[1986] in Security FYI
[IS&T Security-FYI] SFYI Newsletter, September 8, 2009
daemon@ATHENA.MIT.EDU (Monique Yeaton)
Tue Sep 8 16:01:28 2009
Message-Id: <3150B89A-BBE7-4EAD-9269-E81703471073@mit.edu>
From: Monique Yeaton <myeaton@mit.edu>
To: ist-security-fyi@mit.edu
Mime-Version: 1.0 (Apple Message framework v936)
Date: Tue, 8 Sep 2009 15:58:42 -0400
Cc: "itss@MIT.EDU" <itss@mit.edu>
Content-Type: multipart/mixed; boundary="===============0514461066=="
Errors-To: ist-security-fyi-bounces@mit.edu
--===============0514461066==
Content-Type: multipart/signed; boundary=Apple-Mail-56--745183796; micalg=sha1;
protocol="application/pkcs7-signature"
--Apple-Mail-56--745183796
Content-Type: multipart/alternative;
boundary=Apple-Mail-55--745183861
--Apple-Mail-55--745183861
Content-Type: text/plain;
charset=WINDOWS-1252;
format=flowed;
delsp=yes
Content-Transfer-Encoding: quoted-printable
In this issue:
1. September 2009 Security Patches
2. The Dangerous iFrame
3. Risky Celebrity Searches
4. Phishing Attacks Diminishing?
-----------------------------------------------
1. September 2009 Security Patches
-----------------------------------------------
---- Microsoft ----
Systems affected:
* Windows 2000
* Windows XP
* Windows Server 2003
* Windows Vista
* Windows Server 2008
As part of its monthly security bulletin release cycle, Microsoft will =20=
be releasing 5 critical updates today (Tuesday, September 8th).
Read the advance bulletin in full here:
<http://www.microsoft.com/technet/security/bulletin/ms09-sep.mspx>
---- Apple ----
Systems affected:
* Mac OS X 10.5.8
On September 3rd, Apple released Java for Mac OS X 10.5 Update 5 to =20
address various vulnerabilities in Java 1.6.0_13, Java 1.5.0_19 and =20
Java 1.4.2_21.
The update can be downloaded from Support Downloads =
<http://support.apple.com/downloads/=20
> or Software Update.
---------------------------------
2. The Dangerous iFrame
---------------------------------
While the risks of iFrames (a standard html element that embeds a =20
document inside the presentation of another html document, also see: =
<http://en.wikipedia.org/wiki/HTML_element#Frames=20
>) on web pages is nothing new, ScanSafe recently posted a blog entry =20=
about finding nearly 55,000 compromised web site pages due to a potent =20=
"trojan cocktail" consisting of backdoors, password stealers, and a =20
downloader. The iFrame on these web sites points to an intermediary =20
exploit site, which in turn loads additional exploits and malware from =20=
up to seven different malware domains. The vulnerability is Windows-=20
only and will exploit an unprotected system.
Read the blog entry from ScanSafe here:
=
<http://blog.scansafe.com/journal/2009/8/21/up-to-55k-compromised-by-poten=
t-backdoordata-theft-cocktail.html=20
>
Per Mike Kassner of TechRepublic.com, this information is fascinating =20=
in that we can repeat the experiment ScanSafe used to easily find how =20=
many Web pages are currently infected. Enter =93script =
src=3Dhttp://a0v.org/x.js=20
=94 in your favorite search engine and check the number of search =20
results that come up. (DO NOT CLICK on any of the urls in the list!)
Read TechRepublic's response blog entry here:
<http://blogs.techrepublic.com.com/security/?p=3D2213&tag=3Dnl.e036>
Are you a web developer using iFrames in your sites? If so, you may =20
want to ensure you're taking the right precautions against an exploit. =20=
If you need additional reasons, some can be found here:
<http://www.thespanner.co.uk/2007/10/24/iframes-security-summary/>
-----------------------------------
3. Risky Celebrity Searches
-----------------------------------
In response to a report released by computer security company McAfee, =20=
the mainstream media has recently been listing some of the most =20
dangerous celebrities to look for on the Internet. This is not actual =20=
news, as celebrity searches have been a risk for quite some time. Any =20=
time you conduct a search online for a popular term, you will notice =20
the amount of bogus advertising and web sites that will appear.
According to Boston.com: "Some people use the popularity of the Web to =20=
lure unsuspecting surfers to their sites, where they then unleash =20
their viruses, spyware, spam, and other threats." The news site lists =20=
the top 16 celebrities from the McAfee report here:
=
<http://www.boston.com/business/technology/gallery/mostdangerouscelebritie=
s/=20
>
-----------------------------------------
4. Phishing Attacks Diminishing?
-----------------------------------------
A report from IBM indicates that phishing attacks appear to be =20
declining. Cyber criminals now appear to be leaning toward malicious =20
links and Trojan horse programs designed to steal passwords and other =20=
sensitive information. The X-Force report says that in 2008, phishing =20=
attacks accounted for 0.5 percent of all spam; during the first half =20
of 2009, that figure fell to 0.1 percent. The report also says that =20
the number of malicious links on the web is up 508 percent in the =20
first half of 2009.
