[2399] in Security FYI
[IS&T Security-FYI] SFYI Newsletter, August 29, 2011
daemon@ATHENA.MIT.EDU (Monique Yeaton)
Mon Aug 29 15:22:44 2011
From: Monique Yeaton <myeaton@mit.edu>
To: "ist-security-fyi@mit.edu" <ist-security-fyi@mit.edu>
Date: Mon, 29 Aug 2011 15:21:29 -0400
Message-ID: <CA815EF9.1B508%myeaton@exchange.mit.edu>
Content-Language: en-US
MIME-Version: 1.0
Cc: "itss@mit.edu" <itss@mit.edu>
Content-Type: multipart/mixed; boundary="===============1513491259=="
Errors-To: ist-security-fyi-bounces@mit.edu
--===============1513491259==
Content-Language: en-US
Content-Type: multipart/alternative;
boundary="_000_CA815EF91B508myeatonexchangemitedu_"
--_000_CA815EF91B508myeatonexchangemitedu_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
In this issue:
1. Apache Warns of Denial-of-Service Attack Vulnerability
2. Browsers with Updates
3. Security Breach at Yale Exposes 43,000 People's Data
4. Best Practices for Securing Your Home Network
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
1. Apache Warns of Denial-of-Service Attack Vulnerability
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
A warning has been issued to owners of websites powered by the Apache webse=
rver software of a vulnerability which can be exploited using a relatively =
low number of requests directed at the server to cause a Denial of Service =
condition. A tool to exploit the vulnerability called "Apache Killer" has =
been released onto the Internet.
The vulnerability was originally identified over four years ago and impacts=
servers running all versions in the 1.3 and 2.0 releases. A patch for the=
vulnerability should be released by the evening of August 26, but as relea=
se 1.3 is no longer supported, the patch will only apply to versions 2.0 an=
d 2.2.
Read the full story here:
<http://www.theregister.co.uk/2011/08/24/devastating_apache_vuln/>
or here:
<http://www.computerworld.com/s/article/9219471/Apache_warns_Web_server_adm=
ins_of_DoS_attack_tool>
Apache developers posted an official advisory:
<http://article.gmane.org/gmane.comp.apache.announce/58>
[Article source: SANS.org]
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
2. Browsers with Updates
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
On August 23, 2011, Google released Chrome 13.0.782.215 for Linux, Mac, Win=
dows, and Chrome Frame to address multiple vulnerabilities. These vulnerabi=
lities may allow an attacker to execute arbitrary code. US-CERT encourages =
users and administrators to review the Google Chrome Releases page and upda=
te to Chrome 13.0.782.215 to help mitigate the risks.
Google Chrome Releases: <http://googlechromereleases.blogspot.com/2011/08/s=
table-channel-update_22.html>
On August 17, 2011 Mozilla Released Firefox 6 and 3.6.20. The Mozilla Found=
ation has released Firefox 6 and Firefox 3.6.20 to address multiple vulnera=
bilities. These vulnerabilities may allow an attacker to execute arbitrary=
code, operate with escalated privileges, or obtain sensitive information. =
US-CERT encourages users and administrators to review the Mozilla Foundatio=
n Security Advisories for Firefox 6 and Firefox 3.6.20 and apply any necess=
ary updates to help mitigate the risks.
NOTE to MIT: IS&T is not yet supporting Firefox 6 and is in the process of =
testing IS&T supported applications to make sure they are compatible with t=
he newest version of Firefox. If you rely on MIT administrative browser-bas=
ed software, you are advised to WAIT to upgrade to Firefox 6.
Security Advisories for Firefox: <http://www.mozilla.org/security/known-vul=
nerabilities/firefox.html>
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
3. Security Breach at Yale Exposes 43,000 People's Data
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Yale University notified about 43,000 staff, students and alumni that their=
personal data, including their names and Social Security numbers, were pub=
licly available on a FTP server. The breach occurred when the sensitive pe=
rsonal data stored on the FTP server became publicly available after Google=
made changes in September 2010 regarding how its search engine indexes and=
finds FTP servers. Yale personnel were not aware of this change and disco=
vered the breach in June of this year.
The breach impacts anyone affiliated with Yale University in 1999. Yale ha=
s "secured" the file and Google has confirmed it no longer stores the data.
Read the full story:
<http://www.yaledailynews.com/news/2011/aug/17/yale-affiliates-ssns-were-se=
archable-google/>
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
4. Best Practices for Securing Your Home Network
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
The National Security Agency (NSA) just released a useful guide called "Bes=
t Practices for Securing Your Home Network" that goes beyond home networks =
and wireless to cover email and traveling with mobile devices and more. It=
's worth making copies and distributing to your co-workers and employees. =
What makes it particularly useful is that it reflects the real-world knowle=
dge of the NSA Blue Teams and Red Teams. On the back page are references to=
five additional guides: Social Networking, Defense Against Drive By Downlo=
ads, Defense Against Malicious E-mail Attachments, Mac OSX 10.6 Hardening T=
ips, and Data Execution Prevention.
