[10205] in Security FYI
[IS&T Security-FYI] SFYI Newsletter, December 10, 2013
daemon@ATHENA.MIT.EDU (Monique Yeaton)
Tue Dec 10 13:58:06 2013
Resent-From: ist-security-fyi@mit.edu
From: Monique Yeaton <myeaton@mit.edu>
To: ist-security-fyi <ist-security-fyi@mit.edu>
Date: Tue, 10 Dec 2013 18:52:37 +0000
Message-ID: <3ACED3B2A8CEFB4598A845F07FD4A05F3AA8C850@OC11EXPO24.exchange.mit.edu>
Content-Language: en-US
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============1964678090=="
Errors-To: ist-security-fyi-bounces@mit.edu
--===============1964678090==
Content-Language: en-US
Content-Type: multipart/alternative;
boundary="_000_3ACED3B2A8CEFB4598A845F07FD4A05F3AA8C850OC11EXPO24excha_"
--_000_3ACED3B2A8CEFB4598A845F07FD4A05F3AA8C850OC11EXPO24excha_
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
In this issue:
1. December 2013 Security Updates from Microsoft
2. The Notorious ZeroAccess Botnet Disrupted
3. Widespread Attacks on Online Bankers Predicted
---------------------------------------------------------------------
1. December 2013 Security Updates from Microsoft
---------------------------------------------------------------------
Today, Tuesday December 10, Microsoft is releasing eleven new security bull=
etins<http://technet.microsoft.com/en-us/security/bulletin/ms13-dec>. Five =
of the bulletins are rated critical. Microsoft systems affected are:
* Windows operating systems
* Office
* Lync
* Internet Explorer
* Exchange
* Windows Server operating systems
* Developer Tools
It is recommended to accept the updates. MIT WAUS subscribers will receive =
the updates after they have been tested for compatibility. Installing the b=
ulletins manually may require a restart.
This is the last update of the year, finishing the 10th anniversary of Micr=
osoft=92s formularized process for security updates. Six of this month=92s =
bulletins close potential remote code execution holes. All Windows platform=
s are affected, from XP to 8.1 and from Server 2003 to 2012. In addition, t=
his month=92s Internet Explorer update covers IE 6 through 11.
--------------------------------------------------------------
2. The Notorious ZeroAccess Botnet Disrupted
--------------------------------------------------------------
According to Microsoft=92s official blog<http://blogs.technet.com/b/microso=
ft_blog/archive/2013/12/05/microsoft-europol-fbi-and-industry-partners-disr=
upt-notorious-zeroaccess-botnet-that-hijacks-search-results.aspx>, their Di=
gital Crimes unit successfully disrupted a botnet that has impacted million=
s of innocent people. Microsoft, in conjunction with Europol=92s European C=
ybercrime Center (EC3), the FBI and technology leaders, has taken action ag=
ainst the botnet known as ZeroAccess. The botnet has infected nearly two mi=
llion computers all over the world and cost online advertisers upwards of U=
S $2.7 million each month.
Read the full story online<http://blogs.technet.com/b/microsoft_blog/archiv=
e/2013/12/05/microsoft-europol-fbi-and-industry-partners-disrupt-notorious-=
zeroaccess-botnet-that-hijacks-search-results.aspx>.
---------------------------------------------------------------------
3. Widespread Attacks on Online Bankers Predicted
---------------------------------------------------------------------
Kaspersky Lab has recorded several thousand attempts to infect computers us=
ed for online banking with a malicious program (a Trojan called Neverquest)=
that its creators claim can attack =93any bank in any country.=94 The Troj=
an uses every trick to bypass online security banking systems, including we=
b injection, remote system access and social engineering. Due to the Trojan=
=92s self-replication capabilities, Kaspersky Lab is warning that a sharp r=
ise in attacks can be expected, resulting in financial losses for users all=
over the world.