Read the full story here:
=
<http://voices.washingtonpost.com/securityfix/2009/08/phishing_attacks_on_=
the_wane.html=20
>
[News source: SANS NewsBites]
=3D=20
=3D=20
=3D=20
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Find current and older issues of Security FYI Newsletter: =
<http://kb.mit.edu/confluence/x/ehBB=20
>
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
---------------------------------------
Important: DO NOT GIVE OUT YOUR PASSWORDS!
Ignore emails asking you to provide yours. IS&T will *NEVER* ask you =20
for your password.
--Apple-Mail-55--745183861
Content-Type: text/html;
charset=WINDOWS-1252
Content-Transfer-Encoding: quoted-printable
<html><body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; =
-webkit-line-break: after-white-space; "><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">In =
this issue:</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">1. September 2009 Security =
Patches</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; ">2. The Dangerous iFrame</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">3. =
Risky Celebrity Searches</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">4. Phishing Attacks =
Diminishing?</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; min-height: 16px; =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; =
">-----------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">1. =
September 2009 Security Patches</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; =
">-----------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; "> ---- Microsoft ----</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; "> Systems affected:</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; "> * Windows 2000</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
"> * Windows XP</div><div style=3D"margin-top: 0px; margin-right: =
0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; "> * Windows Server 2003</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
"> * Windows Vista</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; "> * Windows Server 2008</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">As part of its monthly security =
bulletin release cycle, Microsoft will be releasing 5 critical updates =
today (Tuesday, September 8th).</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">Read =
the advance bulletin in full here:</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; "><<a =
href=3D"http://www.microsoft.com/technet/security/bulletin/ms09-sep.mspx">=
http://www.microsoft.com/technet/security/bulletin/ms09-sep.mspx</a>></=
div><div style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: =
0px; margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; "> ---- Apple ----</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">Systems affected:</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; "> * Mac OS X 10.5.8</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">On September 3rd, Apple released Java =
for Mac OS X 10.5 Update 5 to address various vulnerabilities in Java =
1.6.0_13, Java 1.5.0_19 and Java 1.4.2_21. </div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">The update can be downloaded from =
Support Downloads <<a =
href=3D"http://support.apple.com/downloads/">http://support.apple.com/down=
loads/</a>> or Software Update.</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; =
">---------------------------------</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">2. The Dangerous iFrame</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
">---------------------------------</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">While =
the risks of iFrames (a standard html element that embeds a document =
inside the presentation of another html document, also see: <<a =
href=3D"http://en.wikipedia.org/wiki/HTML_element#Frames">http://en.wikipe=
dia.org/wiki/HTML_element#Frames</a>>) on web pages is nothing new, =
ScanSafe recently posted a blog entry about finding nearly 55,000 =
compromised web site pages due to a potent "trojan cocktail" consisting =
of backdoors, password stealers, and a downloader. The iFrame on these =
web sites points to an intermediary exploit site, which in turn loads =
additional exploits and malware from up to seven different malware =
domains. The vulnerability is Windows-only and will exploit an =
unprotected system.</div><div style=3D"margin-top: 0px; margin-right: =
0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">Read the blog entry from =
ScanSafe here:</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; "><<a =
