[10237] in Security FYI
[IS&T Security-FYI] SFYI Newsletter, September 16, 2014
daemon@ATHENA.MIT.EDU (Monique Buchanan)
Tue Sep 16 10:33:55 2014
Resent-From: ist-security-fyi@mit.edu
From: Monique Buchanan <myeaton@mit.edu>
To: ist-security-fyi <ist-security-fyi@mit.edu>
Date: Tue, 16 Sep 2014 14:31:47 +0000
Message-ID: <BE0B0BF8-E6EC-47E8-830A-8FF3B820D16E@mit.edu>
Content-Language: en-US
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============0457144420=="
Errors-To: ist-security-fyi-bounces@mit.edu
--===============0457144420==
Content-Language: en-US
Content-Type: multipart/alternative;
boundary="_000_BE0B0BF8E6EC47E8830A8FF3B820D16Emitedu_"
--_000_BE0B0BF8E6EC47E8830A8FF3B820D16Emitedu_
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
In this issue:
1. Malvertising Campaign Hits PCs and Macs
2. Adobe Releases Flash Player Update, Delays Reader and Acrobat Fixes
3. Funny: Forgot Password
------------------------------------------------------------
1. Malvertising Campaign Hits PCs and Macs
------------------------------------------------------------
A malware campaign that began in May 2014 is delivering customized concocti=
ons of spyware, adware, and browser hijacking malware to PCs and Mac users.=
The =93malvertising=94 network (a merging of the words =93malware=94 and =
=93advertising=94), which has been dubbed Kyle and Stan, has 700 domains.
Getting a malicious ad into an advertising network distribution, even for a=
short time, can infect many computers, especially if it is on a popular si=
te like Amazon or YouTube. The combination of malware downloaded to each ma=
chine is different, which means the checksum varies, thwarting detection.
Malvertising attacks are not new, and have been around for a few years. Gen=
erally, criminals use ads on popular sites or networks, such as Spotify or =
Facebook to spread malware. They place an ad with the network, then change =
the code in the ad to exploit flaws in the browser which allows them to inj=
ect malware on the user=92s computer.
To protect yourself against these attacks, it is recommended to run malware=
detection software (Sophos<http://ist.mit.edu/sophos> is distributed for f=
ree for MIT users) and to make sure your browser is up to date with the lat=
est security patches. Another option is to filter sites based on their pote=
ntial threat level. Browser plug-ins such as AdBlock<https://getadblock.com=
/>, and Webutation<http://www.webutations.info/go/about> can block ads and =
warn users if they have accessed a site that is known to host malware. Thes=
e plug-ins are free and can be run on different types of browsers.
Read the full story in the news<http://www.darkreading.com/kyle-and-stan-pa=
rks-malvertising-on-amazon-youtube/d/d-id/1307036?>.
---------------------------------------------------------------------------=
-------------------------
2. Adobe Releases Flash Player Update, Delays Reader and Acrobat Fixes
---------------------------------------------------------------------------=
-------------------------
Last week, Adobe released an update for Flash to address a dozen critical f=
laws. Chrome and IE 11 users will find their versions of Flash automaticall=
y updated. You can see which version you have installed here<https://www.a=
dobe.com/software/flash/about/>, or download Adobe Flash Player here.<http:=
//www.adobe.com/products/flashplayer/distribution3.html>
Fixes for flaws in Reader and Acrobat<http://blogs.adobe.com/psirt/?p=3D112=
1> that had been scheduled to be released last week are delayed until this =
week so Adobe can conduct further testing.
Read the full story in the news<http://www.computerworld.com/article/260473=
8/adobe-fixes-critical-flaws-in-flash-player-delays-reader-and-acrobat-upda=
tes.html>.
------------------------------------
3. Funny: Forgot Password
-------------------------------------
Have you ever forgotten a password? Comedian Don Friesen goes on a hilariou=
s rant that is completely relatable.
