[7904] in Security FYI
[IS&T Security-FYI] SFYI Newsletter, July 23, 2013
daemon@ATHENA.MIT.EDU (Monique Yeaton)
Tue Jul 23 14:44:16 2013
Resent-From: ist-security-fyi@MIT.EDU
From: Monique Yeaton <myeaton@MIT.EDU>
To: ist-security-fyi <ist-security-fyi@MIT.EDU>
Date: Tue, 23 Jul 2013 18:41:40 +0000
Message-ID: <3ACED3B2A8CEFB4598A845F07FD4A05F2F35FDCC@OC11EXPO24.exchange.mit.edu>
Content-Language: en-US
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============1191010146=="
Errors-To: ist-security-fyi-bounces@MIT.EDU
--===============1191010146==
Content-Language: en-US
Content-Type: multipart/alternative;
boundary="_000_3ACED3B2A8CEFB4598A845F07FD4A05F2F35FDCCOC11EXPO24excha_"
--_000_3ACED3B2A8CEFB4598A845F07FD4A05F2F35FDCCOC11EXPO24excha_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
In this issue:
1. Research Universities Subject to Cyber Attacks
2. Social Media Security Tips
3. Event: Security Camp @ BU on August 22nd
-------------------------------------------------------------------
1. Research Universities Subject to Cyber Attacks
-------------------------------------------------------------------
According to the New York Times, leading US research universities have been=
subject to millions of hacking attempts on a weekly basis. Professors at t=
hese universities, including MIT, receive thousands of patents each year in=
areas such as prescription drugs, computer chips, fuel cells, aircraft, me=
dical devices, food production and more.
Bill Mellon of the University of Wisconsin told the Times they get 90,000 t=
o 100,000 hacking attempts per day, from China alone, to penetrate their sy=
stem.
Although it is difficult to track where the attacks are coming from, US gov=
ernment officials, security experts and university and corporate officials =
say that China is clearly the leading source of efforts to steal informatio=
n. Other suspected countries are Russia and Vietnam.
A growing number of schools no longer allow their professors to take their =
laptops and smart phones to certain countries for fear of the information b=
eing copied or malware being planted in hopes that the device is taken home=
and connected to a network, allowing the thieves to get in.
Read this story online<http://www.nytimes.com/2013/07/17/education/barrage-=
of-cyberattacks-challenges-campus-culture.html>.
---------------------------------------
2. Social Media Security Tips
---------------------------------------
There are various ways you can get scammed or, at the least, embarrassed if=
you don't follow general security practices when using social networking s=
ites such as Facebook and Twitter. Don't worry, if it happened to you, you'=
re not the only one. The Associated Press, Burger King and The Onion have a=
ll recently had their Twitter accounts hacked. Various celebrities have had=
their Facebook accounts hijacked. They are then used to spread misinformat=
ion or to post links that lead to malware.
Twitter recently implemented two-factor authentication to crack down on the=
problem. No word yet on whether Facebook will follow suit. Facebook does o=
ffer something called Login Approvals<https://www.facebook.com/help/www/148=
233965247823>, its version of two-factor authentication, to protect users f=
rom takeover attempts of their account.
To learn more on protecting accounts and preventing scams, go to the compan=
ies' security guidelines pages:
* Security on Facebook<https://www.facebook.com/about/security> and Des=
ktop Help/Security<https://www.facebook.com/help/www/131719720300233/> (Fac=
ebook)
* Safe Tweeting<https://support.twitter.com/articles/76036-keeping-your=
-account-secure> (Twitter)
---------------------------------------------------------------
3. Event: Security Camp @ BU on August 22nd
---------------------------------------------------------------
Boston University will once again be hosting the free, one-day Security Cam=
p conference. The date is Thursday, August 22, 2013. Please mark your calen=
dars if interested.
This conference is for system, network, and security administrators and sec=
urity managers. The goal is to provide a forum where these staff in higher =
education can share and benefit from collective experiences.
