[1485] in Security FYI
[IS&T Security-FYI] SFYI Newsletter, January 16, 2009
daemon@ATHENA.MIT.EDU (Monique Yeaton)
Fri Jan 16 16:07:33 2009
Message-Id: <9E6897BD-5199-4DAF-9944-FCBD619C9A32@mit.edu>
From: Monique Yeaton <myeaton@MIT.EDU>
To: ist-security-fyi@MIT.EDU
Mime-Version: 1.0 (Apple Message framework v930.3)
Date: Fri, 16 Jan 2009 16:01:10 -0500
Cc: itss@MIT.EDU
Content-Type: multipart/mixed; boundary="===============0194702468=="
Errors-To: ist-security-fyi-bounces@MIT.EDU
--===============0194702468==
Content-Type: multipart/alternative; boundary=Apple-Mail-24-429400173
--Apple-Mail-24-429400173
Content-Type: text/plain;
charset=US-ASCII;
format=flowed;
delsp=yes
Content-Transfer-Encoding: 7bit
In this issue:
1. January 2009 Security Updates
2. Vulnerabilities Addressed in MS08-067 Are Still Being Exploited
3. A Serious Flaw Found in Safari
4. Reported Breaches Up Nearly 50 Percent
-------------------------------------------
1. January 2009 Security Updates
-------------------------------------------
---- Microsoft ----
Microsoft has provided updates for just one critical vulnerability in
the Microsoft Security Bulletin Summary for January 2009. Systems
affected:
* Microsoft Windows 2000, XP, and Vista
* Microsoft Windows Server 2000, 2003, and 2008
In their bulletin for January 2009, Microsoft released updates to
address vulnerabilities in the Server Message Block (SMB) Protocol
that affects all supported versions of Microsoft Windows. A remote,
unauthenticated attacker could gain elevated privileges, execute
arbitrary code, or cause a denial of service. The threat is more
severe for older versions of the operating system. These patches are
now approved for deployment via MIT WAUS.
For more information on this update:
<http://www.microsoft.com/technet/security/bulletin/ms09-jan.mspx>
---- Apple ----
This month has not yet seen any security updates from Apple.
---- Oracle ----
Oracle has released updates for multiple vulnerabilities. For more
information regarding affected product versions, please see the Oracle
Critical Patch Update - January 2009.
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2009.html
>
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. The impact of these
vulnerabilities varies depending on the product, component, and
configuration of the system. Potential consequences include the
execution of arbitrary code or commands, information disclosure, and
denial of service. Vulnerable components may be available to
unauthenticated, remote attackers. An attacker who compromises an
Oracle database may be able to access sensitive information.
-----------------------------------------------------------------------------------
2. Vulnerabilities Addressed in MS08-067 Are Still Being Exploited
-----------------------------------------------------------------------------------
On October 23, 2008, Microsoft released an out-of-cycle patch MS08-067
for a vulnerability in Windows. All Windows users were advised to
download the update, however, three weeks after the public disclosure,
approximately 300 MIT machines were still vulnerable. This week there
remain about 68 machines unpatched on the MIT network. It is important
that users download critical patches as they are released. IT Security
Support staff have been persistent in notifying vulnerable machine
owners of the situation.
If there is reason to believe a Windows machine in your area has not
been patched against this vulnerability, please take the time to do so.
Some businesses that have not yet applied the patch issued in October
have found their systems infected with a worm that uses a dictionary
attack to crack user passwords; user accounts are locked out of Active
Directory while the worm tries to find their passwords. A removal
tool is available, and users are urged to apply the patch as soon as
possible. Other exploits similar to this one have also been identified.
Detailed information about this bulletin is available here:
<http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx>
-------------------------------------------
3. A Serious Flaw Found in Safari
-------------------------------------------
Apple's Safari browser on Windows and Mac OS X is vulnerable to a bug
that could allow a malicious website to read files on the user's hard
drive, according to a security researcher. There has been no patch
released for this vulnerability.
