[2461] in Security FYI


home	help	back	first	fref	pref	prev	next	nref	lref	last	post
[IS&T Security-FYI] SFYI Newsletter, April 9, 2012

daemon@ATHENA.MIT.EDU (Monique Yeaton)
Mon Apr 9 16:34:23 2012

From: Monique Yeaton <myeaton@MIT.EDU>
To: "ist-security-fyi@mit.edu" <ist-security-fyi@MIT.EDU>
Date: Mon, 9 Apr 2012 20:33:16 +0000
Message-ID: <CBA8BFCA.26530%myeaton@exchange.mit.edu>
Content-Language: en-US
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============0226407467=="
Errors-To: ist-security-fyi-bounces@MIT.EDU

--===============0226407467==
Content-Language: en-US
Content-Type: multipart/alternative;
	boundary="_000_CBA8BFCA26530myeatonexchangemitedu_"

--_000_CBA8BFCA26530myeatonexchangemitedu_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable


In this issue:


1. Macs No Longer Malware-Free?

2. Tip: Enable the Firewall on Your Mac

3. The Dangers of Hacking


---------------------------------------------

1. Macs No Longer Malware-Free?

---------------------------------------------


Unless you don't read much news on the Internet, you have likely heard abou=
t Flashback<http://asia.cnet.com/crave/flashback-is-the-largest-mac-malware=
-threat-ever-62214213.htm> (Flashfake), a virus targeting Mac computers spe=
cifically using a vulnerability in Java. The malware is estimated to be run=
ning on 600,000 machines around the world and is judged to be the largest M=
ac malware threat ever.


If you're using a Mac computer, be sure to download and apply the patches f=
or Java released by Apple this past week. You can find them through your So=
ftware Update utility or on the Apple Downloads<http://support.apple.com/do=
wnloads/> website.



--------------------------------------------------

2. Tip: Enable the Firewall on Your Mac

--------------------------------------------------


Mac OS X has a built-in firewall that plays the role of security guard, blo=
cking or denying certain network traffic. The firewall on a Mac is turned o=
ff by default. Be careful to configure your firewall <http://kb.mit.edu/con=
fluence/x/FQCKBg> correctly before you turn it on so that you're not blocki=
ng network traffic you need, for example FTP traffic. Steps for Snow Leopar=
d<http://www.dummies.com/how-to/content/how-to-use-mac-os-x-snow-leopards-b=
uiltin-firewall.html>. Steps for Lion<http://techmix.net/blog/2011/05/24/fi=
rewall-on-mac-osx-lion/>.



----------------------------------

3. The Dangers of Hacking

----------------------------------


There are those who engage in hacking and commit fraud for monetary gain. A=
nd there are those who hack for the purpose of civil disobedience or to dis=
rupt businesses, such as the group Anonymous. An article posted on NPR: All=
 Tech Considered<http://www.npr.org/blogs/alltechconsidered/2012/04/05/1500=
99660/when-online-hacking-poses-real-world-dangers>, discusses the anonymit=
y of online actions and how this anonymity can lure people to believing the=
ir actions online may not have real-world consequences. The author believes=
 the risk has more to do with the kind of technology that is being built in=
to more kinds of networked devices, from factory valves to medical equipmen=
t to chips used to track cattle. Food for thought?



=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D

Read all Security FYI Newsletter articles and submit comments online at htt=
p://securityfyi.wordpress.com/.

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D

Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security



--_000_CBA8BFCA26530myeatonexchangemitedu_
Content-Type: text/html; charset="us-ascii"
Content-ID: <AB90C43B2E71FE4D9D3EBD03382D1E85@exchange.mit.edu>
Content-Transfer-Encoding: quoted-printable