href=3D"http://blog.scansafe.com/journal/2009/8/21/up-to-55k-compromised-b=
y-potent-backdoordata-theft-cocktail.html">http://blog.scansafe.com/journa=
l/2009/8/21/up-to-55k-compromised-by-potent-backdoordata-theft-cocktail.ht=
ml</a>></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">Per Mike Kassner of =
TechRepublic.com, this information is fascinating in that we can repeat =
the experiment ScanSafe used to easily find how many Web pages are =
currently infected. Enter =93script src=3D<a =
href=3D"http://a0v.org/x.js">http://a0v.org/x.js</a>=94 in your favorite =
search engine and check the number of search results that come up. (DO =
NOT CLICK on any of the urls in the list!)</div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; min-height: 16px; =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; ">Read TechRepublic's response blog entry =
here:</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; "><<a =
href=3D"http://blogs.techrepublic.com.com/security/?p=3D2213&tag=3Dnl.=
e036">http://blogs.techrepublic.com.com/security/?p=3D2213&tag=3Dnl.e0=
36</a>></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">Are you a web developer using =
iFrames in your sites? If so, you may want to ensure you're taking the =
right precautions against an exploit. If you need additional reasons, =
some can be found here:</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; "><<a =
href=3D"http://www.thespanner.co.uk/2007/10/24/iframes-security-summary/">=
http://www.thespanner.co.uk/2007/10/24/iframes-security-summary/</a>></=
div><div style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: =
0px; margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
">-----------------------------------</div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">3. Risky Celebrity =
Searches</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; ">-----------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">In response to a report released by =
computer security company McAfee, the mainstream media has recently been =
listing some of the most dangerous celebrities to look for on the =
Internet. This is not actual news, as celebrity searches have been a =
risk for quite some time. Any time you conduct a search online for a =
popular term, you will notice the amount of bogus advertising and web =
sites that will appear. </div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
">According to Boston.com: "Some people use the popularity of the Web to =
lure unsuspecting surfers to their sites, where they then unleash their =
viruses, spyware, spam, and other threats." The news site lists the top =
16 celebrities from the McAfee report here:</div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; "><<a =
href=3D"http://www.boston.com/business/technology/gallery/mostdangerouscel=
ebrities/">http://www.boston.com/business/technology/gallery/mostdangerous=
celebrities/</a>></div><div style=3D"margin-top: 0px; margin-right: =
0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; min-height: 16px; =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; ">-----------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">4. =
Phishing Attacks Diminishing?</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; =
">-----------------------------------------</div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; min-height: 16px; =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; ">A report from IBM indicates that phishing attacks =
appear to be declining. Cyber criminals now appear to be leaning =
toward malicious links and Trojan horse programs designed to steal =
passwords and other sensitive information. The X-Force report says that =
in 2008, phishing attacks accounted for 0.5 percent of all spam; during =
the first half of 2009, that figure fell to 0.1 percent. The report also =
says that the number of malicious links on the web is up 508 percent in =
the first half of 2009.</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">Read =
the full story here:</div><div style=3D"margin-top: 0px; margin-right: =
0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; "><<a =
href=3D"http://voices.washingtonpost.com/securityfix/2009/08/phishing_atta=
cks_on_the_wane.html">http://voices.washingtonpost.com/securityfix/2009/08=
/phishing_attacks_on_the_wane.html</a>></div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; min-height: 16px; =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; ">[News source: SANS NewsBites]</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; =
">=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">Find current and older issues =