Read the full story here:
<http://news.zdnet.co.uk/security/0,1000000189,39591617,00.htm>
This article provides recommended workarounds:
<http://brian.mastenbrook.net/display/27>
--------------------------------------------------------
4. Reported Breaches Up Nearly 50 Percent
--------------------------------------------------------
According to statistics gathered by the Identity Theft Resource
Center, there were 656 data breaches reported by businesses, schools
and governments in 2008, up from 446 in 2007, an increase of nearly 50
percent. Breaches at businesses accounted for 37 percent of the
total, while breaches at schools accounted for 20 percent. The
percentage of breaches involving current and former employees more
than doubled to 16 percent in 2008. The top cause of breaches was
human error, which includes lost or stolen laptops and data storage
devices, and inadvertent exposure of data. [Article source: SANS]
Read the full story here:
<http://www.washingtonpost.com/wp-dyn/content/article/2009/01/05/AR2009010503046_pf.html
>
or here:
<http://www.techweb.com/article/showArticle?articleID=212700890>
Laptop and storage device theft also occurs on MIT's campus. To reduce
the risk of theft, contact the MIT Crime Prevention Unit at <crimebite@mit.edu
>.
Locks and cables for computers and electronic devices can be obtained
from MIT-preferred vendors KSL Security <http://www.kslsecurity.com>
or Office Depot <http://www.officedepot.com> who provide MIT users
with substantial discounts. KSL Security will even come on campus to
install their locks and cables for you.
=========================
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://web.mit.edu/ist/security
---------------------------------------
Important: DO NOT GIVE OUT YOUR PASSWORDS!
Ignore emails asking you to provide yours. IS&T will *NEVER* ask you
for your password.
--Apple-Mail-24-429400173
Content-Type: text/html;
charset=US-ASCII
Content-Transfer-Encoding: quoted-printable
<html><body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; =
-webkit-line-break: after-white-space; "><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; ">In this issue:</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; ">1. January 2009 Security =
Updates</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; ">2. Vulnerabilities Addressed in MS08-067 Are =
Still Being Exploited</div><div style=3D"margin-top: 0px; margin-right: =
0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; ">3. A Serious Flaw Found in Safari</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; ">4. =
Reported Breaches Up Nearly 50 Percent</div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Helvetica; min-height: 17px; =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
">-------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; ">1. =
January 2009 Security Updates</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; =
">-------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; ">---- Microsoft ----</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; ">Microsoft has provided updates =
for just one critical vulnerability in the Microsoft Security Bulletin =
Summary for January 2009. Systems affected:</div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Helvetica; min-height: 17px; =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; "> * Microsoft Windows =
2000, XP, and Vista</div><div style=3D"margin-top: 0px; margin-right: =
0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; "> * Microsoft Windows =
Server 2000, 2003, and 2008</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; ">In =
their bulletin for January 2009, Microsoft released updates to address =
vulnerabilities in the Server Message Block (SMB) Protocol that affects =
all supported versions of Microsoft Windows. A remote, unauthenticated =
attacker could gain elevated privileges, execute arbitrary code, or =
cause a denial of service. The threat is more severe for older versions =
of the operating system. These patches are now approved for deployment =
via MIT WAUS.</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
">For more information on this update:</div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Helvetica; "><<a =
href=3D"http://www.microsoft.com/technet/security/bulletin/ms09-jan.mspx">=
http://www.microsoft.com/technet/security/bulletin/ms09-jan.mspx</a>></div=
><div style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; ">---- Apple ----</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; ">This month has not yet seen any =
security updates from Apple.</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
">---- Oracle ----</div><div style=3D"margin-top: 0px; margin-right: =
0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
">Oracle has released updates for multiple vulnerabilities. For more =
information regarding affected product versions, please see the Oracle =