You'll find it at the NSA web site:
<http://www.nsa.gov/ia/_files/factsheets/Best_Practices_Datasheets.pdf>
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D
Read all Security FYI Newsletter articles and submit comments online at htt=
p://securityfyi.wordpress.com/.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D
Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
--_000_CA815EF91B508myeatonexchangemitedu_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<html><head></head><body style=3D"word-wrap: break-word; -webkit-nbsp-mode:=
space; -webkit-line-break: after-white-space; color: rgb(0, 0, 0); font-si=
ze: 14px; font-family: Calibri, sans-serif; "><div><div><div><p style=3D"ma=
rgin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><p s=
tyle=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16=
.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">In this is=
sue:</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">1. Apache =
Warns of Denial-of-Service Attack Vulnerability</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">2. Browser=
s with Updates</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">3. Securit=
y Breach at Yale Exposes 43,000 People's Data</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">4. Best Pr=
actices for Securing Your Home Network</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">1. Apache =
Warns of Denial-of-Service Attack Vulnerability</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">A warning =
has been issued to owners of websites powered by the Apache webserver softw=
are of a vulnerability which can be exploited using a relatively low number=
of requests directed at the server to cause a Denial of Service condition.=
A tool to exploit the vulnerability called "Apache Killer" has =
been released onto the Internet. </p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">The vulner=
ability was originally identified over four years ago and impacts servers r=
unning all versions in the 1.3 and 2.0 releases. A patch for the=
vulnerability should be released by the evening of August 26, but as relea=
se 1.3 is no longer supported, the patch will only apply to versions 2.0 an=
d 2.2.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Read the f=
ull story here:</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial"><http:/=
/www.theregister.co.uk/2011/08/24/devastating_apache_vuln/></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">or here:</=
p><p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial"><http=
://www.computerworld.com/s/article/9219471/Apache_warns_Web_server_admins_o=
f_DoS_attack_tool></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Apache dev=
elopers posted an official advisory:</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial"><http:/=
/article.gmane.org/gmane.comp.apache.announce/58></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">[Article s=
ource: SANS.org]</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">2. Browser=
s with Updates</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">On August =
23, 2011, Google released Chrome 13.0.782.215 for Linux, Mac, Windows, and =
Chrome Frame to address multiple vulnerabilities. These vulnerabilitie=
s may allow an attacker to execute arbitrary code. US-CERT encourages users=
and administrators to review the Google Chrome Releases page and update to=
Chrome 13.0.782.215 to help mitigate the risks.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Google Chr=
ome Releases: <http://googlechromereleases.blogspot.com/2011/08/stable-c=
hannel-update_22.html></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">On August =
17, 2011 Mozilla Released Firefox 6 and 3.6.20. The Mozilla Foundation has =
released Firefox 6 and Firefox 3.6.20 to address multiple vulnerabilities.&=
nbsp; These vulnerabilities may allow an attacker to execute arbitrary code=
, operate with escalated privileges, or obtain sensitive information. =
US-CERT encourages users and administrators to review the Mozilla Foundatio=
n Security Advisories for Firefox 6 and Firefox 3.6.20 and apply any necess=
ary updates to help mitigate the risks.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">NOTE to MI=
T: IS&T is not yet supporting Firefox 6 and is in the process of testin=
g IS&T supported applications to make sure they are compatible with the=
newest version of Firefox. If you rely on MIT administrative browser-based=
software, you are advised to WAIT to upgrade to Firefox 6. </p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Security A=
dvisories for Firefox: <http://www.mozilla.org/security/known-vulnerabil=
ities/firefox.html></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">3. Securit=
y Breach at Yale Exposes 43,000 People's Data</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Yale Unive=
rsity notified about 43,000 staff, students and alumni that their personal =
data, including their names and Social Security numbers, were publicly avai=
lable on a FTP server. The breach occurred when the sensitive pe=
rsonal data stored on the FTP server became publicly available after Google=
made changes in September 2010 regarding how its search engine indexes and=
finds FTP servers. Yale personnel were not aware of this change=
and discovered the breach in June of this year.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">The breach=
impacts anyone affiliated with Yale University in 1999. Yale ha=
s "secured" the file and Google has confirmed it no longer stores the data.=
</p><p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-he=
ight: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Read the f=
ull story:</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial"><http:/=
/www.yaledailynews.com/news/2011/aug/17/yale-affiliates-ssns-were-searchabl=
e-google/></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">4. Best Pr=
actices for Securing Your Home Network</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">The Nation=
al Security Agency (NSA) just released a useful guide called "Best Practice=
s for Securing Your Home Network" that goes beyond home networks and wirele=
ss to cover email and traveling with mobile devices and more. It=
's worth making copies and distributing to your co-workers and employees.&n=
bsp; What makes it particularly useful is that it reflects the real-wo=
rld knowledge of the NSA Blue Teams and Red Teams. On the back page are ref=
erences to five additional guides: Social Networking, Defense Against Drive=
By Downloads, Defense Against Malicious E-mail Attachments, Mac OSX 10.6 H=
ardening Tips, and Data Execution Prevention. </p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">You'll fin=
