[2198] in Security FYI
[IS&T Security-FYI] SFYI Newsletter, February 22, 2010
daemon@ATHENA.MIT.EDU (Monique Yeaton)
Mon Feb 22 12:51:45 2010
Message-Id: <ECCF8C5E-ECCD-40DF-8B64-BA26AA24C362@mit.edu>
From: Monique Yeaton <myeaton@MIT.EDU>
To: ist-security-fyi@MIT.EDU
Mime-Version: 1.0 (Apple Message framework v936)
Date: Mon, 22 Feb 2010 12:50:56 -0500
Cc: itss@MIT.EDU
Content-Type: multipart/mixed; boundary="===============1118537600=="
Errors-To: ist-security-fyi-bounces@MIT.EDU
--===============1118537600==
Content-Type: multipart/signed; boundary=Apple-Mail-92-791047778; micalg=sha1;
protocol="application/pkcs7-signature"
--Apple-Mail-92-791047778
Content-Type: multipart/alternative;
boundary=Apple-Mail-91-791047721
--Apple-Mail-91-791047721
Content-Type: text/plain;
charset=US-ASCII;
format=flowed;
delsp=yes
Content-Transfer-Encoding: 7bit
In this issue:
1. Adobe Issues Out-of-Cycle Update
2. Move Over Confickr, Kneber is Here!
3. Tip of the Week: Website Security
-----------------------------------------------
1. Adobe Issues Out-of-Cycle Update
-----------------------------------------------
Adobe issued an out-of-cycle security update last week for Reader and
Acrobat. Systems affected:
Adobe Reader 9.3 and earlier versions for Windows, Macintosh, and UNIX
Adobe Acrobat 9.3 and earlier versions for Windows and Macintosh
Version 9.3.1 of the programs addresses a pair of critical
vulnerabilities. One of the flaws is the same as the vulnerability
Adobe recently patched in Flash; it could allow unauthorized cross-
domain requests. The other flaw could be exploited to crash vulnerable
computers and possible allow attackers to gain control of the machines.
Adobe has also released version 8.2.1 to address the vulnerabilities
for users who are unable to update to version 9.x.
Read more here:
http://www.adobe.com/support/security/bulletins/apsb10-07.html
[Source: SANS]
--------------------------------------------------
2. Move Over Confickr, Kneber is Here!
--------------------------------------------------
Remember the Confickr worm, the worm that was to take over the cyber
world last April? Well, a new threat is here. ("Actually it's not so
new," says a Symantec spokesperson. "Kneber is the same as the ZeuS
bot, which Symantec has been monitoring for a while now.")
The Kneber botnet [http://en.wikipedia.org/wiki/Botnet] has reportedly
breached nearly 75,000 computers at 374 US companies and government
organizations, with the goal of harvesting login credentials for
online financial accounts, social networking sites, and email systems.
The compromised systems include those at some commercial enterprises
such as Merck (a pharmaceutical company) and Paramount Pictures.
Computers with up-to-date security software should already be
protected from this threat, but users should not depend on malware
protection alone. "There are 'less technical ways' to detect the
botnet," Johannes Ullrich, chief research officer for the SANS
Institute, says. "For example, the bot may inject additional pages
into online banking login screens. If the user is all of a sudden
asked for a secret question, Social Security number or other unusual
items during the login process, abort the login, and call your bank or
try the login from another computer."
Read the full story here:
http://www.msnbc.msn.com/id/35456838/ns/technology_and_science-security/
http://www.computerworld.com/s/article/9158778/Kneber_botnet_hit_374_U.S._firms_gov_t_agencies
----------------------------------------------
3. Tip of the Week: Website Security
----------------------------------------------
If your browser questions a website's security, stop, think, and verify.
When visiting the "https" secure sites of banks and online shopping
retailers, you may see an onscreen warning, such as "There is a
problem with the website's security certificate" or "Secure Connection
Failed." Don't just click to continue or to make an exception. The
warning may only indicate that there is a harmless temporary problem
with the site or with the network. But it can also mean that the site
is bogus or has been compromised by hackers, and someone is listening
in on your conversation with your bank or retailer.
