BIOVIA CISPro 2020 Hot Fix 2

BIOVIA Pipeline Pilot Chemistry SDK 2019

BIOVIA Pipeline Pilot Chemistry SDK 2020

BIOVIA Foundation

BIOVIA Foundation

BIOVIA Foundation

IBM Bigfix Platform version 9.5.9.62 suffers from an arbitrary file upload vulnerability as root that can achieve remote code execution.

The handling of the virtual registry for desktop bridge applications can allow an application to create arbitrary files as system resulting in privilege escalation. This is because the fix for CVE-2018-0880 (MSRC case 42755) did not cover all similar cases which were reported at the same time in the issue.

Unofficial temporary fix for the critical Windows WMF vulnerability which Microsoft will patch on 1/10/06. Tested on Windows 2000, Windows XP, and Windows XP Professional 64 Bit. The author recommends switching to the official MS patch when it becomes available. Includes c++ source.

Many nonprofits handle sensitive personal information belonging to community members — whether it's names or email addresses or payment information. But are you handling this data properly to prevent a data breach?

This post is by no means exhaustive — after all, every nonprofit handles different sorts of data, and each organization has different security needs. That said, these are some practical things to think about when you review your handling of sensitive personal information.

#1 Risk: Malware and Software Vulnerabilities

The Problem

This one may seem obvious, but with so many other security risks out there, it's easy to forget that malware still poses a major threat to your organization's data.

How You Can Mitigate It

To start, make sure you have antivirus software installed, and that it's up to date. In addition, you'll want to make sure your operating system and any software installed are also up to date, with all security patches installed.

Beyond that, be careful what you click on. Don't download and install software from sites you don't trust. Be careful of the email attachments and links you click on — even from people you know. If you aren't expecting a file or link, click with caution.

#2 Risk: Ransomware

The Problem

Ransomware is an especially insidious form of malware that holds your computer or data hostage unless you pay a sum of money to a criminal actor. Oftentimes, ransomware will encrypt your data, preventing you from accessing it. And according to Symantec's Director of Security Response Kevin Haley, some forms of ransomware will threaten to publicly release your data.

How You Can Mitigate It

Aside from up-to-date antivirus software and taking steps to avoid infection in the first place, there isn't a ton you can do to deal with a ransomware attack once your data's been encrypted.

In that case, according to Haley, keeping up-to-date backups of your data is your best bet. That way, you'll be able to get back up and running quickly with minimal data loss. (TechSoup offers backup and recovery solutions from Veritas.)

#3 Risk: Public Wi-Fi

The Problem

Public Wi-Fi is generally fine for some things, such as browsing cat videos on YouTube, or catching up on the headlines. However, for anything involving sensitive personal information, it's a security disaster waiting to happen. Bad actors could potentially eavesdrop on what you're doing while using public Wi-Fi, leaving your data and work open to prying eyes.

How You Can Mitigate It

First off, avoid using public, unsecured Wi-Fi when handling sensitive information — whether it's internal organizational data or your own personal banking information. Using a wireless hotspot, like those from Mobile Beacon (offered through TechSoup), instead of public Wi-Fi is an easy way to keep your data more secure.

If you can't avoid public Wi-Fi, a virtual private network (VPN) is a good option — VPNs secure data between your computer and the website you're visiting. Not all VPNs provide the same level of security, though, and you'll need to make sure your VPN of choice conforms to any data security regulations that your organization may be subject to. See our previous overview of VPNs for more.

#4 Risk: Inappropriate Sharing of Sensitive Information

The Problem

Sharing sensitive information via email, messaging apps, or similar means is a risky proposition.

Email is a notoriously insecure method of communication. Email accounts are often the target of data breaches and phishing attacks. (A phishing attack is where an attacker tries to steal your account information by tricking you to enter your account information on a phony login page.)

And whether it's through email or messaging app, it's all too easy to accidentally leak data by sharing it with the wrong person.

How You Can Mitigate It

Avoid sending sensitive information to colleagues via email. It's easier said than done, we know. Maybe you need to share a list of donor contact information with your marketing department, for example. Consider uploading it to a secure file server on your network that can only be accessed by others in the office.

If your organization uses a cloud storage service like Box, consider using that instead — so long as it meets your organization's security needs. These cloud storage services usually encrypt data you upload to prevent it from getting stolen. You may also want to consider using constituent relationship management (CRM) software, a tool designed specifically to store and manage your organization's contacts.

In addition, pay attention to access permissions. If you can, restrict access to sensitive information to only those who need it. Revisit your permissions settings regularly and update them as needed.

