[2046] in Security FYI
[IS&T Security-FYI] SFYI Newsletter, October 13, 2009
daemon@ATHENA.MIT.EDU (Monique Yeaton)
Tue Oct 13 12:38:22 2009
Message-Id: <298A3E9C-6A63-4955-8DBF-510D0BACAC98@mit.edu>
From: Monique Yeaton <myeaton@mit.edu>
To: ist-security-fyi@mit.edu
Mime-Version: 1.0 (Apple Message framework v936)
Date: Tue, 13 Oct 2009 12:35:06 -0400
Cc: itss@mit.edu
Content-Type: multipart/mixed; boundary="===============1982928413=="
Errors-To: ist-security-fyi-bounces@mit.edu
--===============1982928413==
Content-Type: multipart/signed; boundary=Apple-Mail-18-119116421; micalg=sha1;
protocol="application/pkcs7-signature"
--Apple-Mail-18-119116421
Content-Type: multipart/alternative;
boundary=Apple-Mail-17-119116362
--Apple-Mail-17-119116362
Content-Type: text/plain;
charset=US-ASCII;
format=flowed;
delsp=yes
Content-Transfer-Encoding: 7bit
In this issue:
1. October 2009 Security Patches
2. FBI Rounds Up Phishing Criminals
3. Microsoft Blocks Hacked Hotmail Accounts
4. Is Phishing Really Declining?
-------------------------------------------
1. October 2009 Security Patches
-------------------------------------------
---- Microsoft ----
Systems affected:
Microsoft Office
Internet Explorer
SQL Server
Windows and Windows Server (all supported versions)
Various Developer Tools and Software
Forefront Security
According to its Security Bulletin Advance Notification for October
2009, Microsoft plans to release 13 security bulletins on Tuesday,
October 13 (today) to address various vulnerabilities. Eight of the
bulletins are rated critical, five are rated important. This is the
largest number of bulletins Microsoft has issued at one time since it
began its scheduled monthly security updates.
For details:
<http://www.microsoft.com/technet/security/bulletin/ms09-oct.mspx>
---- Adobe ----
Systems affected:
Adobe Reader
Adobe Acrobat 9.1.3
Adobe is warning that attackers are exploiting an unpatched flaw in
Reader and Acrobat 9.1.3 that could allow them to take control of
vulnerable computers. Adobe plans to issue a fix for the vulnerability
on Tuesday, October 13. Attackers can exploit the flaw by tricking
users into opening maliciously crafted PDF files. The limited targeted
attacks affect users running the vulnerable programs on Windows
machines.
For details:
<http://blogs.adobe.com/psirt/2009/10/adobe_reader_and_acrobat_issue_1.html
>
-----------------------------------------------
2. FBI Rounds Up Phishing Criminals
-----------------------------------------------
In one of the biggest international cybercrime cases, known as
Operation Phish Phry, the FBI and Egyptian authorities managed to net
100 suspects involved in online banking fraud. Defendants are from
California, Nevada and North Carolina, as well as Egypt. They face a
maximum of 20 years in prison for bank fraud, aggravated identity
theft, conspiracy to commit computer fraud, and domestic and
international money laundering.
The phishing scheme used by the criminals siphoned at least $1.5
million from thousands of accounts belonging to Bank of America and
Wells Fargo customers.
The case reflects the disturbing growing trend of international crime
groups recruiting skilled computer hackers with a common greed and
willingness to victimize unsuspecting people. What makes the job of
preventing these crimes difficult is the number of criminals who can
get away with it and the amount of money they can make doing it.
Hopefully the FBI and other international investigative groups will
continue to successfully close in on these criminals and shut them
down, but they still have a lot of work ahead of them.
Read the full story:
<http://www.informationweek.com/news/security/attacks/showArticle.jhtml?articleID=220301571
>
---------------------------------------------------------
3. Microsoft Blocks Hacked Hotmail Accounts
---------------------------------------------------------
Microsoft has blocked access to all the Hotmail accounts that were
recently compromised. Usernames and passwords for several thousand
accounts were posted to the Internet last week.
Microsoft has indicated it believes the data were obtained through a
phishing attack, but a researcher says that because the attack also
affected Gmail, Yahoo mail, and other accounts, and because so many
accounts were compromised overall, it bears characteristics suggesting
the data were stolen through surreptitiously installed keystroke
logging programs.
