[2428] in Security FYI
[IS&T Security-FYI] SFYI Newsletter, March 6, 2012
daemon@ATHENA.MIT.EDU (Monique Yeaton)
Tue Mar 6 14:19:11 2012
From: Monique Yeaton <myeaton@mit.edu>
To: "ist-security-fyi@mit.edu" <ist-security-fyi@mit.edu>
Date: Tue, 6 Mar 2012 19:18:10 +0000
Message-ID: <CB7BCD21.24DAE%myeaton@exchange.mit.edu>
Content-Language: en-US
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============0204339575=="
Errors-To: ist-security-fyi-bounces@mit.edu
--===============0204339575==
Content-Language: en-US
Content-Type: multipart/alternative;
boundary="_000_CB7BCD2124DAEmyeatonexchangemitedu_"
--_000_CB7BCD2124DAEmyeatonexchangemitedu_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
In this issue:
1. Cyber Challenge Competitions Offer Hands-on Training
2. New ZeuS Variants Get Instructions Through P2P Network
3. Tip: Backup Your Essential Files
--------------------------------------------------------------------------
1. Cyber Challenge Competitions Offer Hands-on Training
--------------------------------------------------------------------------
Panelists speaking at the RSA Conference in San Francisco earlier this week=
said that according to the Cyber Challenge, colleges are not adequately pr=
eparing students to work in the field of cyber security.
Cyber Challenge national director Karen Evans compared the problem to "tryi=
ng to field a professional baseball team when there's no little league team=
out there." One competitor, Alex Levinson, said his college education did =
not prepare him to work in cyber security, and that the Cyber Challenge com=
petitions provide the opportunity "to go through and learn the actual hands=
-on skills that you're going to use in the workplace."
Cyber Challenge is a public-private partnership that offers cyber security =
competitions and camps for high school and college students as well as work=
ing professionals.
Read the full story online<http://wiredworkplace.nextgov.com/2012/02/cyber_=
challenge_fills_education_void.php?oref=3Dlatest_posts>.
Learn more about the US Cyber Challenge<http://workforce.cisecurity.org/>.
---------------------------------------------------------------------------=
--
2. New ZeuS Variants Get Instructions Through P2P Network
---------------------------------------------------------------------------=
--
The most recently detected variants of ZeuS/SpyEye are receiving instructio=
ns not from command-and-control (C&C) servers, but through peer-to-peer (P2=
P) networks. C&C servers have increasingly become the targets of takedown o=
rders and monitoring by authorities. A version detected last year used P2P =
as a means of communication if C&C servers became unavailable, but the newe=
st version has made C&C servers unnecessary.
Read the full story online<http://www.pcworld.com/businesscenter/article/25=
0488/symantec_new_zeus_botnet_no_longer_needs_central_command_servers.html>=
.
--------------------------------------------
3. Tip: Backup Your Essential Files
--------------------------------------------
It's usually just a matter of time before we experience a disaster with our=
computer that could cause us to lose every single file we ever stored on i=
t. Whether the disaster is an irreparable drive or a loss or theft of the m=
achine, that sinking feeling is one we always hope to avoid.
Having a backup folder is similar to insurance for our computers. We might =
lose the hardware, but the software and all our hard work and collected med=
ia need not disappear, so we can be back up and running on a working comput=
er as soon as possible.
As a member of the MIT community, you can sign up for a basic backup plan a=
t no cost, using the Tivoli Storage Manager (TSM) service through IS&T. TSM=
enables users to back up computer files to a secure server via MITnet or t=
he Internet. The no-cost option lets you store up to 15GB. The other option=
s store up to 300GB for $15/month or up to 10TB for $65/month.
Learn more about TSM<http://ist.mit.edu/services/backup/tsm>.
