[1811] in Security FYI
[IS&T Security-FYI] SFYI Newsletter, June 15, 2009
daemon@ATHENA.MIT.EDU (Monique Yeaton)
Mon Jun 15 13:24:15 2009
Message-Id: <A1DF0640-E48B-4A63-8C38-43557F864807@mit.edu>
From: Monique Yeaton <myeaton@MIT.EDU>
To: ist-security-fyi@MIT.EDU
Mime-Version: 1.0 (Apple Message framework v935.3)
Date: Mon, 15 Jun 2009 13:18:54 -0400
Cc: itss@MIT.EDU
Content-Type: multipart/mixed; boundary="===============2132313847=="
Errors-To: ist-security-fyi-bounces@MIT.EDU
--===============2132313847==
Content-Type: multipart/alternative; boundary=Apple-Mail-31-491162363
--Apple-Mail-31-491162363
Content-Type: text/plain;
charset=US-ASCII;
format=flowed;
delsp=yes
Content-Transfer-Encoding: 7bit
In this issue:
1. June 2009 Security Updates
2. The Tagged.com Scam
3. Temporary Dip in Spam Levels
---------------------------------------
1. June 2009 Security Updates
---------------------------------------
----- Microsoft -----
As part of the Microsoft Security Bulletin Summary for June 2009,
Microsoft released ten updates (six of them critical) to address 31
vulnerabilities that affect:
* Microsoft Windows
* Office
* Internet Explorer
A remote, unauthenticated attacker could execute arbitrary code, gain
elevated privileges, or cause a vulnerable application to crash. Users
and administrators are advised to download the updates. The security
patches in this update are now approved for installation via MIT WAUS.
Read the update in full here:
<http://www.microsoft.com/technet/security/bulletin/ms09-jun.mspx>
In addition to the 10 security bulletins, Microsoft released an
updated version of its Malicious Software Removal Tool so that it now
detects and removes scareware known as Internet Antivirus Pro. The
malware pops up a phony warning message on infected computers and
claims to be scanning the machines for malware, but it really
downloads software that searches for and steals FTP user names and
passwords.
Read more here:
<http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9134161
>
----- Apple -----
Apple has released several security updates in June for more than 50
vulnerabilities it found in its software. Updates released were:
* QuickTime 7.6.2
* iTunes 8.2
* Safari 4.0
The updates were released for Mac OS X 10.4.10 or later, Windows XP,
and Vista.
Read the updates in full here:
<http://support.apple.com/kb/HT1222>
----- Adobe -----
Adobe's first scheduled quarterly security update arrived on June 9,
2009; it addresses 13 critical security flaws including heap overflow
vulnerabilities, a stack overflow vulnerability, and a memory
corruption flaw that could be exploited to execute arbitrary code.
Systems affected:
* Adobe Reader versions 9.1.1 and earlier, 8.1.5 and earlier, and
7.1.2 and earlier
* Adobe Acrobat (Standard, Professional, and 3D) versions 9.1.1 and
earlier, 8.1.5 and earlier, and 7.1.2 and earlier
Users are encouraged to read Adobe Security Bulletin APSB09-07 and
update vulnerable versions of Adobe Reader and Acrobat:
<http://www.adobe.com/support/security/bulletins/apsb09-07.html>
Workarounds/tips:
Disable JavaScript in Adobe Reader and Acrobat.
Disable the display of PDF documents in the web browser.
Do not open unfamiliar or unexpected PDF documents, particularly those
hosted on websites or delivered as email attachments.
---------------------------------
2. The Tagged.com Scam
---------------------------------
The Tagged.com scam, first seen in 2007, appears to be rearing its
ugly head again. This scam (which some may argue is not a scam, but is
merely a form of inappropriate and deceptive behavior by the company)
appears in the form of an email saying a friend wants to share photos
with you from a site called Tagged.com.
The email comes from the address book of one of your friends, whose
information has been accessed. If you click either "yes" or "no,"
you'll be taken to a fairly unassuming page that asks for some
personal information.
Do not open or respond to these emails! If you do, you'll risk opening
up your address book to spammers. As part of the signing up process to
Tagged.com, you are asked for your email username and password. What
you may not know is that if you enter this information, your email
address book is then used by Tagged.com to send out more "commercial
email," basically spam, trying to get more of your friends to sign up.
They may even be selling your email to other spammers.
Fake or deceptive social networking sites are cropping up more and
more as they become more popular. A good rule of thumb for identifying
the real thing from a scam:
Any social networking site that asks you to put personal information
into a form that shouldn't be needed to sign up or access a friend's
page (like date of birth, email username and PASSWORD, gender, etc) is
a tip-off that they are NOT legitimate. No legitimate social
networking site or photo sharing site should ever need this
information from you. If you're still not sure of its legitimacy,
first email your friend to ask if he/she actually sent the email.