<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
</head>
<body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-lin=
e-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-fami=
ly: Garamond, sans-serif; ">
<div>
<div>
<div>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-he=
ight: 17.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">In thi=
s issue:</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-he=
ight: 17.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">1. Mac=
s No Longer Malware-Free?</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">2. Tip=
: Enable the Firewall on Your Mac</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">3. The=
 Dangers of Hacking</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-he=
ight: 17.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">------=
---------------------------------------</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">1. Mac=
s No Longer Malware-Free?</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">------=
---------------------------------------</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-he=
ight: 17.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">Unless=
 you don't read much news on the Internet, you have likely heard about
<a href=3D"http://asia.cnet.com/crave/flashback-is-the-largest-mac-malware-=
threat-ever-62214213.htm">
Flashback</a> (Flashfake), a virus targeting Mac computers specifically usi=
ng a vulnerability in Java. The malware is estimated to be running on 600,0=
00 machines around the world and is judged to be the largest Mac malware th=
reat ever.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-he=
ight: 17.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">If you=
're using a Mac computer, be sure to download and apply the patches for Jav=
a released by Apple this past week. You can find them through your Software=
 Update utility or on the
<a href=3D"http://support.apple.com/downloads/">Apple Downloads</a> website=
.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-he=
ight: 17.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-he=
ight: 17.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">------=
--------------------------------------------</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">2. Tip=
: Enable the Firewall on Your Mac</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">------=
--------------------------------------------</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-he=
ight: 17.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">Mac OS=
 X has a built-in firewall that plays the role of security guard, blocking =
or denying certain network traffic. The firewall on a Mac is turned off by =
default. Be careful to
<a href=3D"http://kb.mit.edu/confluence/x/FQCKBg">configure your firewall <=
/a>correctly before you turn it on so that you're not blocking network traf=
fic you need, for example FTP traffic.
<a href=3D"http://www.dummies.com/how-to/content/how-to-use-mac-os-x-snow-l=
eopards-builtin-firewall.html">
Steps for Snow Leopard</a>. <a href=3D"http://techmix.net/blog/2011/05/24/f=
irewall-on-mac-osx-lion/">
Steps for Lion</a>.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-he=
ight: 17.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-he=
ight: 17.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">------=
----------------------------</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">3. The=
 Dangers of Hacking</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">------=
----------------------------</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-he=
ight: 17.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">There =
are those who engage in hacking and commit fraud for monetary gain. And the=
re are those who hack for the purpose of civil disobedience or to disrupt b=
usinesses, such as the group Anonymous.
 An article posted on <a href=3D"http://www.npr.org/blogs/alltechconsidered=
/2012/04/05/150099660/when-online-hacking-poses-real-world-dangers">
NPR: All Tech Considered</a>, discusses the anonymity of online actions and=
 how this anonymity can lure people to believing their actions online may n=
ot have real-world consequences. The author believes the risk has more to d=
o with the kind of technology that
 is being built into more kinds of networked devices, from factory valves t=
o medical equipment to chips used to track cattle. Food for thought?</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-he=
ight: 17.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-he=
ight: 17.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Read all S=
ecurity FYI Newsletter articles and submit comments&nbsp;online&nbsp;at
<a href=3D"http://securityfyi.wordpress.com/"><span style=3D"text-decoratio=
n: underline ; color: #1e37ee">http://securityfyi.wordpress.com/</span></a>=
.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D</p>
</div>
<div>
<div style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line=
-break: after-white-space; font-family: Helvetica; ">
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; -webki=
t-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; col=
or: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: norm=
al; font-variant: normal; font-weight: normal; letter-spacing: normal; line=
-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px=
; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-s=
pace: normal; widows: 2; word-spacing: 0px; "><span class=3D"Apple-style-sp=
an" style=3D"border-collapse: separate; -webkit-border-horizontal-spacing: =