Be smart. Contact your bank or retailer by phone to find out if they
know about a problem with their website or the network. Don't be the
next victim of fraud.
=
=
=
========================================================================
Find current and older issues of Security FYI Newsletter: <http://kb.mit.edu/confluence/x/ehBB
>
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
---------------------------------------
Important: DO NOT GIVE OUT YOUR PASSWORDS, SSN, OR OTHER PERSONAL
INFORMATION!
Ignore emails asking you to provide yours. MIT will *NEVER* ask you
for this information through email.
--Apple-Mail-91-791047721
Content-Type: text/html;
charset=US-ASCII
Content-Transfer-Encoding: quoted-printable
<html><body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; =
-webkit-line-break: after-white-space; "><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; ">In =
this issue:</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">1. =
Adobe Issues Out-of-Cycle Update</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; ">2. Move Over Confickr, Kneber is =
Here!</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; ">3. Tip of the Week: Website Security</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
">-----------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">1. =
Adobe Issues Out-of-Cycle Update</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; =
">-----------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">Adobe issued an out-of-cycle security =
update last week for Reader and Acrobat. Systems affected:</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div>
<ul style=3D"list-style-type: disc">
<li style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Adobe =
Reader 9.3 and earlier versions for Windows, Macintosh, and UNIX</li>
<li style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Adobe =
Acrobat 9.3 and earlier versions for Windows and Macintosh</li>
</ul><div style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: =
0px; margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">Version 9.3.1 of the programs =
addresses a pair of critical vulnerabilities. One of the flaws is the =
same as the vulnerability Adobe recently patched in Flash; it could =
allow unauthorized cross-domain requests. The other flaw could be =
exploited to crash vulnerable computers and possible allow attackers to =
gain control of the machines.</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">Adobe =
has also released version 8.2.1 to address the vulnerabilities for users =
who are unable to update to version 9.x.</div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; min-height: 16px; =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; ">Read more here:</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; "><a =
href=3D"http://www.adobe.com/support/security/bulletins/apsb10-07.html">ht=
tp://www.adobe.com/support/security/bulletins/apsb10-07.html</a></div><div=
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">[Source: SANS]</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
">--------------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; ">2. =
Move Over Confickr, Kneber is Here!</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; =
">--------------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; ">Remember the Confickr worm, the =
worm that was to take over the cyber world last April? Well, a new =
threat is here. ("Actually it's not so new," says a Symantec =
spokesperson. "Kneber is the same as the ZeuS bot, which Symantec has =
been monitoring for a while now.")</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
">The Kneber botnet [<a =
href=3D"http://en.wikipedia.org/wiki/Botnet">http://en.wikipedia.org/wiki/=
Botnet</a>] has reportedly breached nearly 75,000 computers at 374 US =
companies and government organizations, with the goal of harvesting =