Read more here:
<http://www.markturner.net/2009/06/06/taggedcom-a-social-media-scam/>
<http://www.snopes.com/computer/internet/tagged.asp>
-------------------------------------------
3. Temporary Dip in Spam Levels
-------------------------------------------
The level of spam fell 15 percent following the Federal Trade
Commission (FTC) order to shut down the Internet service provider
Pricewert, also known as 3FN. However, the respite appears to be
short-lived, as spam volumes have begun climbing again. The Cutwail
botnet, also known as Pushdo, experienced significant downturns in
activity following the shutdown. The level of spam is expected to
resume its prior level - about 90 percent of all email sent - once
spammers make arrangements with companies based outside the US where
anti-spam enforcement is not as rigorous. The FTC made its decision
to order the takedown based on Pricewert's reputation for recruiting
and cooperating with cyber criminals.
Read more here:
<http://news.cnet.com/8301-1009_3-10260338-83.html?part=rss&subj=news&tag=2547-1009_3-0-20
>
<http://www.scmagazineus.com/Pricewert-shutdown-brought-only-short-lived-drop-in-spam/article/138298/
>
[Article source: SANS.org]
=
=
=
========================================================================
Find current and older issues of Security FYI Newsletter: <http://kb.mit.edu/confluence/x/ehBB
>
=========================
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://web.mit.edu/ist/security
---------------------------------------
Important: DO NOT GIVE OUT YOUR PASSWORDS!
Ignore emails asking you to provide yours. IS&T will *NEVER* ask you
for your password.
--Apple-Mail-31-491162363
Content-Type: text/html;
charset=US-ASCII
Content-Transfer-Encoding: quoted-printable
<html><body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; =
-webkit-line-break: after-white-space; "><div =
apple-content-edited=3D"true"><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Calibri; font-size: 14px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-align: auto; text-indent: 0px; text-transform: none; =
white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><div><div><span class=3D"Apple-style-span" =
style=3D"font-size: medium;"><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">In =
this issue:</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">1. June 2009 Security =
Updates</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; ">2. The Tagged.com Scam</div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">3. Temporary Dip in Spam =
Levels</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; min-height: 16px; =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; ">---------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">1. =
June 2009 Security Updates</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; =
">---------------------------------------</div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; min-height: 16px; =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; "> ----- Microsoft -----</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">As part of the Microsoft Security =
Bulletin Summary for June 2009, Microsoft released ten updates (six of =
them critical) to address 31 vulnerabilities that affect:</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; "> * Microsoft Windows</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
"> * Office</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; "> * Internet Explorer</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">A remote, unauthenticated attacker =
could execute arbitrary code, gain elevated privileges, or cause a =
vulnerable application to crash. Users and administrators are advised to =
download the updates. The security patches in this update are now =
approved for installation via MIT WAUS.</div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; min-height: 16px; =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; ">Read the update in full here:</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; "><<a =
href=3D"http://www.microsoft.com/technet/security/bulletin/ms09-jun.mspx">=
http://www.microsoft.com/technet/security/bulletin/ms09-jun.mspx</a>></=
div><div style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: =
0px; margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">In addition to the 10 security =
bulletins, Microsoft released an updated version of its Malicious =
Software Removal Tool so that it now detects and removes scareware known =
as Internet Antivirus Pro. The malware pops up a phony warning message =
on infected computers and claims to be scanning the machines for =
malware, but it really downloads software that searches for and steals =
FTP user names and passwords.</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">Read =
more here:</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; "><<a =
href=3D"http://www.computerworld.com/action/article.do?command=3DviewArtic=
leBasic&articleId=3D9134161&source=3DCTWNLE_nlt_dailyam_2009-06-10=
">http://www.computerworld.com/action/article.do?command=3DviewArticleBasi=
c&articleId=3D9134161</a>></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; "> ----- Apple =
----- </div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">Apple has released several =
security updates in June for more than 50 vulnerabilities it found in =
its software. Updates released were:</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
"> * QuickTime 7.6.2</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; "> * iTunes 8.2</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
"> * Safari 4.0</div><div style=3D"margin-top: 0px; margin-right: =
0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">The updates were released for =
Mac OS X 10.4.10 or later, Windows XP, and Vista.</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">Read the updates in full =
here:</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; "><<a =
href=3D"http://support.apple.com/kb/HT1222">http://support.apple.com/kb/HT=
1222</a>></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; min-height: 16px; =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; "> ----- Adobe ----- </div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">Adobe's first scheduled quarterly =
security update arrived on June 9, 2009; it addresses 13 critical =
security flaws including heap overflow vulnerabilities, a stack overflow =
vulnerability, and a memory corruption flaw that could be exploited to =
execute arbitrary code. Systems affected:</div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; min-height: 16px; =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; "> * Adobe Reader versions 9.1.1 and earlier, =
8.1.5 and earlier, and 7.1.2 and earlier</div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; "> * Adobe Acrobat =
(Standard, Professional, and 3D) versions 9.1.1 and earlier, 8.1.5 and =
earlier, and 7.1.2 and earlier</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">Users =
