[10217] in Security FYI
[IS&T Security-FYI] SFYI Newsletter, March 17, 2014
daemon@ATHENA.MIT.EDU (Monique Buchanan)
Mon Mar 17 14:25:54 2014
Resent-From: ist-security-fyi@mit.edu
From: Monique Buchanan <myeaton@mit.edu>
To: ist-security-fyi <ist-security-fyi@mit.edu>
Date: Mon, 17 Mar 2014 18:21:30 +0000
Message-ID: <4463BB51-5BA4-45F1-9677-846DF640CEB4@mit.edu>
Content-Language: en-US
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============2051123769=="
Errors-To: ist-security-fyi-bounces@mit.edu
--===============2051123769==
Content-Language: en-US
Content-Type: multipart/alternative;
boundary="_000_4463BB515BA445F19677846DF640CEB4mitedu_"
--_000_4463BB515BA445F19677846DF640CEB4mitedu_
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
In this issue:
1. OUCH! Newsletter on Windows XP De-Support
2. The Weakness of Passwords
3. For Fun: Help Desk
4. The Story Behind the Breach at Target, Inc.
-------------------------------------------------------------------
1. OUCH! Newsletter on Windows XP De-Support
-------------------------------------------------------------------
The March issue of OUCH! explains why Microsoft is ending support for Windo=
ws XP on April 8th. Learn what this means to people and the steps they can=
take to protect themselves. Please download and share OUCH! with others.
Download the Issue<http://www.securingthehuman.org/newsletters/ouch/issues/=
OUCH-201403_en.pdf> (PDF)
-------------------------------------------
2. The Weakness of Passwords
-------------------------------------------
Hold Security, the same security firm that discovered the online circulatio=
n of 153 million user names and passwords during last year=92s Adobe breach=
, has tracked almost 360 million compromised login credentials for sale in =
underground crime forums<http://arstechnica.com/security/2014/02/360-millio=
n-recently-compromised-passwords-for-sale-online/>. The find, containing an=
additional 1.25 billion records containing only email addresses, came from=
multiple breaches, and were likely served as user names and corresponding =
passwords.
The find is big enough that it likely came from hacks on poorly secured Web=
servers that store large caches of user credentials.
The risk is biggest for users who choose the same password for multiple ser=
vices. Once an attacker has someone=92s email address and password for one =
site, the credentials can be used to compromise every other site account th=
at users the same user name and password.
This article covers everything you would want to know about online safety, =
including using lies, random characters and a password manager<http://arste=
chnica.com/information-technology/2013/06/the-secret-to-online-safety-lies-=
random-characters-and-a-password-manager/>.
Learn about best password practices for MIT<http://kb.mit.edu/confluence/x/=
3wNt>.
------------------------------
3. For Fun: Help Desk<http://www2.navarrocollege.edu/facultystaff/staff_pag=
es/mrobinson/shared/images/Help_Desk_05.jpg>
------------------------------
-------------------------------------------------------------
4. The Story Behind the Breach at Target, Inc.
-------------------------------------------------------------
Businessweek.com has written an in-depth article and posted a video<http://=
www.businessweek.com/articles/2014-03-13/target-missed-alarms-in-epic-hack-=
of-credit-card-data> explaining how Target Stores were breached and their s=
ystems infected with malware, leading to one of the biggest data thefts in =
retail history. According to the investigation conducted after the discover=
y of the theft, Target employees failed to respond to several alerts made b=
y their security system, provided by FireEye. Had Target security staff res=
ponded appropriately to the alarms, they could have prevented the transmiss=
ion of the stolen credit card data.
Even without human intervention, the breach could=92ve been stopped, accord=
ing to the article. =93The system has an option to automatically delete mal=
ware as it=92s detected. But according to two people who audited FireEye=92=
s performance after the breach, Target=92s security team turned that functi=
on off.=94 While not unusual, it puts pressure on a team to quickly find an=
d neutralize the infected computers.
It was clear, according to the article, that Target was getting warnings of=
a serious compromise; even the company=92s antivirus system by Symantec, i=
dentified suspicious behavior over several days around Thanksgiving -- poin=
ting to the same server identified by FireEye.
Read the full story on Businessweek.com<http://www.businessweek.com/article=
s/2014-03-13/target-missed-alarms-in-epic-hack-of-credit-card-data>
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Read all archived Security FYI Newsletter articles and submit comments onli=
ne at http://securityfyi.wordpress.com/.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Monique Buchanan
IT Security Communications Consultant
Information Systems & Technology (IS&T)
Massachusetts Institute of Technology
http://ist.mit.edu/secure
tel: 617.253.2715
"Distrust and caution are the parents of security" - Benjamin Franklin
--_000_4463BB515BA445F19677846DF640CEB4mitedu_
Content-Type: text/html; charset="Windows-1252"
Content-ID: <692D61709A9EBC47A44DBA40A9A2D9E6@exchange.mit.edu>
Content-Transfer-Encoding: quoted-printable
<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3DWindows-1=
252">
</head>
<body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-lin=
e-break: after-white-space;">
<div style=3D"margin: 0px; font-family: Helvetica;">In this issue:</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;">1. OUCH! Newsletter on =
Windows XP De-Support</div>
<div style=3D"margin: 0px; font-family: Helvetica;">2. The Weakness of Pass=
words</div>
<div style=3D"margin: 0px; font-family: Helvetica;">3. For Fun: Help Desk</=
div>
<div style=3D"margin: 0px; font-family: Helvetica;">4. The Story Behind the=
Breach at Target, Inc.</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;">-----------------------=
--------------------------------------------</div>
<div style=3D"margin: 0px; font-family: Helvetica;">1. OUCH! Newsletter on =
Windows XP De-Support</div>
<div style=3D"margin: 0px; font-family: Helvetica;">-----------------------=
--------------------------------------------</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;">The March issue of OUCH=
! explains why Microsoft is ending support for Windows XP on April 8th. &nb=
sp;Learn what this means to people and the steps they can take to protect t=
hemselves. Please download and share OUCH!