It was also found that many of the accounts had weak passwords. The
most popular password was "123456" for example.
Read the full story:
<http://www.informationweek.com/news/security/attacks/showArticle.jhtml?articleID=220301340
>
<http://www.darkreading.com/security/vulnerabilities/showArticle.jhtml?articleID=220301344
>
----------------------------------------
4. Is Phishing Really Declining?
----------------------------------------
The two stories above seem to be a clear indication that phishing
attacks are still happening in full force.
Recent reports by IBM and Symantec claimed phishing attacks are
decreasing. But according to the CEO of PacketFocus, Joshua Perrymon,
"Phishing attacks are not on the decline. Phishing attacks are
definitely on the rise and will continue to be a problem. One issue is
that people don't know that they are being phished, so most of the
reports will not reflect all the attacks."
Can you recognize a phishing attack? Test your skills with these 2
games:
<http://www.onguardonline.gov/games/phishing-scams.aspx> (this link
goes to an auto-play enabled embedded video)
<http://cups.cs.cmu.edu/antiphishing_phil/new/index.html>
Or with this quiz:
<http://www.sonicwall.com/phishing/>
=
=
=
========================================================================
Find current and older issues of Security FYI Newsletter: <http://kb.mit.edu/confluence/x/ehBB
>
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
===============================
October is National Cybersecurity Awareness Month.
Stay Safe Online!
Visit http://www.staysafeoneline.org for the latest cybersecurity tips.
--Apple-Mail-17-119116362
Content-Type: text/html;
charset=US-ASCII
Content-Transfer-Encoding: quoted-printable
<html><body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; =
-webkit-line-break: after-white-space; "><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">In =
this issue:</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">1. October 2009 Security =
Patches</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; ">2. FBI Rounds Up Phishing Criminals</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">3. =
Microsoft Blocks Hacked Hotmail Accounts</div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">4. Is Phishing Really =
Declining?</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; min-height: 16px; =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; =
">-------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">1. =
October 2009 Security Patches</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; =
">-------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; "> ---- Microsoft ----</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">Systems affected:</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div>
<ul style=3D"list-style-type: disc">
<li style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px =
Arial">Microsoft Office</li>
<li style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px =
Arial">Internet Explorer</li>
<li style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">SQL =
Server</li>
<li style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px =
Arial">Windows and Windows Server (all supported versions)</li>
<li style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px =
Arial">Various Developer Tools and Software</li>
<li style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px =
Arial">Forefront Security</li>
</ul><div style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: =
0px; margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">According to its Security Bulletin =
Advance Notification for October 2009, Microsoft plans to release 13 =
security bulletins on Tuesday, October 13 (today) to address various =
vulnerabilities. Eight of the bulletins are rated critical, five are =
rated important. This is the largest number of bulletins Microsoft has =
issued at one time since it began its scheduled monthly security =
updates.</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">For details:</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; color: =
rgb(33, 81, 170); "><span style=3D"color: #000000"><</span><span =
style=3D"text-decoration: underline"><a =
href=3D"http://www.microsoft.com/technet/security/bulletin/ms09-oct.mspx">=
http://www.microsoft.com/technet/security/bulletin/ms09-oct.mspx</a></span=
