

Microsoft speeds up IE10 Flash patching, matches Google (link)

Microsoft to patch 19 vulnerabilities on Tuesday (link)

Microsoft to patch 20 bugs next week in month of Office updates (link)

Microsoft to patch dangerous Outlook hack-by-preview bug next week (link)

Microsoft torpedoes Citadel botnet infrastructure (link)

Microsoft to tackle under-attack Office bug next week (link)

Microsoft warns of Facebook-hijacking extensions (link)

Millions of Target customers' credit, debit card accounts may be hit by data breach (link)

Mozilla re-releases Firefox 16 after patching critical bugs (link)

Mozilla takes drastic step to automatically block virtually all plug-ins in Firefox (link)

MySQL vulnerability allows attackers to bypass password verification (link)

NBC.com hacked and served up malware (link)

NCSA Partners with Reputation.com and RAINN to Provide Privacy Resources for Domestic Violence and Sexual Assault Survivors (link)

Netflix CEO accuses Comcast of violating net neutrality (link)

New adware Trojan circulating that targets Mac OS X systems (link)

New Android malware disconnects calls, intercepts texts of victims (link)

New Java Exploit Fetches $5,000 Per Buyer (link)

New malware threatens Mac OS X (link)

New security flaws detected in mobile devices (link)

Nordstrom Finds Cash Register Skimmers (link)

Obama budget signs cybersecurity as a top priority (link)

Online Tax Scams to Guard Against (link)

Oracle finally adds whitelisting capabilities to Java (link)

Oracle to issue 88 security patches (link)

Out-of-date, vulnerable browsers put users at risk (link)

Patient data revealed in medical device hack (link)

Personal info of 1m compromised in Nationwide breach (link)

Phisher Guilty of $1.3 Million Scam (link)

Phishing scam piggybacks on Apple Dev Center hack (link)

Popular home routers contain critical security vulnerabilities (link)

Possible link discovered that ties together Wi-Fi routers with backdoors (link)

Post-hack, companies fire back with their own attacks (link)

Pre-installed malware found on new Android phones (link)

Quarter of users see no benefit in updating software (link)

Renewed efforts to revert DNSChanger in effect (link)

Report: Malicious apps in Google Play store grow 388 percent (link)

Report says NSA exploited Heartbleed, kept flaw secret -- but agency denies it (link)

Researchers claim they've discovered the most advanced Android trojan yet (link)

Researchers find trojanized banking app that exploits critical Android bug (link)

Researchers report security flaw in Samsung's Galaxy S4 (link)

Researchers uncover new global cyber-espionage campaign (link)

Researchers warn of new, meaner ransomware with unbreakable crypto (link)

Reuters Twitter account hijacked, fake tweets sent (link)

Rogue Microsoft Services Agreement emails lead to latest Java exploit (link)

Saboteurs slip Dendroid RAT into Google Play (link)

Sally Beauty Confirms Card Data Breach (link)

Samsung Galaxy devices may have backdoor to user data, developer says (link)

Scam Android Apps Plague Google Play (link)

Schnucks supermarket chain struggled to find breach that exposed 2.4M cards (link)

Security concerns over Firefox's "new tab" thumbnail feature (link)

Security firms warn of spreading Windows AutoRun malware (link)

Security Flaws Leave Networked Printers Open To Attack (link)

Security tools reveal cyberintruders' trickery (link)

Security Updates for Shockwave, Windows (link)

See If Sites You Use Are Vulnerable to Heartbleed And How To Change Passwords (link)

Senators Float National Data Breach Law, Take Four (link)

Skype Deals With Account Hijacking Exploit (link)

Sources: Card Breach at Michaels Stores (link)

Spammers buy Chrome extensions and turn them into adware (link)

Stanford reports fourth HIPAA breach (link)

Suspected security hole found in many Samsung devices (link)

Taking the Cyberattack Threat Seriously (link)

Target's data breach: Yes, it gets worse (link)

Target Admits Massive Credit Card Breach; 40 Million Affected (link)

Target Hackers Tapped Vendor Credentials (link)

Target hack strips banks and credit unions of $200M (link)

The 25 most popular passwords of 2012 (link)

Theft of unencrypted laptops behind Coca-Cola breach impacting 74,000 (link)

The Latest Smartphones Could Turn Us All Into Activity Trackers (link)

Thieves Jam Up Smucker’s, Card Processor (link)

Thousands of student records stolen in Florida college breach (link)

Toyota Contractor Accused of Sabotaging Company Network, Stealing Data (link)

Twitter joins Google, Facebook with 'forward secrecy' security (link)

Twitter warns users to reset passwords after hacking scare (link)

Two unencrypted N.J. health insurance laptops stolen, more than 800k impacted (link)

U.S. and Russia sign pact to create communication link on cyber security (link)

U.S. banks could be bracing for wave of account takeovers (link)

UMCP reports another cybersecurity breach (link)

U-Md. computer security attack exposes 300,000 records (link)

Unpatched Microsoft XML Core Services flaw increasingly targeted in attacks, researchers say (link)

Unusual file-infecting malware steals FTP credentials (link)

U of Michigan Health System, Omnicell report patient data breach (link)

Update: Google to pay $22.5M fine over privacy practices (link)

Update: Hackers exploit new IE zero-day vulnerability (link)

Update: Microsoft reacts to XP upgrade critics with free file transfer tool (link)

VMware patches vulnerabilities in ESX 4.1 (link)

Washington Post Site Hacked After Successful Phishing Campaign (link)

WellPoint settles following government investigation in wake of breach (link)

Which sites have patched the Heartbleed bug? (link)

White House circulating draft of executive order on cybersecurity (link)

White House Employees’ Personal Email Hacked (link)

Why Effective Awareness Training Matters (link)

Wide-scale attack against WordPress blogs reported (link)

Windows 8.1 includes seamless, automatic disk encryption—if your PC supports it (link)

Windows XP infection rate may jump 66% after patches end in April (link)

Wireless Carriers Leave Millions of Android Phones Vulnerable to Hackers (link)

WordPress fixes file upload security problems (link)

Worldwide IT Security Spending to Top $60 Billion in 2012, Says Gartner (link)

Worm spreading on Skype IM installs ransomware (link)

XSS, password flaws found in popular ESPN app (link)

Yahoo closes security hole that led to password breach (link)

Yahoo hacked, 450,000 passwords posted online (link)

Yahoo resets passwords after email hack (link)

Yahoo to make SSL encryption the default for Webmail users. Finally. (link)

Yes, the cloud is dangerous — here's how to stay safe (link)

Zero-Days Rule November’s Patch Tuesday (link)

Security Videos

Deter. Detect, Defend. Avoid ID Theft (link)

Grandma Got Phished by a Hacker (link)

HackYourself:It's Easy to Break Into Online Accounts, Thanks to Facebook, Google and Twitter (link)

Icon Ninjas (link)

Monthly Awareness Video (link)

Phishing made simple (link)

Phishing Scams in Plain English (link)

Love your computer!

University of Missouri / UM System
Division of Information Technology
615 Locust Street, Columbia, MO 65211
(573)882-2000

Copyright 2009 Curators of the University of Missouri.
DMCA and other copyright information.
An equal opportunity/affirmative action institution.