d it at the NSA web site:</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial"><<a hre=
f=3D"http://www.nsa.gov/ia/_files/factsheets/Best_Practices_Datasheets.pdf"=
>http://www.nsa.gov/ia/_files/factsheets/Best_Practices_Datasheets.pdf</a>&=
gt;</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px"><br></p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Read all S=
ecurity FYI Newsletter articles and submit comments online at htt=
p://securityfyi.wordpress.com/.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D</p><div><div><span class=3D"Apple-style-span" style=3D"font=
-family: Helvetica; "><div style=3D"word-wrap: break-word; -webkit-nbsp-mod=
e: space; -webkit-line-break: after-white-space; "><span class=3D"Apple-sty=
le-span" style=3D"border-collapse: separate; -webkit-border-horizontal-spac=
ing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-f=
amily: Helvetica; font-size: 14px; font-style: normal; font-variant: normal=
; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit=
-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adju=
st: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2;=
word-spacing: 0px; "><span class=3D"Apple-style-span" style=3D"border-coll=
apse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vert=
ical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: =
14px; font-style: normal; font-variant: normal; font-weight: normal; letter=
-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: =
none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: non=
e; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span c=
lass=3D"Apple-style-span" style=3D"border-collapse: separate; -webkit-borde=
r-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb=
(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; fon=
t-variant: normal; font-weight: normal; letter-spacing: normal; line-height=
: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webk=
it-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: n=
ormal; widows: 2; word-spacing: 0px; "><span class=3D"Apple-style-span" sty=
le=3D"border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -w=
ebkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helve=
tica; font-size: 14px; font-style: normal; font-variant: normal; font-weigh=
t: normal; letter-spacing: normal; line-height: normal; -webkit-text-decora=
tions-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; te=
xt-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacin=
g: 0px; "><span class=3D"Apple-style-span" style=3D"border-collapse: separa=
te; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing=
: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-s=
tyle: normal; font-variant: normal; font-weight: normal; letter-spacing: no=
rmal; line-height: normal; -webkit-text-decorations-in-effect: none; text-i=
ndent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: =
2; white-space: normal; widows: 2; word-spacing: 0px; "><span class=3D"Appl=
e-style-span" style=3D"border-collapse: separate; -webkit-border-horizontal=
-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); f=
ont-family: Helvetica; font-size: 12px; font-style: normal; font-variant: n=
ormal; font-weight: normal; letter-spacing: normal; line-height: normal; -w=
ebkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size=
-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widow=
s: 2; word-spacing: 0px; "><span class=3D"Apple-style-span" style=3D"border=
-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border=
-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-s=
ize: 12px; font-style: normal; font-variant: normal; font-weight: normal; l=
etter-spacing: normal; line-height: normal; -webkit-text-decorations-in-eff=
ect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform=
: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><d=
iv style=3D"font-size: 12px; "><br></div><div style=3D"font-size: 12px; "><=
span class=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=3D"=
Apple-style-span" style=3D"font-size: 12px; "><span class=3D"Apple-style-sp=
an" style=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=3D"f=
ont-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12px=
; "><span class=3D"Apple-style-span" style=3D"font-size: 12px; ">Monique Ye=
aton</span></span></span></span></span></span></div><div style=3D"font-size=
: 12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12px; "><spa=
n class=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=3D"App=
le-style-span" style=3D"font-size: 12px; "><span class=3D"Apple-style-span"=
style=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=3D"font=
-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12px; "=
>IT Security Communications Consultant</span></span></span></span></span></=
span></div><div style=3D"font-size: 12px; "><span class=3D"Apple-style-span=
" style=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=3D"fon=
t-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12px; =
"><span class=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=
=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=3D"Apple-styl=
e-span" style=3D"font-size: 12px; ">MIT Information Services & Technolo=
gy (IS&T)</span></span></span></span></span></span></div><div style=3D"=
font-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12p=
x; "><span class=3D"Apple-style-span" style=3D"font-size: 12px; "><span cla=
ss=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=3D"Apple-st=
yle-span" style=3D"font-size: 12px; "><span class=3D"Apple-style-span" styl=
e=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-size=
: 12px; ">(617) 253-2715</span></span></span></span></span></span></div><di=
v style=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=3D"fon=
t-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12px; =
"><span class=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=
=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=3D"Apple-styl=
e-span" style=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=
=3D"font-size: 12px; ">http://ist.mit.edu/security</span></span></span></sp=
an></span></span></div><div style=3D"font-size: 12px; "><br class=3D"khtml-=
block-placeholder"></div><br class=3D"Apple-interchange-newline"></span></s=
pan></span></span></span></span></span></div></span></div></div></p></div><=
/div></div></body></html>
--_000_CA815EF91B508myeatonexchangemitedu_--
--===============1513491259==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
ist-security-fyi mailing list
ist-security-fyi@mit.edu
To Unsubscribe http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
--===============1513491259==--
