DSA-3324 icedove – security update

Multiple security issues have been found in Icedove, Debian’s version
of the Mozilla Thunderbird mail client: multiple memory safety errors,
use-after-frees and other implementation errors may lead to the
execution of arbitrary code or denial of service. This update also
addresses a vulnerability in DHE key processing commonly known as
the LogJam vulnerability.

Best Practices to Protect You, Your Network, and Your Information

Original release date: July 31, 2015

The National Cybersecurity and Communications Integration Center (NCCIC) and its partners responded to a series of data breaches in the public and private sector over the last year, helping organizations through incident response actions, conducting damage assessments, and implementing restoration and mitigation actions.

During NCCIC’s recent work, following best practices proved extremely effective in protecting networks, the information residing on them, and the equities of information owners. The recently updated National Institute of Standards and Technology Cybersecurity Framework highlights best practices.

Cybersecurity is a risk management issue. Our experience demonstrates that individuals and organizations may reduce risk when they implement cybersecurity best practices. The following are examples of best practices you should consider implementing today as part of your cybersecurity strategy:

  1. Implement Two-Factor Authentication: Two-factor authentication works to significantly reduce or eliminate unauthorized access to your networks and information.
  2. Block Malicious Code: Activate application directory whitelisting to prevent non-approved applications from being installed on your network.
  3. Limit Number of Privileged Users: System administrators have privileged access that gives them the “keys to your kingdom.” Limit system administrator privileges only to those who have a legitimate need as defined by your management directives.
  4. Segment Your Network: Don’t put all your eggs in one basket by having a “flat network”. Use segmentation techniques so that if one part of your network is breached that the integrity of the rest of the network is protected.
  5. Lock Your Backdoors: Third parties that share network trust relationships with you may prove to be an Achilles heel by serving as an attack vector into your network. Take action to ensure that all network trust relationships are well-protected using best practices. Have a means to audit the effectiveness of these defenses. Consider terminating or suspending these relationships until sufficient controls are in place to protect your backdoors.

For more information on cybersecurity best practices, users and administrators are encouraged to review US-CERT Security Tip 13-003: Handling Destructive Malware to evaluate their capabilities encompassing planning, preparation, detection, and response. Another resource is ICS-CERT Recommended Practice: Improving Industrial Control Systems Cybersecurity with Defense-In-Depth Strategies.


This product is provided subject to this Notification and this Privacy & Use policy.

Six quick tips for safer and happier gaming

Gaming is not immune to malware, phishing, scams, viruses, trolling, or abuse. Whether you’re new to playing games, a casual gamer or a hard-core veteran, there are always new threats emerging from the murky depths of the digital world that can lay waste to your gaming fun.

These 6 easy tips can give you a head-start to having a safer and more secure gaming experience.

  1. Buy from reputable and trusted stores to avoid malware
    If you’re looking at purchasing anything online, you should try and purchase from reputable, trusted and well established stores. This will greatly reduce the risk of malware, virus and ransomware infections.If you’re using Android devices you should stick to Google play and avoid sideloading. For iOS devices, use the App store. PC and Mac users can use these trusted online stores or platforms: Steam, Uplay, MacGameStore, com, GreenmanGaming, Origin just to name a few. Console gamers can of course buy new or used games from bricks and mortar stores, and digital copies can be bought via their respective online store – Xbox has the Xbox marketplace and the Playstation offers games via the Playstation Network.When in doubt about the credibility of online stores, do some research. Look for online reviews or ask around in forums before making a decision to buy.

 

  1. Secure your all your accounts
    If you’re using online stores, gaming networks or app stores that contain your personal and financial details, you’ll want to do the following:

    • Keep your login details private and secured with a strong password.
    • Always require a password to login to an account, and remember to logout when you’re finished.
    • Disable in-game or in-app purchases, or require a password to enable purchases.
    • For an added layer of security, you can use prepaid cards or vouchers instead of providing your credit or debit card details.
    • If in doubt about the security of your data being stored by an online service provider, then remove it.

 

  1. Be careful using emulators
    A game emulator is a software program that emulates a video game or game system. Some of the software used to load games can contain malicious code. Try to avoid using emulators if possible unless you know what you’re doing and are aware of the risks.
    If you desperately want to play a retro game, then you can always visit the Internet Archive which offers a free web based library of video games that were made in the 70’s through to the 90’s – https://archive.org/details/internetarcade.

 

  1. Don’t feed the trolls
    If you encounter abuse or harassment while playing network games or Massively Multiplayer Online Games (MMO/MMOG), don’t react or engage with the abuser. Instead, ignore and support anyone who is being abused and use the game or gaming network’s report function to report abuse to the developer, support team or moderator. If possible document any incidents so you can provide credible proof.

 

  1. Keep your personal details private
    Beware of revealing too much. When playing games online with others, try and keep your personal details as private as possible – other players don’t need to know your address, telephone number, email, age, gender etc. – this will help avoid abuse or harassment in the real world and also reduce the risk of identity theft.

 

  1. Install an antivirus solution and keep software up-to-date
    You should always try and keep all your devices up-to-date. Not just the operating system but all your software too, including games. Developers or manufacturers regularly find vulnerabilities which they patch with software updates.If you’re playing on a PC, Mac or mobile you should consider installing an effective antivirus solution just in case. PC users you can install AVG AntiVirus Free to help protect against any nasties that might want to infect your system, it also has a handy game mode that won’t slow down your PC while you’re playing games. Mac users can download AVG AntiVirus for Mac for free, and if you’re an Android user you can download AVG AntiVirus for Android via the Google Play Store.

If you have any other tips you’d like to share, please let us know via Facebook or Twitter Enjoy your gaming and stay safe out there.