To prevent your user accounts from being compromised in the first place, practice good account security hygiene. Use strong passwords and require your staff to use two-factor authentication.

#5 Risk: Handling Credit Card Data

The Problem

A breach involving credit card data can be embarrassing for your organization, but it could wreak financial havoc on your members and supporters. All it takes is for hackers to grab a few pieces of information to rack up credit card debt in your supporters' names.

How You Can Mitigate It

Securing credit card information is important, but you don't have to make it up as you go. Make sure your organization conforms to payment card security standards. The Payment Card Industry Security Standards Council, as well as banks and credit card issuers, provide guidelines on how to best handle credit card information to prevent breaches.

Has your nonprofit recently encountered any other notable risks? Tell us about it in the comments!

spanhidden

California’s energy storage incentive program has been a great success, with more than 11,000 battery storage systems installed to-date. The problem is, it’s not reaching the state’s most vulnerable communities. A new proposal from the California Public Utilities Commission (CPUC) aims to fix some of the barriers preventing disadvantaged communities from participating in the program, and it allocates $100 million to a new program designed to offset the cost of battery storage systems for populations threatened by wildfires and related utility power shutoffs.

California’s energy storage incentive program has been a great success, with more than 11,000 battery storage systems installed to-date. The problem is, it’s not reaching the state’s most vulnerable communities. A new proposal from the California Public Utilities Commission (CPUC) aims to fix some of the barriers preventing disadvantaged communities from participating in the program, and it allocates $100 million to a new program designed to offset the cost of battery storage systems for populations threatened by wildfires and related utility power shutoffs.

California’s energy storage incentive program has been a great success, with more than 11,000 battery storage systems installed to-date. The problem is, it’s not reaching the state’s most vulnerable communities. A new proposal from the California Public Utilities Commission (CPUC) aims to fix some of the barriers preventing disadvantaged communities from participating in the program, and it allocates $100 million to a new program designed to offset the cost of battery storage systems for populations threatened by wildfires and related utility power shutoffs.

What do the following have in common: New Zealand, South Korea, Switzerland, Kazakhstan, Quebec, Alberta, Connecticut, Delaware, Maine, Maryland, Massachusetts, New Hampshire, New York, Rhode Island, Vermont, California, Beijing, Guangdong, Hubei, Shanghai, Shenzhen, Chongqing, Tianjin, Tokyo, Kyoto, Saitama and 28 countries in Europe?

On 7 February 2017 the Government published its much anticipated Housing White Paper. Whilst those in the industry welcome the recognition of the extent of the supply problem and the commitment to tackle the entire process from site finding to deliv...

Kavesseri Menon and Beena Menon –v- Nathan Pask and Rosalind Goode (as joint fixed charge Receivers) [2019] EWHC 2611(ch) Summary: The High Court recently provided much needed clarity on the previously unanswered question of whether Receivers ...

A simple drafting error in a lease invalidates a contracting–out order. In Newham LBC v Thomas–Van Staden, which has been fully reported only recently, the Court of Appeal has presented us with a curious decision on the effect of a draf...

Le Conseil sup�rieur de la Magistrature a �mis, tard dans la soir�e de samedi, une note fixant les modalit�s de la reprise progressive du travail dans les tribunaux au cours de la prochaine p�riode. ......

On 29 September 2016, the French Competition Authority (l’Autorité de la concurrence - the “Autorité”) imposed a fine of EUR 2.4 million on 37 model agencies and their main trade association, the SYNAM, in relation to...

Background As part of the 2018 periodic review (“PR18”) of Network Rail, the Office of Rail and Road (“ORR”) is reviewing the way in which the charges that operators pay to access the rail network are calculated. This review ...

Teams face likely fixture congestion in a packed calendar as they attempt to make up for lost time when play can resume

With no single cause, and no magic solution, the congestion of Asia’s cities requires government resolve and know-how to fix.

Sorry. A short dip in carbon emissions won’t save the planet after all. Things may even get worse, say the experts.

Are we ready for real-life love potions? Book Love is the Drug explains how pills may affect everything from falling deeper in love to breaking up

Legumes tend to be nodulated by competitive rhizobia that do not maximize nitrogen (N2) fixation, resulting in suboptimal yields. Rhizobial nodulation competitiveness and effectiveness at N2 fixation are independent traits, making their measurement extremely time-consuming with low experimental throughput. To transform the experimental assessment of rhizobial competitiveness and effectiveness, we...