of Security FYI Newsletter: <<a =
href=3D"http://kb.mit.edu/confluence/x/ehBB"><span =
style=3D"text-decoration: underline ; color: =
#2151aa">http://kb.mit.edu/confluence/x/ehBB</span></a>></div><div><fon=
t class=3D"Apple-style-span" face=3D"Arial"><br></font></div><div =
apple-content-edited=3D"true"><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Calibri; font-size: medium; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-align: auto; text-indent: 0px; text-transform: none; =
white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Calibri; font-size: medium; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Calibri; font-size: 14px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; =
"><div><div><div><div><div><div><div><div><div><div><div><div><br></div><d=
iv>=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D</div><div>Monique Yeaton</div><div>IT Security Awareness =
Consultant</div><div>MIT Information Services & Technology =
(IS&T)</div><div>(617) 253-2715</div><div><a =
href=3D"http://ist.mit.edu/security">http://ist.mit.edu/security</a></div>=
</div><div><br></div><div>---------------------------------------</div><di=
v><div><font class=3D"Apple-style-span" color=3D"#FF0000">Important: DO =
NOT GIVE OUT YOUR PASSWORDS! </font></div><div><font =
class=3D"Apple-style-span" color=3D"#FF0000">Ignore emails asking you to =
provide yours. IS&T will *NEVER* ask you for your =
password. </font></div></div></div></div></div></div></div></div></di=
v></div></div></div></div></span></div></span></div></span> =
</div><br></body></html>=
--Apple-Mail-55--745183861--
--Apple-Mail-56--745183796
Content-Disposition: attachment;
filename=smime.p7s
Content-Type: application/pkcs7-signature;
name=smime.p7s
Content-Transfer-Encoding: base64
MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIDwjCCA74w
ggMnoAMCAQICEQCgVkmJt2RPZFjUToeFtLUNMA0GCSqGSIb3DQEBBQUAMGwxCzAJBgNVBAYTAlVT
MRYwFAYDVQQIEw1NYXNzYWNodXNldHRzMS4wLAYDVQQKEyVNYXNzYWNodXNldHRzIEluc3RpdHV0
ZSBvZiBUZWNobm9sb2d5MRUwEwYDVQQLEwxDbGllbnQgQ0EgdjEwHhcNMDkwNzA3MTkwNzQ1WhcN
MTAwNzMxMTkwNzQ1WjCBpTELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMxLjAs
BgNVBAoTJU1hc3NhY2h1c2V0dHMgSW5zdGl0dXRlIG9mIFRlY2hub2xvZ3kxFTATBgNVBAsTDENs
aWVudCBDQSB2MTEXMBUGA1UEAxMOTW9uaXF1ZSBZZWF0b24xHjAcBgkqhkiG9w0BCQEWD215ZWF0
b25ATUlULkVEVTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL5YyEmHtimNf2l9Swh7
azen1VDYTAHPef/hu8pDiEdf51i6i/1uiI7RCvzmGt8SRR3gwx1MuJt3TCKKX7kedPK8owWHRDO1
SQTG+RJHEKa8IeG/7Fk8kXFJqBYbk5sA8YOQOwmlG2x5ssMhfoPAxc44rh9tk4VfDgASGZXQITa+
8SwLG2JSFgUlnvEJAOrw8XRXRX78mgPwkydJQNhfK+ikYm2JtyqM5cSwgLxHh0XldWAI7P4csM79
LQcG4HQZRmTCVeMuy67KgNjtg/94O5AfwLkbP6hwvqsDsfr8aTwhbrhkayJnvXeY0L2X4i9AasVP
aAC4apVYBbIQr5mW4S8CAwEAAaOBoTCBnjAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIFoDAd
BgNVHSUEFjAUBggrBgEFBQcDBAYIKwYBBQUHAwIwCwYDVR0PBAQDAgXgMB0GA1UdDgQWBBRfbDIy
HJrY3A0bf+451r8D8oZXGjAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY2EubWl0LmVkdS9jYS9t
aXRjbGllbnQuY3JsMA0GCSqGSIb3DQEBBQUAA4GBAIa1unH8mI8xbBDdr0Iqub03tHeb4/VWpsPq
GmhYH9vXRI6x7B+dAIwghm4gKo9y4d8qlgcx+1sLjRQ8DkZcXacX52a1eb1qYzXhzNGkxp4EEZIq
xYCHWJRYuitl+cpqVbS0Dxh/+gC5KL4LkMRJjQ6kP1ns99bdK132BxmyNX1+MYIDNjCCAzICAQEw
gYEwbDELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMxLjAsBgNVBAoTJU1hc3Nh
Y2h1c2V0dHMgSW5zdGl0dXRlIG9mIFRlY2hub2xvZ3kxFTATBgNVBAsTDENsaWVudCBDQSB2MQIR
AKBWSYm3ZE9kWNROh4W0tQ0wCQYFKw4DAhoFAKCCAYkwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEH
ATAcBgkqhkiG9w0BCQUxDxcNMDkwOTA4MTk1ODQzWjAjBgkqhkiG9w0BCQQxFgQUWlHIRYqraJ3Q
Ljt1MjoagtCaVLQwgZIGCSsGAQQBgjcQBDGBhDCBgTBsMQswCQYDVQQGEwJVUzEWMBQGA1UECBMN
TWFzc2FjaHVzZXR0czEuMCwGA1UEChMlTWFzc2FjaHVzZXR0cyBJbnN0aXR1dGUgb2YgVGVjaG5v
bG9neTEVMBMGA1UECxMMQ2xpZW50IENBIHYxAhEAoFZJibdkT2RY1E6HhbS1DTCBlAYLKoZIhvcN
AQkQAgsxgYSggYEwbDELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMxLjAsBgNV
BAoTJU1hc3NhY2h1c2V0dHMgSW5zdGl0dXRlIG9mIFRlY2hub2xvZ3kxFTATBgNVBAsTDENsaWVu
dCBDQSB2MQIRAKBWSYm3ZE9kWNROh4W0tQ0wDQYJKoZIhvcNAQEBBQAEggEAaufP5ogT9EKk2PDC
qMcNkGUGsAnkQHE3CwuiMpEFyRDsHm9U7aYtP/rLEL6FBv8R5hiXTJOVo+TM9gg5wuvp1RTRAW/s
F7NCaqFxqHS+YypEseA2b+ZFIvG4tofcgXfVFAHgpqulD6dTTcdLvK3dI4jxQUoGXeoDa5PlWF9n
jOO2k8+mMQuuSmY8lC2d01ehxTK/RwT2z/p1Roi9eBfQSCL8tw6whr37pdxe3A0vKbbGvD90MSI+
bnpn3imf1cEkV3Hnha1f7aYOyvC8FEDiGy0NxjsxTvfNDsjNdXwDCG2SM+pv2eUSglu+Ku1jEB8W
mz5mAOSISL2OXw+QgPXYTAAAAAAAAA==
--Apple-Mail-56--745183796--
--===============0514461066==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
ist-security-fyi mailing list
ist-security-fyi@mit.edu
To Unsubscribe http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
--===============0514461066==--