Read the full story online<http://www.net-security.org/malware_news.php?id=
=3D2638>.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Read all archived Security FYI Newsletter articles and submit comments onli=
ne at http://securityfyi.wordpress.com/.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
--_000_3ACED3B2A8CEFB4598A845F07FD4A05F3AA8C850OC11EXPO24excha_
Content-Type: text/html; charset="Windows-1252"
Content-ID: <FF17213CFCFDB545A856036E076F2BCF@exchange.mit.edu>
Content-Transfer-Encoding: quoted-printable
<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3DWindows-1=
252">
</head>
<body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-lin=
e-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-fami=
ly: Garamond, sans-serif;">
<div>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;">In this=
issue:</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica;">1. December 2013 Security=
Updates from Microsoft</p>
<p style=3D"margin: 0px; font-family: Helvetica;">2. The Notorious ZeroAcce=
ss Botnet Disrupted</p>
<p style=3D"margin: 0px; font-family: Helvetica;">3. Widespread Attacks on =
Online Bankers Predicted</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica;">-------------------------=
--------------------------------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica;">1. December 2013 Security=
Updates from Microsoft</p>
<p style=3D"margin: 0px; font-family: Helvetica;">-------------------------=
--------------------------------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica;">Today, Tuesday December 1=
0, Microsoft is releasing eleven new
<a href=3D"http://technet.microsoft.com/en-us/security/bulletin/ms13-dec">s=
ecurity bulletins</a>. Five of the bulletins are rated critical. Microsoft =
systems affected are:</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</p>
<ul>
<li style=3D"margin: 0px; font-family: Helvetica;">Windows operating system=
s </li><li style=3D"margin: 0px; font-family: Helvetica;">Office </li><li s=
tyle=3D"margin: 0px; font-family: Helvetica;">Lync </li><li style=3D"margin=
: 0px; font-family: Helvetica;">Internet Explorer </li><li style=3D"margin:=
0px; font-family: Helvetica;">Exchange </li><li style=3D"margin: 0px; font=
-family: Helvetica;">Windows Server operating systems
</li><li style=3D"margin: 0px; font-family: Helvetica;">Developer Tools </l=
i></ul>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica;">It is recommended to acce=
pt the updates. MIT WAUS subscribers will receive the updates after they ha=
ve been tested for compatibility. Installing the bulletins manually may req=
uire a restart.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica;">This is the last update o=
f the year, finishing the 10th anniversary of Microsoft=92s formularized pr=
ocess for security updates. Six of this month=92s bulletins close potential=
remote code execution holes. All Windows
platforms are affected, from XP to 8.1 and from Server 2003 to 2012. In ad=
dition, this month=92s Internet Explorer update covers IE 6 through 11.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica;">-------------------------=
-------------------------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica;">2. The Notorious ZeroAcce=
ss Botnet Disrupted</p>
<p style=3D"margin: 0px; font-family: Helvetica;">-------------------------=
-------------------------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica;">According to <a href=3D"h=
ttp://blogs.technet.com/b/microsoft_blog/archive/2013/12/05/microsoft-europ=
ol-fbi-and-industry-partners-disrupt-notorious-zeroaccess-botnet-that-hijac=
ks-search-results.aspx">
Microsoft=92s official blog</a>, their Digital Crimes unit successfully dis=
rupted a botnet that has impacted millions of innocent people. Microsoft, i=
n conjunction with Europol=92s European Cybercrime Center (EC3), the FBI an=
d technology leaders, has taken action
against the botnet known as ZeroAccess. The botnet has infected nearly two=
million computers all over the world and cost online advertisers upwards o=
f US $2.7 million each month.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica;"><a href=3D"http://blogs.t=
echnet.com/b/microsoft_blog/archive/2013/12/05/microsoft-europol-fbi-and-in=
dustry-partners-disrupt-notorious-zeroaccess-botnet-that-hijacks-search-res=
ults.aspx">Read the full story online</a>.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica;">-------------------------=
--------------------------------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica;">3. Widespread Attacks on =
Online Bankers Predicted</p>
<p style=3D"margin: 0px; font-family: Helvetica;">-------------------------=
--------------------------------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica;">Kaspersky Lab has recorde=
d several thousand attempts to infect computers used for online banking wit=
h a malicious program (a Trojan called Neverquest) that its creators claim =
can attack =93any bank in any country.=94
The Trojan uses every trick to bypass online security banking systems, inc=
luding web injection, remote system access and social engineering. Due to t=
he Trojan=92s self-replication capabilities, Kaspersky Lab is warning that =
a sharp rise in attacks can be expected,
resulting in financial losses for users all over the world.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica;"><a href=3D"http://www.net=
-security.org/malware_news.php?id=3D2638">Read the full story online</a>.</=
p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica;">=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D</p>
<p style=3D"margin: 0px; font-family: Helvetica;">Read all archived Securit=
y FYI Newsletter articles and submit comments online at
<a href=3D"http://securityfyi.wordpress.com/"><span style=3D"color: rgb(4, =
46, 238);">http://securityfyi.wordpress.com/</span></a>.</p>
<p style=3D"margin: 0px; font-family: Helvetica;">=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D</p>
</div>
<div><span class=3D"Apple-style-span" style=3D"border-collapse: separate; f=
ont-family: Calibri; font-size: medium; border-spacing: 0px;"><span class=
=3D"Apple-style-span" style=3D"border-collapse: separate; border-spacing: 0=
px; font-family: Helvetica; font-size: 14px; orphans: 2; widows: 2;">
<div style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line=
-break: after-white-space; ">
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; border=
-spacing: 0px;"><span class=3D"Apple-style-span" style=3D"border-collapse: =
separate; border-spacing: 0px;"><span class=3D"Apple-style-span" style=3D"b=
order-collapse: separate; border-spacing: 0px;"><span class=3D"Apple-style-=
span" style=3D"border-collapse: separate; border-spacing: 0px;"><span class=
=3D"Apple-style-span" style=3D"border-collapse: separate; border-spacing: 0=
px;"><span class=3D"Apple-style-span" style=3D"border-collapse: separate; b=
order-spacing: 0px; font-size: 12px;">
<div><br>
</div>
<div><br>
</div>
<div>Monique Yeaton</div>
<div>IT Security Communications Consultant</div>
<div>MIT Information Services & Technology (IS&T)</div>
<div>(617) 253-2715</div>
<div>http://ist.mit.edu/security</div>
<div><br class=3D"khtml-block-placeholder">
</div>
<br class=3D"Apple-interchange-newline">
</span></span></span></span></span></span></div>
</span></span></div>
</body>
</html>
--_000_3ACED3B2A8CEFB4598A845F07FD4A05F3AA8C850OC11EXPO24excha_--
--===============1964678090==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
ist-security-fyi mailing list
ist-security-fyi@mit.edu
To Unsubscribe http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
--===============1964678090==--
