[2387] in Security FYI
[IS&T Security-FYI] SFYI Newsletter, June 14, 2011
daemon@ATHENA.MIT.EDU (Monique Yeaton)
Tue Jun 14 13:36:31 2011
Resent-From: ist-security-fyi@mit.edu
From: Monique Yeaton <myeaton@mit.edu>
To: ist-security-fyi <ist-security-fyi@mit.edu>
Date: Tue, 14 Jun 2011 13:35:28 -0400
Message-ID: <CA1D1420.17BFC%myeaton@exchange.mit.edu>
Content-Language: en-US
MIME-Version: 1.0
Cc: "itss@mit.edu" <itss@mit.edu>
Content-Type: multipart/mixed; boundary="===============0874937236=="
Errors-To: ist-security-fyi-bounces@mit.edu
--===============0874937236==
Content-Language: en-US
Content-Type: multipart/alternative;
boundary="_000_CA1D142017BFCmyeatonexchangemitedu_"
--_000_CA1D142017BFCmyeatonexchangemitedu_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
In this issue:
1. Adobe Releases Fix for Zero-Day Flash Flaw
2. The SecurID Compromise
3. Many Mobile Apps Less Than Secure
-------------------------------------------------------------
1. Adobe Releases Fix for Zero-Day Flash Flaw
-------------------------------------------------------------
Adobe has released an out-of-band fix for a zero-day vulnerability in its F=
lash Player. The cross-site scripting (XSS) flaw affects Flash Player versi=
ons 10.3.181.16 and earlier on Windows, Mac, Linux and Solaris and versions=
10.3.185.22 and earlier for Android. A fix has already been pushed out to =
address the Flash flaw in Google's Chrome browser.
The flaw could be exploited "to take action on a user's behalf on any websi=
te or webmail provider" by tricking users into clicking on malicious links =
in email messages. Adobe is still investigating whether or not the vulnerab=
ility affects Reader and Acrobat. The flaw is reportedly being actively exp=
loited against Gmail users.
You can find out which Flash Player version you have installed here: <http:=
//www.adobe.com/software/flash/about/>
Get the newest Flash Player at: <http://get.adobe.com/flashplayer/>
Read the story in the news:
<http://www.informationweek.com/news/security/app-security/229900192>
<http://www.computerworld.com/s/article/9217346/Hackers_exploit_Flash_bug_i=
n_new_attacks_against_Gmail_users>
-------------------------------------
2. The SecurID Compromise
-------------------------------------
RSA Security will be replacing the 40 million SecurID tokens currently in u=
se as a result of a reported attack on RSA last March. The company recently=
sent a letter to customers acknowledging that SecurID failed to protect de=
fense contractor Lockheed Martin and several other clients as a result of t=
he attack.
SecurID tokens are used in two-factor authentication systems. Two-factor au=
thentication has been considered by many to be the gold standard for secure=
IT access. The idea is that you must have two things, something you have (=
such as a token) and something you know (such as a password). Many companie=
s, for example, require a smart card with an imbedded identity chip to be i=
nserted into a card reader. When the card is inserted, you're prompted for =
your password.
SecurID is a token that you don't have to insert. It will present a number =
to the user that changes every 30 seconds. The algorithm that matches the n=
umber to the token may be part of what was stolen from RSA's data systems. =
The thieves now have one of the two factors figured out, so if you have a w=
eak password as the second factor, the thieves will be able to penetrate yo=
ur secure system.
Do you have a strong password? <http://kb.mit.edu/confluence/x/3wNt>
Read the story in the news:
<http://arstechnica.com/security/news/2011/06/rsa-finally-comes-clean-secur=
id-is-compromised.ars>
---------------------------------------------------
3. Many Mobile Apps Less Than Secure
---------------------------------------------------
An article on HuffingtonPost says that "computer security firm viaForensics=
recently found that top apps for Android and iPhone devices may leave cust=
omer data exposed to hackers." Chief Investigating Officer of viaForensics =
notes "Security is not a priority of app developers."
The article goes on to say that certain software often stores sensitive use=
r data in unencrypted, readable files on mobile devices. Among the list of =
offenders are Foursquare, LinkedIn and Netflix. More troubling is the app S=
quare, which processes a transaction after the user has swiped his credit c=
ard through a dongle that attaches to the phone. According to viaForensics,=
the iPhone version of the app safely stores passwords but fails to securel=
y store the data of credit card numbers and user names.
For those who use such devices, I would recommend making sure you have a pa=
sscode and data protection enabled. You can find out how to secure your dev=
ice using the MIT Mobile Device Ninja page: <http://kb.mit.edu/confluence/x=
/XQdS>.