Watch the 5 minute video on YouTube<https://www.youtube.com/watch?v=3D2tJ-N=
SPES9Y>.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Read all archived Security FYI Newsletter articles and submit comments onli=
ne at http://securityfyi.wordpress.com/.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Monique Buchanan
IT Security Communications Coordinator
Information Systems & Technology (IS&T)
Massachusetts Institute of Technology
http://ist.mit.edu/secure
tel: 617.253.2715
--_000_BE0B0BF8E6EC47E8830A8FF3B820D16Emitedu_
Content-Type: text/html; charset="Windows-1252"
Content-ID: <628A3E900FD2E244AEA128AA4750AC6F@exchange.mit.edu>
Content-Transfer-Encoding: quoted-printable
<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3DWindows-1=
252">
</head>
<body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-lin=
e-break: after-white-space;">
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;">In th=
is issue:</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;">1. Malvertising Campaig=
n Hits PCs and Macs</div>
<div style=3D"margin: 0px; font-family: Helvetica;">2. Adobe Releases Flash=
Player Update, Delays Reader and Acrobat Fixes</div>
<div style=3D"margin: 0px; font-family: Helvetica;">3. Funny: Forgot Passwo=
rd</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;">-----------------------=
-------------------------------------</div>
<div style=3D"margin: 0px; font-family: Helvetica;">1. Malvertising Campaig=
n Hits PCs and Macs</div>
<div style=3D"margin: 0px; font-family: Helvetica;">-----------------------=
-------------------------------------</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;">A malware campaign that=
began in May 2014 is delivering customized concoctions of spyware, adware,=
and browser hijacking malware to PCs and Mac users. The =93malvertising=94=
network (a merging of the words =93malware=94
and =93advertising=94), which has been dubbed Kyle and Stan, has 700 domai=
ns. </div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;">Getting a malicious ad =
into an advertising network distribution, even for a short time, can infect=
many computers, especially if it is on a popular site like Amazon or YouTu=
be. The combination of malware downloaded
to each machine is different, which means the checksum varies, thwarting d=
etection.</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;">Malvertising attacks ar=
e not new, and have been around for a few years. Generally, criminals use a=
ds on popular sites or networks, such as Spotify or Facebook to spread malw=
are. They place an ad with the network,
then change the code in the ad to exploit flaws in the browser which allow=
s them to inject malware on the user=92s computer. </div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;">To protect yourself aga=
inst these attacks, it is recommended to run malware detection software (<a=
href=3D"http://ist.mit.edu/sophos">Sophos</a> is distributed for free for =
MIT users) and to make sure your browser
is up to date with the latest security patches. Another option is to filte=
r sites based on their potential threat level. Browser plug-ins such as
<a href=3D"https://getadblock.com/">AdBlock</a>, and <a href=3D"http://www.=
webutations.info/go/about">
Webutation</a> can block ads and warn users if they have accessed a site th=
at is known to host malware. These plug-ins are free and can be run on diff=
erent types of browsers.</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;"><a href=3D"http://www.d=
arkreading.com/kyle-and-stan-parks-malvertising-on-amazon-youtube/d/d-id/13=
07036?">Read the full story in the news</a>.</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;">-----------------------=
---------------------------------------------------------------------------=
--</div>
<div style=3D"margin: 0px; font-family: Helvetica;">2. Adobe Releases Flash=
Player Update, Delays Reader and Acrobat Fixes</div>
<div style=3D"margin: 0px; font-family: Helvetica;">-----------------------=
---------------------------------------------------------------------------=
--</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;">Last week, Adobe releas=
ed an update for Flash to address a dozen critical flaws. Chrome and IE 11 =
users will find their versions of Flash automatically updated. You ca=
n see
<a href=3D"https://www.adobe.com/software/flash/about/">which version you h=
ave installed here</a>, or
<a href=3D"http://www.adobe.com/products/flashplayer/distribution3.html">do=
wnload Adobe Flash Player here.</a></div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;">Fixes for flaws in <a h=
ref=3D"http://blogs.adobe.com/psirt/?p=3D1121">
Reader and Acrobat</a> that had been scheduled to be released last week are=
delayed until this week so Adobe can conduct further testing.</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;"><a href=3D"http://www.c=
omputerworld.com/article/2604738/adobe-fixes-critical-flaws-in-flash-player=
-delays-reader-and-acrobat-updates.html">Read the full story in the news</a=
>.</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;">-----------------------=
-------------</div>
<div style=3D"margin: 0px; font-family: Helvetica;">3. Funny: Forgot Passwo=
rd</div>
<div style=3D"margin: 0px; font-family: Helvetica;">-----------------------=
--------------</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;">Have you ever forgotten=
a password? Comedian Don Friesen goes on a hilarious rant that is complete=
ly relatable. </div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;"><a href=3D"https://www.=
youtube.com/watch?v=3D2tJ-NSPES9Y">Watch the 5 minute video on YouTube</a>.=
</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;">=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D</div>
<div style=3D"margin: 0px; font-family: Helvetica;">Read all archived Secur=
ity FYI Newsletter articles and submit comments online at
<a href=3D"http://securityfyi.wordpress.com/"><span style=3D"color: rgb(4, =
46, 238);">http://securityfyi.wordpress.com/</span></a>.</div>
<div style=3D"margin: 0px; font-family: Helvetica;">=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D</div>
<div style=3D"margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div apple-content-edited=3D"true">
<div style=3D"color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; t=
ext-align: start; text-indent: 0px; text-transform: none; white-space: norm=
al; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-w=
rap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-=
space;">
<div style=3D"color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; t=
ext-align: start; text-indent: 0px; text-transform: none; white-space: norm=
al; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-w=
rap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-=
space;">
<div style=3D"color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; t=
ext-align: start; text-indent: 0px; text-transform: none; white-space: norm=
al; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-w=
rap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-=
space;">
<br>
Monique Buchanan<br>
IT Security Communications Coordinator<br>
Information Systems & Technology (IS&T)<br>
Massachusetts Institute of Technology<br>
<a href=3D"http://ist.mit.edu/secure">http://ist.mit.edu/secure</a><br>
tel: 617.253.2715<br>
<br>
<br>
</div>
</div>
</div>
</div>
<br>
</body>
</html>
--_000_BE0B0BF8E6EC47E8830A8FF3B820D16Emitedu_--
--===============0457144420==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
ist-security-fyi mailing list
ist-security-fyi@mit.edu
To Unsubscribe http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
--===============0457144420==--
