Tuesday Sweep: 20 June 2017

Welcome to your weekly reminder to back up your data, update software and otherwise pay attention to your digital environment. (Oh, and to come to the CRASH Space meeting…)

Jump in Here

  • Welcome. If you haven’t been following along, it’s okay. You’re not behind, you’re just where you are.
  • I highly recommend the coach tool at the Crash Override Network has a great step by step break down for many of the same introductory steps we did here.
  • Feeling more ambitious? Review the list of OneThing articles and pick one to catch up on.

Sweep

The basics.

  • Updated software recently? Pick a new device to check on today.
  • Backups still up and running? When was the last time you made a clean disk image? Here’s a new great article on how to design a backup system.
  • Reduce your attack surface: Delete a low quality app from your phone or delete an account that you don’t need that doesn’t make you happy. Digital cruft builds up. Delete it.
  • Anywhere you could add two factor authentication? While you’re at it, move the password to your password manager… and delete it from everywhere else.
  • Double check privacy settings on your phone, social media accounts. The folks running the companies can change the TOS and add “features” before you notice them.

Weekly Round Up

Where do you scan for news?

Excerpt from SANS Newsletter:

Stack Clash Vulnerability
(June 19, 2017)
A memory management vulnerability affecting a number of open source operating systems (OSes), including Linux, OpenBSD, NetBSDm FreeBSD, and, and amd64, could be exploited to corrupt memory and allow arbitrary code execution. Dubbed Stack Clash, the flaw was discovered by researchers at Qualys. Patches for seven known affected OSes have been released and users are urged to upgrade as soon as possible. Other OSes may be affected as well.
Read more in:
– https://threatpost.com: Stack Clash Vulnerability in Linux, BSD Systems Enables Root Access
– https://arstechnica.com: Serious privilege escalation bug in Unix OSes imperils servers everywhere
– https://www.scmagazine.com: Stack Clash exploits spotted in Linux, OpenBSD, NetBSD, FreeBSD and Solaris
– https://blog.qualys.com: The Stack Clash

Reflect

Feeling dumb or stupid about how not-l33t you are? Angsting over some silly thing you “know better than to do.” Stop. That isn’t useful. Regret is only of use if it prompts an actual change in behavior. Maybe it’s NOT you that sucks. Could be it’s the technology and you could come up with a fix that would help lots of people. Look forward and make a plan.

Engage

We are a community. You are a welcome part of it.

  •  Did you learn something cool in your sweep? Make something? Share it!
  • Speak up
  • Give
  • Show up at CRASH Space tonight!

carlyn

I make things that do stuff. The best, though, is teaching others to do the same. Founder of @crashspacela Alum of @ITP_NYU

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.