with others.</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;"><a href=3D"http://www.s=
ecuringthehuman.org/newsletters/ouch/issues/OUCH-201403_en.pdf">Download th=
e Issue</a> (PDF)</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;">-----------------------=
--------------------</div>
<div style=3D"margin: 0px; font-family: Helvetica;">2. The Weakness of Pass=
words</div>
<div style=3D"margin: 0px; font-family: Helvetica;">-----------------------=
--------------------</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;">Hold Security, the same=
security firm that discovered the online circulation of 153 million user n=
ames and passwords during last year=92s Adobe breach, has tracked almost
<a href=3D"http://arstechnica.com/security/2014/02/360-million-recently-com=
promised-passwords-for-sale-online/">
360 million compromised login credentials for sale in underground crime for=
ums</a>. The find, containing an additional 1.25 billion records containing=
only email addresses, came from multiple breaches, and were likely served =
as user names and corresponding
passwords.</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;">The find is big enough =
that it likely came from hacks on poorly secured Web servers that store lar=
ge caches of user credentials. </div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;">The risk is biggest for=
users who choose the same password for multiple services. Once an attacker=
has someone=92s email address and password for one site, the credentials c=
an be used to compromise every other
site account that users the same user name and password.</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;"><a href=3D"http://arste=
chnica.com/information-technology/2013/06/the-secret-to-online-safety-lies-=
random-characters-and-a-password-manager/">This article covers everything y=
ou would want to know about online safety,
including using lies, random characters and a password manager</a>.</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;"><a href=3D"http://kb.mi=
t.edu/confluence/x/3wNt">Learn about best password practices for MIT</a>.</=
div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;">-----------------------=
-------</div>
<div style=3D"margin: 0px; font-family: Helvetica;">3. For Fun: <a href=3D"=
http://www2.navarrocollege.edu/facultystaff/staff_pages/mrobinson/shared/im=
ages/Help_Desk_05.jpg">
Help Desk</a></div>
<div style=3D"margin: 0px; font-family: Helvetica;">-----------------------=
-------</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;">-----------------------=
--------------------------------------</div>
<div style=3D"margin: 0px; font-family: Helvetica;">4. The Story Behind the=
Breach at Target, Inc.</div>
<div style=3D"margin: 0px; font-family: Helvetica;">-----------------------=
--------------------------------------</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;"><a href=3D"http://www.b=
usinessweek.com/articles/2014-03-13/target-missed-alarms-in-epic-hack-of-cr=
edit-card-data">Businessweek.com has written an in-depth article and posted=
a video</a> explaining how Target Stores
were breached and their systems infected with malware, leading to one of t=
he biggest data thefts in retail history. According to the investigation co=
nducted after the discovery of the theft, Target employees failed to respon=
d to several alerts made by their
security system, provided by FireEye. Had Target security staff responded =
appropriately to the alarms, they could have prevented the transmission of =
the stolen credit card data. </div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;">Even without human inte=
rvention, the breach could=92ve been stopped, according to the article. =93=
The system has an option to automatically delete malware as it=92s detected=
. But according to two people who audited
FireEye=92s performance after the breach, Target=92s security team turned =
that function off.=94 While not unusual, it puts pressure on a team to quic=
kly find and neutralize the infected computers. </div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;">It was clear, according=
to the article, that Target was getting warnings of a serious compromise; =
even the company=92s antivirus system by Symantec, identified suspicious be=
havior over several days around Thanksgiving
-- pointing to the same server identified by FireEye.</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;"><a href=3D"http://www.b=
usinessweek.com/articles/2014-03-13/target-missed-alarms-in-epic-hack-of-cr=
edit-card-data">Read the full story on Businessweek.com</a></div>
<div style=3D"margin: 0px; font-family: Helvetica;"><br>
</div>
<div apple-content-edited=3D"true">
<div style=3D"color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; t=
ext-align: start; text-indent: 0px; text-transform: none; white-space: norm=
al; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-w=
rap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-=
space;">
<div style=3D"color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; t=
ext-align: start; text-indent: 0px; text-transform: none; white-space: norm=
al; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-w=
rap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-=
space;">
<br>
</div>
<div style=3D"color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; t=
ext-align: start; text-indent: 0px; text-transform: none; white-space: norm=
al; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-w=
rap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-=
space;">
<div style=3D"margin: 0px; font-family: Helvetica;">=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D</div>
<div style=3D"margin: 0px; font-family: Helvetica;">Read all archived Secur=
ity FYI Newsletter articles and submit comments online at
<a href=3D"http://securityfyi.wordpress.com/"><span style=3D"color: rgb(4, =
46, 238);">http://securityfyi.wordpress.com/</span></a>.</div>
<div style=3D"margin: 0px; font-family: Helvetica;">=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
Monique Buchanan<br>
IT Security Communications Consultant<br>
Information Systems & Technology (IS&T)<br>
Massachusetts Institute of Technology<br>
<a href=3D"http://ist.mit.edu/secure">http://ist.mit.edu/secure</a><br>
tel: 617.253.2715<br>
<br>
<span style=3D"font-family: Helvetica;">"Distrust and caution are the =
parents of security" - Benjamin Franklin</span></div>
</div>
</div>
<br>
</body>
</html>
--_000_4463BB515BA445F19677846DF640CEB4mitedu_--
--===============2051123769==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
ist-security-fyi mailing list
ist-security-fyi@mit.edu
To Unsubscribe http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
--===============2051123769==--