Critical Patch Update - January 2009.</div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Helvetica; "><<a =
href=3D"http://www.oracle.com/technology/deploy/security/critical-patch-up=
dates/cpujan2009.html">http://www.oracle.com/technology/deploy/security/cr=
itical-patch-updates/cpujan2009.html</a>></div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Helvetica; min-height: 17px; =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; ">Oracle has associated CVE identifiers with the =
vulnerabilities addressed in this Critical Patch Update. The impact of =
these vulnerabilities varies depending on the product, component, =
and configuration of the system. Potential consequences include the =
execution of arbitrary code or commands, information disclosure, and =
denial of service. Vulnerable components may be available to =
unauthenticated, remote attackers. An attacker who compromises an Oracle =
database may be able to access sensitive information.</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; =
">------------------------------------------------------------------------=
-----------</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; ">2. Vulnerabilities Addressed in MS08-067 Are =
Still Being Exploited</div><div style=3D"margin-top: 0px; margin-right: =
0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; =
">------------------------------------------------------------------------=
-----------</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; ">On =
October 23, 2008, Microsoft released an out-of-cycle patch MS08-067 for =
a vulnerability in Windows. All Windows users were advised to download =
the update, however, three weeks after the public disclosure, =
approximately 300 MIT machines were still vulnerable. This week there =
remain about 68 machines unpatched on the MIT network. It is important =
that users download critical patches as they are released. IT Security =
Support staff have been persistent in notifying vulnerable machine =
owners of the situation.</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; ">If =
there is reason to believe a Windows machine in your area has not been =
patched against this vulnerability, please take the time to do =
so.</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
">Some businesses that have not yet applied the patch issued in October =
have found their systems infected with a worm that uses a dictionary =
attack to crack user passwords; user accounts are locked out of Active =
Directory while the worm tries to find their passwords. A removal =
tool is available, and users are urged to apply the patch as soon as =
possible. Other exploits similar to this one have also been =
identified.</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
">Detailed information about this bulletin is available here:</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
"><<a =
href=3D"http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx">=
http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx</a>></div=
><div style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><p style=3D"margin: 0.0px 0.0px 0.0px =
0.0px; font: 14.0px Helvetica; min-height: 17.0px"> <br =
class=3D"webkit-block-placeholder"></p><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; =
">-------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; ">3. =
A Serious Flaw Found in Safari</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; =
">-------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; ">Apple's Safari browser on Windows =
and Mac OS X is vulnerable to a bug that could allow a malicious website =
to read files on the user's hard drive, according to a security =
researcher. There has been no patch released for this =
vulnerability. </div><div style=3D"margin-top: 0px; margin-right: =
0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
">Read the full story here:</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
"><<a =
href=3D"http://news.zdnet.co.uk/security/0,1000000189,39591617,00.htm">htt=
p://news.zdnet.co.uk/security/0,1000000189,39591617,00.htm</a>></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; ">This article provides recommended =
workarounds:</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
"><<a =
href=3D"http://brian.mastenbrook.net/display/27">http://brian.mastenbrook.=
net/display/27</a>></div><div style=3D"margin-top: 0px; margin-right: =
0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; =
">--------------------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; ">4. =
Reported Breaches Up Nearly 50 Percent</div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Helvetica; =
">--------------------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; ">According to statistics gathered =
by the Identity Theft Resource Center, there were 656 data breaches =
reported by businesses, schools and governments in 2008, up from 446 in =