><span style=3D"color: #000000">></span></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; min-height: 16px; =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; "> ---- Adobe =
----</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">Systems affected:</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div>
<ul style=3D"list-style-type: disc">
<li style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Adobe =
Reader</li>
<li style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Adobe =
Acrobat 9.1.3</li>
</ul><div style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: =
0px; margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">Adobe is warning that attackers are =
exploiting an unpatched flaw in Reader and Acrobat 9.1.3 that could =
allow them to take control of vulnerable computers. Adobe plans to issue =
a fix for the vulnerability on Tuesday, October 13. Attackers can =
exploit the flaw by tricking users into opening maliciously crafted PDF =
files. The limited targeted attacks affect users running the vulnerable =
programs on Windows machines.</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">For =
details:</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; color: rgb(33, 81, 170); "><span style=3D"color: =
#000000"><</span><span style=3D"text-decoration: underline"><a =
href=3D"http://blogs.adobe.com/psirt/2009/10/adobe_reader_and_acrobat_issu=
e_1.html">http://blogs.adobe.com/psirt/2009/10/adobe_reader_and_acrobat_is=
sue_1.html</a></span><span style=3D"color: =
#000000">></span></div><div style=3D"margin-top: 0px; margin-right: =
0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; min-height: 16px; =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; =
">-----------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">2. FBI =
Rounds Up Phishing Criminals</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; =
">-----------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">In one of the biggest international =
cybercrime cases, known as Operation Phish Phry, the FBI and Egyptian =
authorities managed to net 100 suspects involved in online banking =
fraud. Defendants are from California, Nevada and North Carolina, as =
well as Egypt. They face a maximum of 20 years in prison for bank fraud, =
aggravated identity theft, conspiracy to commit computer fraud, and =
domestic and international money laundering.</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">The phishing scheme used by the =
criminals siphoned at least $1.5 million from thousands of accounts =
belonging to Bank of America and Wells Fargo customers. </div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">The case reflects the disturbing =
growing trend of international crime groups recruiting skilled computer =
hackers with a common greed and willingness to victimize unsuspecting =
people. What makes the job of preventing these crimes difficult is the =
number of criminals who can get away with it and the amount of money =
they can make doing it. Hopefully the FBI and other international =
investigative groups will continue to successfully close in on these =
criminals and shut them down, but they still have a lot of work ahead of =
them.</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">Read the full story:</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; "><<a =
href=3D"http://www.informationweek.com/news/security/attacks/showArticle.j=
html?articleID=3D220301571">http://www.informationweek.com/news/security/a=
ttacks/showArticle.jhtml?articleID=3D220301571</a>></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
">---------------------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">3. =
Microsoft Blocks Hacked Hotmail Accounts</div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; =
">---------------------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">Microsoft has blocked access to all =
the Hotmail accounts that were recently compromised. Usernames and =
passwords for several thousand accounts were posted to the Internet last =
week. </div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">Microsoft has indicated it =
believes the data were obtained through a phishing attack, but a =
researcher says that because the attack also affected Gmail, Yahoo mail, =
and other accounts, and because so many accounts were compromised =
overall, it bears characteristics suggesting the data were stolen =