login credentials for online financial accounts, social networking =
sites, and email systems. The compromised systems include those at some =
commercial enterprises such as Merck (a pharmaceutical company) and =
Paramount Pictures. </div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; "><span =
style=3D"font: 14.0px Helvetica">Computers with up-to-date security =
software should already be protected from this threat, but users should =
not depend on malware protectio</span>n alone. "There are 'less =
technical ways' to detect the botnet," Johannes Ullrich, chief research =
officer for the SANS Institute, says. "For example, the bot may inject =
additional pages into online banking login screens. If the user is all =
of a sudden asked for a secret question, Social Security number or other =
unusual items during the login process, abort the login, and call your =
bank or try the login from another computer." </div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; ">Read the full story =
here:</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; "><a =
href=3D"http://www.msnbc.msn.com/id/35456838/ns/technology_and_science-sec=
urity/">http://www.msnbc.msn.com/id/35456838/ns/technology_and_science-sec=
urity/</a></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; "><a =
href=3D"http://www.computerworld.com/s/article/9158778/Kneber_botnet_hit_3=
74_U.S._firms_gov_t_agencies">http://www.computerworld.com/s/article/91587=
78/Kneber_botnet_hit_374_U.S._firms_gov_t_agencies</a></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; min-height: 16px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
">----------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; ">3. Tip =
of the Week: Website Security</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; =
">----------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><p style=3D"margin: 0.0px 0.0px 14.0px =
0.0px; font: 14.0px Arial">If your browser questions a website's =
security, stop, think, and verify.</p><p style=3D"margin: 0.0px 0.0px =
12.0px 0.0px; font: 14.0px Arial">When visiting the "https" secure sites =
of banks and online shopping retailers, you may see an onscreen warning, =
such as "There is a problem with the website's security certificate" or =
"Secure Connection Failed." Don't just click to continue or to make an =
exception. The warning may only indicate that there is a harmless =
temporary problem with the site or with the network. But it can also =
mean that the site is bogus or has been compromised by hackers, and =
someone is listening in on your conversation with your bank or =
retailer.</p><p style=3D"margin: 0.0px 0.0px 12.0px 0.0px; font: 14.0px =
Arial">Be smart. Contact your bank or retailer by phone to find out if =
they know about a problem with their website or the network. Don't be =
the next victim of fraud.</p><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; =
">=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">Find current and older issues =
of Security FYI Newsletter: <<a =
href=3D"http://kb.mit.edu/confluence/x/ehBB"><span =
style=3D"text-decoration: underline ; color: =
#2151aa">http://kb.mit.edu/confluence/x/ehBB</span></a>></div><div><fon=
t class=3D"Apple-style-span" face=3D"Arial"><br></font></div><div =
apple-content-edited=3D"true"><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Calibri; font-size: medium; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-align: auto; text-indent: 0px; text-transform: none; =
white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Calibri; font-size: medium; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Calibri; font-size: medium; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; "><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Calibri; font-size: 14px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; =
widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; =
"><div><div><div><div><div><div><div><div><div><div><div><span =