Read the full story on HuffingtonPost:
<http://www.huffingtonpost.com/2011/06/08/app-security-viaforensics-netflix=
-square_n_873349.html>
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Read all Security FYI Newsletter articles online at http://securityfyi.word=
press.com/.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
--_000_CA1D142017BFCmyeatonexchangemitedu_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<html><head></head><body style=3D"word-wrap: break-word; -webkit-nbsp-mode:=
space; -webkit-line-break: after-white-space; color: rgb(0, 0, 0); font-si=
ze: 14px; font-family: Calibri, sans-serif; "><div><div><div><p style=3D"ma=
rgin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br>=
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">In this is=
sue:</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">1. Adobe R=
eleases Fix for Zero-Day Flash Flaw</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">2. The Sec=
urID Compromise</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">3. Many Mo=
bile Apps Less Than Secure</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">----------=
---------------------------------------------------</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">1. Adobe R=
eleases Fix for Zero-Day Flash Flaw</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">----------=
---------------------------------------------------</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Adobe has =
released an out-of-band fix for a zero-day vulnerability in its Flash Playe=
r. The cross-site scripting (XSS) flaw affects Flash Player versions 10.3.1=
81.16 and earlier on Windows, Mac, Linux and Solaris and versions 10.3.185.=
22 and earlier for Android. A fix has already been pushed out to address th=
e Flash flaw in Google's Chrome browser. </p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">The flaw c=
ould be exploited "to take action on a user's behalf on any website or webm=
ail provider" by tricking users into clicking on malicious links in email m=
essages. Adobe is still investigating whether or not the vulnerability affe=
cts Reader and Acrobat. The flaw is reportedly being actively exploited aga=
inst Gmail users.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">You can fi=
nd out which Flash Player version you have installed here: <http://www.a=
dobe.com/software/flash/about/></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Get the ne=
west Flash Player at: <http://get.adobe.com/flashplayer/></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Read the s=
tory in the news: </p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial"><http:/=
/www.informationweek.com/news/security/app-security/229900192></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial"><http:/=
/www.computerworld.com/s/article/9217346/Hackers_exploit_Flash_bug_in_new_a=
ttacks_against_Gmail_users></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">----------=
---------------------------</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">2. The Sec=
urID Compromise</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">----------=
---------------------------</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">RSA Securi=
ty will be replacing the 40 million SecurID tokens currently in use as a re=
sult of a reported attack on RSA last March. The company recently sent a le=
tter to customers acknowledging that SecurID failed to protect defense cont=
ractor Lockheed Martin and several other clients as a result of the attack.=
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">SecurID to=
kens are used in two-factor authentication systems. Two-factor authenticati=
on has been considered by many to be the gold standard for secure IT access=
. The idea is that you must have two things, something you have (such as a =
token) and something you know (such as a password). Many companies, for exa=
mple, require a smart card with an imbedded identity chip to be inserted in=
to a card reader. When the card is inserted, you're prompted for your passw=
ord.</p><p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; mi=
n-height: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">SecurID is=
a token that you don't have to insert. It will present a number to the use=
r that changes every 30 seconds. The algorithm that matches the number to t=
he token may be part of what was stolen from RSA's data systems. The thieve=
s now have one of the two factors figured out, so if you have a weak passwo=
rd as the second factor, the thieves will be able to penetrate your secure =
system.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Do you hav=
e a strong password? <http://kb.mit.edu/confluence/x/3wNt></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Read the s=
tory in the news: </p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial"><http:/=
/arstechnica.com/security/news/2011/06/rsa-finally-comes-clean-securid-is-c=
ompromised.ars></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">----------=
-----------------------------------------</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">3. Many Mo=
bile Apps Less Than Secure</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">----------=
-----------------------------------------</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">An article=
on HuffingtonPost says that "computer security firm viaForensics recently =
found that top apps for Android and iPhone devices may leave customer data =
exposed to hackers." Chief Investigating Officer of viaForensics notes "Sec=
urity is not a priority of app developers."</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">The articl=
e goes on to say that certain software often stores sensitive user data in =
unencrypted, readable files on mobile devices. Among the list of offenders =
are Foursquare, LinkedIn and Netflix. More troubling is the app Square, whi=
ch processes a transaction after the user has swiped his credit card throug=
h a dongle that attaches to the phone. According to viaForensics, the iPhon=
e version of the app safely stores passwords but fails to securely store th=
e data of credit card numbers and user names.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">For those =
who use such devices, I would recommend making sure you have a passcode and=
data protection enabled. You can find out how to secure your device using =
the MIT Mobile Device Ninja page: <http://kb.mit.edu/confluence/x/XQdS&g=