through surreptitiously installed keystroke logging =
programs. </div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">It was also found that many of =
the accounts had weak passwords. The most popular password was "123456" =
for example.</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">Read the full story:</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; "><<a =
href=3D"http://www.informationweek.com/news/security/attacks/showArticle.j=
html?articleID=3D220301340">http://www.informationweek.com/news/security/a=
ttacks/showArticle.jhtml?articleID=3D220301340</a>></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; "><<a =
href=3D"http://www.darkreading.com/security/vulnerabilities/showArticle.jh=
tml?articleID=3D220301344">http://www.darkreading.com/security/vulnerabili=
ties/showArticle.jhtml?articleID=3D220301344</a>></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
">----------------------------------------</div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">4. Is Phishing Really =
Declining?</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; ">----------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">The two stories above seem to be a =
clear indication that phishing attacks are still happening in full =
force.</div><p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px =
Arial; min-height: 16.0px"> <br =
class=3D"webkit-block-placeholder"></p><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">Recent reports by IBM and Symantec =
claimed phishing attacks are decreasing. But according to the CEO of =
PacketFocus, Joshua Perrymon, "Phishing attacks are not on the decline. =
Phishing attacks are definitely on the rise and will continue to be a =
problem. One issue is that people don't know that they are being =
phished, so most of the reports will not reflect all the =
attacks."</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">Can you recognize a phishing =
attack? Test your skills with these 2 games:</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; "><<a =
href=3D"http://www.onguardonline.gov/games/phishing-scams.aspx">http://www=
.onguardonline.gov/games/phishing-scams.aspx</a>> (this link goes to =
an auto-play enabled embedded video)</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; "><<a =
href=3D"http://cups.cs.cmu.edu/antiphishing_phil/new/index.html">http://cu=
ps.cs.cmu.edu/antiphishing_phil/new/index.html</a>></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">Or with this quiz:</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; "><<a =
href=3D"http://www.sonicwall.com/phishing/">http://www.sonicwall.com/phish=
ing/</a>></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; =
">=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">Find current and older issues =
of Security FYI Newsletter: <<a =
href=3D"http://kb.mit.edu/confluence/x/ehBB"><span =
style=3D"text-decoration: underline ; color: =
#2151aa">http://kb.mit.edu/confluence/x/ehBB</span></a>></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; "><br></div><div apple-content-edited=3D"true"><span =
class=3D"Apple-style-span" style=3D"border-collapse: separate; color: =
rgb(0, 0, 0); font-family: Calibri; font-size: medium; font-style: =
normal; font-variant: normal; font-weight: normal; letter-spacing: =
normal; line-height: normal; orphans: 2; text-align: auto; text-indent: =
0px; text-transform: none; white-space: normal; widows: 2; word-spacing: =
0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Calibri; font-size: medium; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><div><span class=3D"Apple-style-span" =
style=3D"font-size: 14px; "><div>Monique Yeaton</div><div>IT Security =
Awareness Consultant</div><div>MIT Information Services & Technology =
(IS&T)</div><div>(617) 253-2715</div><div><a =
href=3D"http://ist.mit.edu/security">http://ist.mit.edu/security</a></div>=
<div>=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D</div></span></div><div><br></div><div><font =
class=3D"Apple-style-span" size=3D"4"><span class=3D"Apple-style-span" =
style=3D"font-size: 14px; "><font class=3D"Apple-style-span" =
color=3D"#FF3C1B">October is National Cybersecurity Awareness =
Month. </font></span></font></div><div><font =
class=3D"Apple-style-span" size=3D"4"><span class=3D"Apple-style-span" =
style=3D"font-size: 14px; "><font class=3D"Apple-style-span" =