Other options for backups<http://ist.mit.edu/security/backup>.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D
Read all Security FYI Newsletter articles and submit comments online at htt=
p://securityfyi.wordpress.com/.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D
Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
--_000_CB7BCD2124DAEmyeatonexchangemitedu_
Content-Type: text/html; charset="us-ascii"
Content-ID: <DAEF458DD2DBB04F84308645E2A26C14@exchange.mit.edu>
Content-Transfer-Encoding: quoted-printable
<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
</head>
<body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-lin=
e-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-fami=
ly: Garamond, sans-serif; ">
<div>
<div>
<div><br>
</div>
<div><span class=3D"Apple-style-span" style=3D"font-family: Helvetica; ">
<div style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line=
-break: after-white-space; ">
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; -webki=
t-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; col=
or: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: norm=
al; font-variant: normal; font-weight: normal; letter-spacing: normal; line=
-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px=
; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-s=
pace: normal; widows: 2; word-spacing: 0px; "><span class=3D"Apple-style-sp=
an" style=3D"border-collapse: separate; -webkit-border-horizontal-spacing: =
0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family=
: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; fon=
t-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text=
-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: a=
uto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word=
-spacing: 0px; "><span class=3D"Apple-style-span" style=3D"border-collapse:=
separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-=
spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px;=
font-style: normal; font-variant: normal; font-weight: normal; letter-spac=
ing: normal; line-height: normal; -webkit-text-decorations-in-effect: none;=
text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; or=
phans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class=
=3D"Apple-style-span" style=3D"border-collapse: separate; -webkit-border-ho=
rizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, =
0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-va=
riant: normal; font-weight: normal; letter-spacing: normal; line-height: no=
rmal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-t=
ext-size-adjust: auto; text-transform: none; orphans: 2; white-space: norma=
l; widows: 2; word-spacing: 0px; "><span class=3D"Apple-style-span" style=
=3D"border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -web=
kit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helveti=
ca; font-size: 14px; font-style: normal; font-variant: normal; font-weight:=
normal; letter-spacing: normal; line-height: normal; -webkit-text-decorati=
ons-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text=
-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing:=
0px; "><span class=3D"Apple-style-span" style=3D"border-collapse: separate=
; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-sty=
le: normal; font-variant: normal; font-weight: normal; letter-spacing: norm=
al; line-height: normal; -webkit-text-decorations-in-effect: none; text-ind=
ent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2;=
white-space: normal; widows: 2; word-spacing: 0px; "><span class=3D"Apple-=
style-span" style=3D"border-collapse: separate; -webkit-border-horizontal-s=
pacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); fon=
t-family: Helvetica; font-size: 12px; font-style: normal; font-variant: nor=
mal; font-weight: normal; letter-spacing: normal; line-height: normal; -web=
kit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-a=
djust: auto; text-transform: none; orphans: 2; white-space: normal; widows:=
2; word-spacing: 0px; ">
<div style=3D"font-size: 12px; ">
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">In this is=
sue:</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">1. Cyber C=
hallenge Competitions Offer Hands-on Training</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">2. New Zeu=
S Variants Get Instructions Through P2P Network</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">3. Tip: Ba=
ckup Your Essential Files</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">----------=
----------------------------------------------------------------</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">1. Cyber C=
hallenge Competitions Offer Hands-on Training</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">----------=
----------------------------------------------------------------</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Consolas; min-hei=
ght: 14.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Panelists =
speaking at the RSA Conference in San Francisco earlier this week said that=
according to the Cyber Challenge, colleges are not adequately preparing st=
udents to work in the field of cyber
security. </p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Cyber Chal=
lenge national director Karen Evans compared the problem to "trying to=
field a professional baseball team when there's no little league team out =
there." One competitor, Alex Levinson,
said his college education did not prepare him to work in cyber security, =
and that the Cyber Challenge competitions provide the opportunity "to =
go through and learn the actual hands-on skills that you're going to use in=
the workplace." </p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Cyber Chal=
lenge is a public-private partnership that offers cyber security competitio=
ns and camps for high school and college students as well as working profes=
sionals.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial"><a href=3D=