t;.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Read the f=
ull story on HuffingtonPost: </p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial"><http:/=
/www.huffingtonpost.com/2011/06/08/app-security-viaforensics-netflix-square=
_n_873349.html></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Read all S=
ecurity FYI Newsletter articles online at http://securityfyi.wordpress.com/=
.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p></div><div><div style=3D"word-wrap: break-word; -webkit-n=
bsp-mode: space; -webkit-line-break: after-white-space; font-family: Helvet=
ica; "><span class=3D"Apple-style-span" style=3D"border-collapse: separate;=
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0=
px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-styl=
e: normal; font-variant: normal; font-weight: normal; letter-spacing: norma=
l; line-height: normal; -webkit-text-decorations-in-effect: none; text-inde=
nt: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; =
white-space: normal; widows: 2; word-spacing: 0px; "><span class=3D"Apple-s=
tyle-span" style=3D"border-collapse: separate; -webkit-border-horizontal-sp=
acing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font=
-family: Helvetica; font-size: 14px; font-style: normal; font-variant: norm=
al; font-weight: normal; letter-spacing: normal; line-height: normal; -webk=
it-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-ad=
just: auto; text-transform: none; orphans: 2; white-space: normal; widows: =
2; word-spacing: 0px; "><span class=3D"Apple-style-span" style=3D"border-co=
llapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-ve=
rtical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size=
: 14px; font-style: normal; font-variant: normal; font-weight: normal; lett=
er-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect=
: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: n=
one; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span=
class=3D"Apple-style-span" style=3D"border-collapse: separate; -webkit-bor=
der-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: r=
gb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; f=
ont-variant: normal; font-weight: normal; letter-spacing: normal; line-heig=
ht: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -we=
bkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space:=
normal; widows: 2; word-spacing: 0px; "><span class=3D"Apple-style-span" s=
tyle=3D"border-collapse: separate; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Hel=
vetica; font-size: 14px; font-style: normal; font-variant: normal; font-wei=
ght: normal; letter-spacing: normal; line-height: normal; -webkit-text-deco=
rations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; =
text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spac=
ing: 0px; "><span class=3D"Apple-style-span" style=3D"border-collapse: sepa=
rate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spaci=
ng: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font=
-style: normal; font-variant: normal; font-weight: normal; letter-spacing: =
normal; line-height: normal; -webkit-text-decorations-in-effect: none; text=
-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans=
: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class=3D"Ap=
ple-style-span" style=3D"border-collapse: separate; -webkit-border-horizont=
al-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0);=
font-family: Helvetica; font-size: 12px; font-style: normal; font-variant:=
normal; font-weight: normal; letter-spacing: normal; line-height: normal; =
-webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-si=
ze-adjust: auto; text-transform: none; orphans: 2; white-space: normal; wid=
ows: 2; word-spacing: 0px; "><div style=3D"font-size: 12px; "><span class=
=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=3D"Apple-styl=
e-span" style=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=
=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-size:=
12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12px; "><span=
class=3D"Apple-style-span" style=3D"font-size: 12px; ">Monique Yeaton</spa=
n></span></span></span></span></span></div><div style=3D"font-size: 12px; "=
><span class=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=
=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=3D"Apple-styl=
e-span" style=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=
=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-size:=
12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12px; ">IT Se=
curity Communications Consultant</span></span></span></span></span></span><=
/div><div style=3D"font-size: 12px; "><span class=3D"Apple-style-span" styl=
e=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-size=
: 12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12px; "><spa=
n class=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=3D"App=
le-style-span" style=3D"font-size: 12px; "><span class=3D"Apple-style-span"=
style=3D"font-size: 12px; ">MIT Information Services & Technology (IS&=
amp;T)</span></span></span></span></span></span></div><div style=3D"font-si=
ze: 12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12px; "><s=
pan class=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=3D"A=
pple-style-span" style=3D"font-size: 12px; "><span class=3D"Apple-style-spa=
n" style=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=3D"fo=
nt-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12px;=
">(617) 253-2715</span></span></span></span></span></span></div><div style=
=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-size:=
12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12px; "><span=
class=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=3D"Appl=
e-style-span" style=3D"font-size: 12px; "><span class=3D"Apple-style-span" =
style=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-=
size: 12px; ">http://ist.mit.edu/security</span></span></span></span></span=
></span></div><div style=3D"font-size: 12px; "><br class=3D"khtml-block-pla=
ceholder"></div><br class=3D"Apple-interchange-newline"></span></span></spa=
n></span></span></span></span></div></div></div></div></body></html>
--_000_CA1D142017BFCmyeatonexchangemitedu_--
--===============0874937236==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
ist-security-fyi mailing list
ist-security-fyi@mit.edu
To Unsubscribe http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
--===============0874937236==--