0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family=
: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; fon=
t-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text=
-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: a=
uto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word=
-spacing: 0px; "><span class=3D"Apple-style-span" style=3D"border-collapse:=
 separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-=
spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px;=
 font-style: normal; font-variant: normal; font-weight: normal; letter-spac=
ing: normal; line-height: normal; -webkit-text-decorations-in-effect: none;=
 text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; or=
phans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class=
=3D"Apple-style-span" style=3D"border-collapse: separate; -webkit-border-ho=
rizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, =
0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-va=
riant: normal; font-weight: normal; letter-spacing: normal; line-height: no=
rmal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-t=
ext-size-adjust: auto; text-transform: none; orphans: 2; white-space: norma=
l; widows: 2; word-spacing: 0px; "><span class=3D"Apple-style-span" style=
=3D"border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -web=
kit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helveti=
ca; font-size: 14px; font-style: normal; font-variant: normal; font-weight:=
 normal; letter-spacing: normal; line-height: normal; -webkit-text-decorati=
ons-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text=
-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing:=
 0px; "><span class=3D"Apple-style-span" style=3D"border-collapse: separate=
; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-sty=
le: normal; font-variant: normal; font-weight: normal; letter-spacing: norm=
al; line-height: normal; -webkit-text-decorations-in-effect: none; text-ind=
ent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2;=
 white-space: normal; widows: 2; word-spacing: 0px; "><span class=3D"Apple-=
style-span" style=3D"border-collapse: separate; -webkit-border-horizontal-s=
pacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); fon=
t-family: Helvetica; font-size: 12px; font-style: normal; font-variant: nor=
mal; font-weight: normal; letter-spacing: normal; line-height: normal; -web=
kit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-a=
djust: auto; text-transform: none; orphans: 2; white-space: normal; widows:=
 2; word-spacing: 0px; ">
<div style=3D"font-size: 12px; "><br>
</div>
<div style=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=3D"=
font-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12p=
x; "><span class=3D"Apple-style-span" style=3D"font-size: 12px; "><span cla=
ss=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=3D"Apple-st=
yle-span" style=3D"font-size: 12px; "><span class=3D"Apple-style-span" styl=
e=3D"font-size: 12px; ">Monique
 Yeaton</span></span></span></span></span></span></div>
<div style=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=3D"=
font-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12p=
x; "><span class=3D"Apple-style-span" style=3D"font-size: 12px; "><span cla=
ss=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=3D"Apple-st=
yle-span" style=3D"font-size: 12px; "><span class=3D"Apple-style-span" styl=
e=3D"font-size: 12px; ">IT
 Security Communications Consultant</span></span></span></span></span></spa=
n></div>
<div style=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=3D"=
font-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12p=
x; "><span class=3D"Apple-style-span" style=3D"font-size: 12px; "><span cla=
ss=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=3D"Apple-st=
yle-span" style=3D"font-size: 12px; "><span class=3D"Apple-style-span" styl=
e=3D"font-size: 12px; ">MIT
 Information Services &amp; Technology (IS&amp;T)</span></span></span></spa=
n></span></span></div>
<div style=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=3D"=
font-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12p=
x; "><span class=3D"Apple-style-span" style=3D"font-size: 12px; "><span cla=
ss=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=3D"Apple-st=
yle-span" style=3D"font-size: 12px; "><span class=3D"Apple-style-span" styl=
e=3D"font-size: 12px; ">(617)
 253-2715</span></span></span></span></span></span></div>
<div style=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=3D"=
font-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12p=
x; "><span class=3D"Apple-style-span" style=3D"font-size: 12px; "><span cla=
ss=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=3D"Apple-st=
yle-span" style=3D"font-size: 12px; "><span class=3D"Apple-style-span" styl=
e=3D"font-size: 12px; ">http://ist.mit.edu/security</span></span></span></s=
pan></span></span></div>
<div style=3D"font-size: 12px; "><br class=3D"khtml-block-placeholder">
</div>
<br class=3D"Apple-interchange-newline">
</span></span></span></span></span></span></span></div>
</div>
</div>
</div>
</body>
</html>

--_000_CBA8BFCA26530myeatonexchangemitedu_--

--===============0226407467==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
ist-security-fyi mailing list
ist-security-fyi@mit.edu
To Unsubscribe http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
--===============0226407467==--

home	help	back	first	fref	pref	prev	next	nref	lref	last	post
[2461] in Security FYI

[IS&T Security-FYI] SFYI Newsletter, April 9, 2012

daemon@ATHENA.MIT.EDU (Monique Yeaton)Mon Apr 9 16:34:23 2012

daemon@ATHENA.MIT.EDU (Monique Yeaton)
Mon Apr 9 16:34:23 2012
