This podcast is brought to you by the Greater Lafayette Security Professionals (GLSP) group and the Center for Education and Research in Information Assurance and Security (CERIAS) at Purdue University.

Show Notes

Hosts

• Preston Wiley, CISSP, CCNA
• Mike Hill, CISSP
• George Bailey, CISSP, GCIH
• Keith Watson, CISSP, CISA

Announcements

• The CERIAS Security Seminar is complete for the Spring semester. Speakers for the Fall semester will be announced on future podcasts. Until then, you can find past content on the CERIAS web site.
• Summaries of the CERIAS Symposium panels and keynotes are available at the CERIAS blog.
• Greater Lafayette Security Professionals May meeting will be on May 10, 2012.

Security Updates

• Mozilla releases both Firefox 12 and Thunderbird 12 on April 24.
  • You may also want to consider the Extended Support Releases for Firefox and Thunderbird.

• Microsoft Hotmail patched a 0-day exploit on April 20th. Users that have not logged into the site since that date should verify that they can still log in.

News

• Iranian oil terminal ‘offline’ after ‘malware attack’ BBC news, Iran oil terminal suffers malware attack by Chester Wisniewski (Naked Security blog), Iran Computer Worm Targets Oil Ministry, State Companies by Ladane Nasseri (Bloomberg News), Iranian oil ministry hit by cyber-attack by Saeed Kamali Dehghan (The Guardian), Hackers Attack Iranian Oil Ministry Website, Vital Data Remains Intact (Fars News Agency)
• Backdoor in mission-critical hardware threatens power, traffic-control systems by Dan Goodin (Ars Technica), Vulnerability Note VU#889195: RuggedCom Rugged Operating System (ROS) contains hard-coded user account with predictable password US-CERT
• HHS settles case with Phoenix Cardiac Surgery for lack of HIPAA safeguards press release (HHS), Resolution Agreement (HHS), The first major HIPAA/HITECH fee levied Splunk blog
• 1 in 5 Macs has malware on it. Does yours?, Macs More Likely to Carry Windows Malware Than Mac Malware, Study Finds by Lucian Constantin (PC World)