2007, an increase of nearly 50 percent. Breaches at businesses =
accounted for 37 percent of the total, while breaches at schools =
accounted for 20 percent. The percentage of breaches involving =
current and former employees more than doubled to 16 percent in 2008. =
The top cause of breaches was human error, which includes lost or =
stolen laptops and data storage devices, and inadvertent exposure of =
data. [Article source: SANS]</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
">Read the full story here:</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; "><<a =
href=3D"http://www.washingtonpost.com/wp-dyn/content/article/2009/01/05/AR=
2009010503046_pf.html">http://www.washingtonpost.com/wp-dyn/content/articl=
e/2009/01/05/AR2009010503046_pf.html</a>></div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Helvetica; min-height: 17px; =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; ">or here:</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; "><<a =
href=3D"http://www.techweb.com/article/showArticle?articleID=3D212700890">=
http://www.techweb.com/article/showArticle?articleID=3D212700890</a>></div=
><div style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; ">Laptop and storage device theft =
also occurs on MIT's campus. To reduce the risk of theft, contact the =
MIT Crime Prevention Unit at <<a =
href=3D"mailto:crimebite@mit.edu">crimebite@mit.edu</a>>. </div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; ">Locks and cables for computers =
and electronic devices can be obtained from MIT-preferred vendors KSL =
Security <<a =
href=3D"http://www.kslsecurity.com">http://www.kslsecurity.com</a>> or =
Office Depot <<a =
href=3D"http://www.officedepot.com">http://www.officedepot.com</a>> who =
provide MIT users with substantial discounts. KSL Security will even =
come on campus to install their locks and cables for =
you.</div><div><br></div><div apple-content-edited=3D"true"><span =
class=3D"Apple-style-span" style=3D"border-collapse: separate; color: =
rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: =
normal; font-variant: normal; font-weight: normal; letter-spacing: =
normal; line-height: normal; orphans: 2; text-align: auto; text-indent: =
0px; text-transform: none; white-space: normal; widows: 2; word-spacing: =
0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 14px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 14px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 14px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 14px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 14px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 14px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 14px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 14px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><div><span class=3D"Apple-style-span" =
style=3D"font-size: 12px; "><div style=3D"font-size: 12px; "><br =
class=3D"khtml-block-placeholder"></div><div style=3D"font-size: 12px; =
">=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D</div><div style=3D"font-size: 12px; ">Monique Yeaton</div><div =
style=3D"font-size: 12px; ">IT Security Awareness Consultant</div><div =
style=3D"font-size: 12px; ">MIT Information Services & Technology =
(IS&T)</div><div style=3D"font-size: 12px; ">(617) =
253-2715</div><div style=3D"font-size: 12px; "><a =
href=3D"http://web.mit.edu/ist/security">http://web.mit.edu/ist/security</=
a></div></span></div><div><br></div><div><span class=3D"Apple-style-span" =
style=3D"color: rgb(192, 0, 0); font-family: Arial; font-size: 12px; =
font-weight: bold; =
">---------------------------------------</span></div><div><font =
class=3D"Apple-style-span" color=3D"#C00000" face=3D"Arial" =
size=3D"3"><span class=3D"Apple-style-span" style=3D"font-size: 12px; =
"><b><span class=3D"Apple-style-span" style=3D"color: rgb(0, 0, 0); =
font-family: Helvetica; font-size: 14px; font-weight: normal; =
"><div><font class=3D"Apple-style-span" color=3D"#C00000" face=3D"Arial" =
size=3D"3"><span class=3D"Apple-style-span" style=3D"font-size: 12px; =
"><b>Important: DO NOT GIVE OUT YOUR =
PASSWORDS! </b></span></font></div><div><font =
class=3D"Apple-style-span" color=3D"#C00000" face=3D"Arial" =
size=3D"3"><span class=3D"Apple-style-span" style=3D"font-size: 12px; =
"><b>Ignore emails asking you to provide yours. IS&T will *NEVER* =
ask you for your =
password. </b></span></font></div></span></b></span></font></div></di=
v></span></div></span></div></span></div></span></div></span></div></span>=
</div></span></div></span></div></span> </div><br></body></html>=
--Apple-Mail-24-429400173--
--===============0194702468==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
ist-security-fyi mailing list
ist-security-fyi@mit.edu
To Unsubscribe http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
--===============0194702468==--