are encouraged to read Adobe Security Bulletin APSB09-07 and update =
vulnerable versions of Adobe Reader and Acrobat:</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; "><<a =
href=3D"http://www.adobe.com/support/security/bulletins/apsb09-07.html">ht=
tp://www.adobe.com/support/security/bulletins/apsb09-07.html</a>></div>=
<div style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">Workarounds/tips:</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
">Disable JavaScript in Adobe Reader and Acrobat.</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
">Disable the display of PDF documents in the web browser.</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">Do not =
open unfamiliar or unexpected PDF documents, particularly those hosted =
on websites or delivered as email attachments.</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
">---------------------------------</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">2. The Tagged.com Scam</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
">---------------------------------</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">The =
Tagged.com scam, first seen in 2007, appears to be rearing its ugly head =
again. This scam (which some may argue is not a scam, but is merely a =
form of inappropriate and deceptive behavior by the company) appears in =
the form of an email saying a friend wants to share photos with you from =
a site called Tagged.com. </div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">The =
email comes from the address book of one of your friends, whose =
information has been accessed. If you click either "yes" or "no," you'll =
be taken to a fairly unassuming page that asks for some personal =
information.</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">Do not open or respond to =
these emails! If you do, you'll risk opening up your address book to =
spammers. As part of the signing up process to Tagged.com, you are asked =
for your email username and password. What you may not know is that if =
you enter this information, your email address book is then used by =
Tagged.com to send out more "commercial email," basically spam, trying =
to get more of your friends to sign up. They may even be selling your =
email to other spammers.</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">Fake =
or deceptive social networking sites are cropping up more and more as =
they become more popular. A good rule of thumb for identifying the real =
thing from a scam: </div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">Any =
social networking site that asks you to put personal information into a =
form that shouldn't be needed to sign up or access a friend's page (like =
date of birth, email username and PASSWORD, gender, etc) is a tip-off =
that they are NOT legitimate. No legitimate social networking site or =
photo sharing site should ever need this information from you. If you're =
still not sure of its legitimacy, first email your friend to ask if =
he/she actually sent the email.</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">Read =
more here:</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; "><<a =
href=3D"http://www.markturner.net/2009/06/06/taggedcom-a-social-media-scam=
/">http://www.markturner.net/2009/06/06/taggedcom-a-social-media-scam/</a>=
></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; "><<a =
href=3D"http://www.snopes.com/computer/internet/tagged.asp">http://www.sno=
pes.com/computer/internet/tagged.asp</a>></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
">-------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">3. =
Temporary Dip in Spam Levels</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; =
">-------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">The level of spam fell 15 percent =
following the Federal Trade Commission (FTC) order to shut down the =
Internet service provider Pricewert, also known as 3FN. However, =
the respite appears to be short-lived, as spam volumes have begun =
climbing again. The Cutwail botnet, also known as Pushdo, =
experienced significant downturns in activity following the shutdown. =
The level of spam is expected to resume its prior level - about 90 =
percent of all email sent - once spammers make arrangements with =
companies based outside the US where anti-spam enforcement is not as =
rigorous. The FTC made its decision to order the takedown based on =
Pricewert's reputation for recruiting and cooperating with cyber =
criminals.</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">Read more here:</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; "><<a =
href=3D"http://news.cnet.com/8301-1009_3-10260338-83.html?part=3Drss&s=
ubj=3Dnews&tag=3D2547-1009_3-0-20">http://news.cnet.com/8301-1009_3-10=
260338-83.html?part=3Drss&subj=3Dnews&tag=3D2547-1009_3-0-20</a>&g=
t;</div><div style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: =
0px; margin-left: 0px; font: normal normal normal 14px/normal Arial; =
"><<a =
href=3D"http://www.scmagazineus.com/Pricewert-shutdown-brought-only-short-=
lived-drop-in-spam/article/138298/">http://www.scmagazineus.com/Pricewert-=
shutdown-brought-only-short-lived-drop-in-spam/article/138298/</a>></di=
v><div style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">[Article source: SANS.org]</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; =
">=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">Find current and older issues =
of Security FYI Newsletter: <<a =
href=3D"http://kb.mit.edu/confluence/x/ehBB"><span =
style=3D"text-decoration: underline ; color: =
#2151aa">http://kb.mit.edu/confluence/x/ehBB</span></a>></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; =
"><br></div></span></div></div></div></span></div><div =
apple-content-edited=3D"true"><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Calibri; font-size: 14px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-align: auto; text-indent: 0px; text-transform: none; =
white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; =
"><div><div><div><div><div><div><div><div><div><div><div><div><br></div><d=
iv>=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D</div><div>Monique Yeaton</div><div>IT Security Awareness =
Consultant</div><div>MIT Information Services & Technology =
(IS&T)</div><div>(617) 253-2715</div><div><a =
href=3D"http://web.mit.edu/ist/security">http://web.mit.edu/ist/security</=
a></div></div><div><br></div><div>---------------------------------------<=
/div><div><div>Important: DO NOT GIVE OUT YOUR =
PASSWORDS! </div><div>Ignore emails asking you to provide yours. =
IS&T will *NEVER* ask you for your =
password. </div></div></div></div></div></div></div></div></div></div=
></div></div></div></span> </div><br></body></html>=
--Apple-Mail-31-491162363--
--===============2132313847==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
ist-security-fyi mailing list
ist-security-fyi@mit.edu
To Unsubscribe http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
--===============2132313847==--