class=3D"Apple-style-span" style=3D"font-size: =
medium;"><br></span><div>Monique Yeaton</div><div>IT Security Awareness =
Consultant</div><div>MIT Information Services & Technology =
(IS&T)</div><div>(617) 253-2715</div><div><a =
href=3D"http://ist.mit.edu/security">http://ist.mit.edu/security</a></div>=
</div><div><br></div><div>---------------------------------------</div><di=
v><div><font class=3D"Apple-style-span" color=3D"#FF0000">Important: DO =
NOT GIVE OUT YOUR PASSWORDS, SSN, OR OTHER PERSONAL =
INFORMATION! </font></div><div><font class=3D"Apple-style-span" =
color=3D"#FF0000">Ignore emails asking you to provide yours. MIT will =
*NEVER* ask you for this information through =
email. </font></div></div></div></div></div></div></div></div></div><=
/div></div></div></div></span></div></span></div></span></div></span> =
</div><br></body></html>=
--Apple-Mail-91-791047721--
--Apple-Mail-92-791047778
Content-Disposition: attachment;
filename=smime.p7s
Content-Type: application/pkcs7-signature;
name=smime.p7s
Content-Transfer-Encoding: base64
MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIDwjCCA74w
ggMnoAMCAQICEQCgVkmJt2RPZFjUToeFtLUNMA0GCSqGSIb3DQEBBQUAMGwxCzAJBgNVBAYTAlVT
MRYwFAYDVQQIEw1NYXNzYWNodXNldHRzMS4wLAYDVQQKEyVNYXNzYWNodXNldHRzIEluc3RpdHV0
ZSBvZiBUZWNobm9sb2d5MRUwEwYDVQQLEwxDbGllbnQgQ0EgdjEwHhcNMDkwNzA3MTkwNzQ1WhcN
MTAwNzMxMTkwNzQ1WjCBpTELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMxLjAs
BgNVBAoTJU1hc3NhY2h1c2V0dHMgSW5zdGl0dXRlIG9mIFRlY2hub2xvZ3kxFTATBgNVBAsTDENs
aWVudCBDQSB2MTEXMBUGA1UEAxMOTW9uaXF1ZSBZZWF0b24xHjAcBgkqhkiG9w0BCQEWD215ZWF0
b25ATUlULkVEVTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL5YyEmHtimNf2l9Swh7
azen1VDYTAHPef/hu8pDiEdf51i6i/1uiI7RCvzmGt8SRR3gwx1MuJt3TCKKX7kedPK8owWHRDO1
SQTG+RJHEKa8IeG/7Fk8kXFJqBYbk5sA8YOQOwmlG2x5ssMhfoPAxc44rh9tk4VfDgASGZXQITa+
8SwLG2JSFgUlnvEJAOrw8XRXRX78mgPwkydJQNhfK+ikYm2JtyqM5cSwgLxHh0XldWAI7P4csM79
LQcG4HQZRmTCVeMuy67KgNjtg/94O5AfwLkbP6hwvqsDsfr8aTwhbrhkayJnvXeY0L2X4i9AasVP
aAC4apVYBbIQr5mW4S8CAwEAAaOBoTCBnjAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIFoDAd
BgNVHSUEFjAUBggrBgEFBQcDBAYIKwYBBQUHAwIwCwYDVR0PBAQDAgXgMB0GA1UdDgQWBBRfbDIy
HJrY3A0bf+451r8D8oZXGjAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY2EubWl0LmVkdS9jYS9t
aXRjbGllbnQuY3JsMA0GCSqGSIb3DQEBBQUAA4GBAIa1unH8mI8xbBDdr0Iqub03tHeb4/VWpsPq
GmhYH9vXRI6x7B+dAIwghm4gKo9y4d8qlgcx+1sLjRQ8DkZcXacX52a1eb1qYzXhzNGkxp4EEZIq
xYCHWJRYuitl+cpqVbS0Dxh/+gC5KL4LkMRJjQ6kP1ns99bdK132BxmyNX1+MYIDNjCCAzICAQEw
gYEwbDELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMxLjAsBgNVBAoTJU1hc3Nh
Y2h1c2V0dHMgSW5zdGl0dXRlIG9mIFRlY2hub2xvZ3kxFTATBgNVBAsTDENsaWVudCBDQSB2MQIR
AKBWSYm3ZE9kWNROh4W0tQ0wCQYFKw4DAhoFAKCCAYkwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEH
ATAcBgkqhkiG9w0BCQUxDxcNMTAwMjIyMTc1MDU2WjAjBgkqhkiG9w0BCQQxFgQUhYehYl7dcaYu
IJ7n8cYElQQzQmYwgZIGCSsGAQQBgjcQBDGBhDCBgTBsMQswCQYDVQQGEwJVUzEWMBQGA1UECBMN
TWFzc2FjaHVzZXR0czEuMCwGA1UEChMlTWFzc2FjaHVzZXR0cyBJbnN0aXR1dGUgb2YgVGVjaG5v
bG9neTEVMBMGA1UECxMMQ2xpZW50IENBIHYxAhEAoFZJibdkT2RY1E6HhbS1DTCBlAYLKoZIhvcN
AQkQAgsxgYSggYEwbDELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMxLjAsBgNV
BAoTJU1hc3NhY2h1c2V0dHMgSW5zdGl0dXRlIG9mIFRlY2hub2xvZ3kxFTATBgNVBAsTDENsaWVu
dCBDQSB2MQIRAKBWSYm3ZE9kWNROh4W0tQ0wDQYJKoZIhvcNAQEBBQAEggEAcq+C5BSNHHVX+0ZM
tFRnvNe+K2NbaFIhq0yQiVgelLNb9yKEzl344IBCM2k1rTpkBGcHR2qzerWK0aQv2LLZG4mVUJKQ
fVekVEf+lmaU2/d5QwSBBOM8/wKO6Wr8q3swGq8c0v0g4cjI2Kxp1I6QQESEKLMhh2hzHqc87tJU
hdoECqjBdUMGqrTmCXSYMGb3L4e7kPjTlNKntM+N/f3kONUp9U95BwXwoCZN9eeI5eYYvpMMMe6b
BMED12ARI+gpG4+o4YePDuG7TX/El76RwaJ7o+IT2uDPwzj21R/TLOy+Nd7LHxachXrdVMviHRvC
47ZTjsSVi2mMMY/bBFsV5gAAAAAAAA==
--Apple-Mail-92-791047778--
--===============1118537600==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
ist-security-fyi mailing list
ist-security-fyi@mit.edu
To Unsubscribe http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
--===============1118537600==--