"http://wiredworkplace.nextgov.com/2012/02/cyber_challenge_fills_education_=
void.php?oref=3Dlatest_posts">Read the full story online</a>.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial"><a href=3D=
"http://workforce.cisecurity.org/">Learn more about the US Cyber Challenge<=
/a>. </p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">----------=
-------------------------------------------------------------------</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">2. New Zeu=
S Variants Get Instructions Through P2P Network</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">----------=
-------------------------------------------------------------------</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">The most r=
ecently detected variants of ZeuS/SpyEye are receiving instructions not fro=
m command-and-control (C&C) servers, but through peer-to-peer (P2P) net=
works. C&C servers have increasingly become
the targets of takedown orders and monitoring by authorities. A version de=
tected last year used P2P as a means of communication if C&C servers be=
came unavailable, but the newest version has made C&C servers unnecessa=
ry.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial"><a href=3D=
"http://www.pcworld.com/businesscenter/article/250488/symantec_new_zeus_bot=
net_no_longer_needs_central_command_servers.html">Read the full story onlin=
e</a>.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">----------=
----------------------------------</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">3. Tip: Ba=
ckup Your Essential Files</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">----------=
----------------------------------</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">It's usual=
ly just a matter of time before we experience a disaster with our computer =
that could cause us to lose every single file we ever stored on it. Whether=
the disaster is an irreparable drive
or a loss or theft of the machine, that sinking feeling is one we always h=
ope to avoid.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Having a b=
ackup folder is similar to insurance for our computers. We might lose the h=
ardware, but the software and all our hard work and collected media need no=
t disappear, so we can be back up
and running on a working computer as soon as possible. </p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">As a membe=
r of the MIT community, you can sign up for a basic backup plan at no cost,=
using the Tivoli Storage Manager (TSM) service through IS&T. TSM enabl=
es users to back up computer files to
a secure server via MITnet or the Internet. The no-cost option lets you st=
ore up to 15GB. The other options store up to 300GB for $15/month or up to =
10TB for $65/month.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial"><a href=3D=
"http://ist.mit.edu/services/backup/tsm">Learn more about TSM</a>.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial"><a href=3D=
"http://ist.mit.edu/security/backup">Other options for backups</a>.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Read all S=
ecurity FYI Newsletter articles and submit comments online at htt=
p://securityfyi.wordpress.com/.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D</p>
</div>
<div style=3D"font-size: 12px; "><br>
</div>
<div style=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=3D"=
font-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12p=
x; "><span class=3D"Apple-style-span" style=3D"font-size: 12px; "><span cla=
ss=3D"Apple-style-span" style=3D"font-size: 12px; ">Monique
Yeaton</span></span></span></span></div>
<div style=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=3D"=
font-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12p=
x; "><span class=3D"Apple-style-span" style=3D"font-size: 12px; "><span cla=
ss=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=3D"Apple-st=
yle-span" style=3D"font-size: 12px; "><span class=3D"Apple-style-span" styl=
e=3D"font-size: 12px; ">IT
Security Communications Consultant</span></span></span></span></span></spa=
n></div>
<div style=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=3D"=
font-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12p=
x; "><span class=3D"Apple-style-span" style=3D"font-size: 12px; "><span cla=
ss=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=3D"Apple-st=
yle-span" style=3D"font-size: 12px; "><span class=3D"Apple-style-span" styl=
e=3D"font-size: 12px; ">MIT
Information Services & Technology (IS&T)</span></span></span></spa=
n></span></span></div>
<div style=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=3D"=
font-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12p=
x; "><span class=3D"Apple-style-span" style=3D"font-size: 12px; "><span cla=
ss=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=3D"Apple-st=
yle-span" style=3D"font-size: 12px; "><span class=3D"Apple-style-span" styl=
e=3D"font-size: 12px; ">(617)
253-2715</span></span></span></span></span></span></div>
<div style=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=3D"=
font-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12p=
x; "><span class=3D"Apple-style-span" style=3D"font-size: 12px; "><span cla=
ss=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=3D"Apple-st=
yle-span" style=3D"font-size: 12px; "><span class=3D"Apple-style-span" styl=
e=3D"font-size: 12px; ">http://ist.mit.edu/security</span></span></span></s=
pan></span></span></div>
<div style=3D"font-size: 12px; "><br class=3D"khtml-block-placeholder">
</div>
<br class=3D"Apple-interchange-newline">
</span></span></span></span></span></span></span></div>
</span></div>
</div>
</div>
</body>
</html>
--_000_CB7BCD2124DAEmyeatonexchangemitedu_--
--===============0204339575==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
ist-security-fyi mailing list
ist-security-fyi@mit.edu
To Unsubscribe http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
--===============0204339575==--