color=3D"#FF3C1B">Stay Safe =
Online! </font></span></font></div><div><font =
class=3D"Apple-style-span" size=3D"4"><span class=3D"Apple-style-span" =
style=3D"font-size: 14px; "><font class=3D"Apple-style-span" =
color=3D"#FF3C1B">Visit</font></span></font><span =
class=3D"Apple-converted-space"><font class=3D"Apple-style-span" =
size=3D"4"><span class=3D"Apple-style-span" style=3D"font-size: 14px; =
"><font class=3D"Apple-style-span" =
color=3D"#FF3C1B"> </font></span></font></span><a class=3D"external" =
title=3D"Link leaves federal government web domain." =
href=3D"http://www.staysafeoneline.org" a=3D"a"><font =
class=3D"Apple-style-span" size=3D"4"><span class=3D"Apple-style-span" =
style=3D"font-size: 14px; "><font class=3D"Apple-style-span" =
color=3D"#FF3C1B">http://www.staysafeoneline.org</font></span></font></a><=
span class=3D"Apple-converted-space"><font class=3D"Apple-style-span" =
size=3D"4"><span class=3D"Apple-style-span" style=3D"font-size: 14px; =
"><font class=3D"Apple-style-span" =
color=3D"#FF3C1B"> </font></span></font></span><font =
class=3D"Apple-style-span" size=3D"4"><span class=3D"Apple-style-span" =
style=3D"font-size: 14px; "><font class=3D"Apple-style-span" =
color=3D"#FF3C1B">for the latest cybersecurity =
tips.</font></span></font></div></div></span></div></span> =
</div><br></body></html>=
--Apple-Mail-17-119116362--
--Apple-Mail-18-119116421
Content-Disposition: attachment;
filename=smime.p7s
Content-Type: application/pkcs7-signature;
name=smime.p7s
Content-Transfer-Encoding: base64
MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIDwjCCA74w
ggMnoAMCAQICEQCgVkmJt2RPZFjUToeFtLUNMA0GCSqGSIb3DQEBBQUAMGwxCzAJBgNVBAYTAlVT
MRYwFAYDVQQIEw1NYXNzYWNodXNldHRzMS4wLAYDVQQKEyVNYXNzYWNodXNldHRzIEluc3RpdHV0
ZSBvZiBUZWNobm9sb2d5MRUwEwYDVQQLEwxDbGllbnQgQ0EgdjEwHhcNMDkwNzA3MTkwNzQ1WhcN
MTAwNzMxMTkwNzQ1WjCBpTELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMxLjAs
BgNVBAoTJU1hc3NhY2h1c2V0dHMgSW5zdGl0dXRlIG9mIFRlY2hub2xvZ3kxFTATBgNVBAsTDENs
aWVudCBDQSB2MTEXMBUGA1UEAxMOTW9uaXF1ZSBZZWF0b24xHjAcBgkqhkiG9w0BCQEWD215ZWF0
b25ATUlULkVEVTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL5YyEmHtimNf2l9Swh7
azen1VDYTAHPef/hu8pDiEdf51i6i/1uiI7RCvzmGt8SRR3gwx1MuJt3TCKKX7kedPK8owWHRDO1
SQTG+RJHEKa8IeG/7Fk8kXFJqBYbk5sA8YOQOwmlG2x5ssMhfoPAxc44rh9tk4VfDgASGZXQITa+
8SwLG2JSFgUlnvEJAOrw8XRXRX78mgPwkydJQNhfK+ikYm2JtyqM5cSwgLxHh0XldWAI7P4csM79
LQcG4HQZRmTCVeMuy67KgNjtg/94O5AfwLkbP6hwvqsDsfr8aTwhbrhkayJnvXeY0L2X4i9AasVP
aAC4apVYBbIQr5mW4S8CAwEAAaOBoTCBnjAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIFoDAd
BgNVHSUEFjAUBggrBgEFBQcDBAYIKwYBBQUHAwIwCwYDVR0PBAQDAgXgMB0GA1UdDgQWBBRfbDIy
HJrY3A0bf+451r8D8oZXGjAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY2EubWl0LmVkdS9jYS9t
aXRjbGllbnQuY3JsMA0GCSqGSIb3DQEBBQUAA4GBAIa1unH8mI8xbBDdr0Iqub03tHeb4/VWpsPq
GmhYH9vXRI6x7B+dAIwghm4gKo9y4d8qlgcx+1sLjRQ8DkZcXacX52a1eb1qYzXhzNGkxp4EEZIq
xYCHWJRYuitl+cpqVbS0Dxh/+gC5KL4LkMRJjQ6kP1ns99bdK132BxmyNX1+MYIDNjCCAzICAQEw
gYEwbDELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMxLjAsBgNVBAoTJU1hc3Nh
Y2h1c2V0dHMgSW5zdGl0dXRlIG9mIFRlY2hub2xvZ3kxFTATBgNVBAsTDENsaWVudCBDQSB2MQIR
AKBWSYm3ZE9kWNROh4W0tQ0wCQYFKw4DAhoFAKCCAYkwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEH
ATAcBgkqhkiG9w0BCQUxDxcNMDkxMDEzMTYzNTA3WjAjBgkqhkiG9w0BCQQxFgQUOSfUgIf11ahe
GuVXUs7KL/xlL3AwgZIGCSsGAQQBgjcQBDGBhDCBgTBsMQswCQYDVQQGEwJVUzEWMBQGA1UECBMN
TWFzc2FjaHVzZXR0czEuMCwGA1UEChMlTWFzc2FjaHVzZXR0cyBJbnN0aXR1dGUgb2YgVGVjaG5v
bG9neTEVMBMGA1UECxMMQ2xpZW50IENBIHYxAhEAoFZJibdkT2RY1E6HhbS1DTCBlAYLKoZIhvcN
AQkQAgsxgYSggYEwbDELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMxLjAsBgNV
BAoTJU1hc3NhY2h1c2V0dHMgSW5zdGl0dXRlIG9mIFRlY2hub2xvZ3kxFTATBgNVBAsTDENsaWVu
dCBDQSB2MQIRAKBWSYm3ZE9kWNROh4W0tQ0wDQYJKoZIhvcNAQEBBQAEggEAh19krAfBlORXgrd+
WoBHflCQg5H6YQLNt2utgYSVWLivGiCa+Jg+LIVLKhfUL/BGml5XD4sWFgDDDh9DWSdzD8AKUO1o
ki4ziIKQAHnyW5+YKdwaDwiehlr2+y6mhPD69+MMSrCwTGABdOOLP8ER7Q+JM3mKbhx5jMSZ1D4Z
SRmYRjJwjoPWOrHtb9eFpBpVXaWyBi1WAe9hcGszhX4LJebkLUJz+GhyDEaqLnSlHZXnN3nxUQHO
lFAsE4z9go9F4254IQ+fcBEk0xd8ZFf26USyuh/mZL3zygAOg7qUu6HktmCqDp6gcYBXLfVdT4Yd
O732n+yfdbotW5IHL05kVAAAAAAAAA==
--Apple-Mail-18-119116421--
--===============1982928413==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
ist-security-fyi mailing list
ist-security-fyi@mit.edu
To Unsubscribe http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
--===============1982928413==--