More information on Security Camp at Boston University is here<http://www.b=
u.edu/tech/security/services/security-events-training/camp/>.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D
Read all Security FYI Newsletter articles and submit comments online at htt=
p://securityfyi.wordpress.com/.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D
Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
--_000_3ACED3B2A8CEFB4598A845F07FD4A05F2F35FDCCOC11EXPO24excha_
Content-Type: text/html; charset="us-ascii"
Content-ID: <F587446978E1D04EAAC80EF30775C906@exchange.mit.edu>
Content-Transfer-Encoding: quoted-printable
<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
</head>
<body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-lin=
e-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-fami=
ly: Garamond, sans-serif; ">
<div>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; ">In thi=
s issue:</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">1. Research Universities=
Subject to Cyber Attacks</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">2. Social Media Security=
Tips</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">3. Event: Security Camp =
@ BU on August 22nd</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
-------------------------------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">1. Research Universities=
Subject to Cyber Attacks</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
-------------------------------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">According to the <i>New =
York Times</i>, leading US research universities have been subject to milli=
ons of hacking attempts on a weekly basis. Professors at these universities=
, including MIT, receive thousands
of patents each year in areas such as prescription drugs, computer chips, =
fuel cells, aircraft, medical devices, food production and more. </p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Bill Mellon of the Unive=
rsity of Wisconsin told the Times they get 90,000 to 100,000 hacking attemp=
ts per day, from China alone, to penetrate their system. </p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Although it is difficult=
to track where the attacks are coming from, US government officials, secur=
ity experts and university and corporate officials say that China is clearl=
y the leading source of efforts to
steal information. Other suspected countries are Russia and Vietnam.<=
/p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">A growing number of scho=
ols no longer allow their professors to take their laptops and smart phones=
to certain countries for fear of the information being copied or malware b=
eing planted in hopes that the device
is taken home and connected to a network, allowing the thieves to get in.&=
nbsp;</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; "><a href=3D"http://www.ny=
times.com/2013/07/17/education/barrage-of-cyberattacks-challenges-campus-cu=
lture.html">Read this story online</a>.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
---------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">2. Social Media Security=
Tips</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
---------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">There are various ways y=
ou can get scammed or, at the least, embarrassed if you don't follow genera=
l security practices when using social networking sites such as Facebook an=
d Twitter. Don't worry, if it happened
to you, you're not the only one. The Associated Press, Burger King and The=
Onion have all recently had their Twitter accounts hacked. Various celebri=
ties have had their Facebook accounts hijacked. They are then used to sprea=
d misinformation or to post links
that lead to malware.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Twitter recently impleme=
nted two-factor authentication to crack down on the problem. No word yet on=
whether Facebook will follow suit. Facebook does offer something called
<a href=3D"https://www.facebook.com/help/www/148233965247823">Login Approva=
ls</a>, its version of two-factor authentication, to protect users from tak=
eover attempts of their account. </p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">To learn more on protect=
ing accounts and preventing scams, go to the companies' security guidelines=
pages:</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<ul>
<li style=3D"margin: 0px; font-family: Helvetica; "><a href=3D"https://www.=
facebook.com/about/security">Security on Facebook</a> and
<a href=3D"https://www.facebook.com/help/www/131719720300233/">Desktop Help=
/Security</a> (Facebook)
</li><li style=3D"margin: 0px; font-family: Helvetica; "><a href=3D"https:/=
/support.twitter.com/articles/76036-keeping-your-account-secure">Safe Tweet=
ing</a> (Twitter)
</li></ul>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
---------------------------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">3. Event: Security Camp =
@ BU on August 22nd</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
---------------------------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Boston University will o=
nce again be hosting the free, one-day Security Camp conference. The date i=
s Thursday, August 22, 2013. Please mark your calendars if interested.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">This conference is for s=
ystem, network, and security administrators and security managers. The goal=
is to provide a forum where these staff in higher education can share and =
benefit from collective experiences.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">More information on Secu=
rity Camp at Boston University is
<a href=3D"http://www.bu.edu/tech/security/services/security-events-trainin=
g/camp/">
here</a>.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Arial; ">=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</p=
>
<p style=3D"margin: 0px; font-family: Arial; ">Read all Security FYI Newsle=
tter articles and submit comments online at
<a href=3D"http://securityfyi.wordpress.com/">http://securityfyi.wordpress.=
com/</a>.</p>
<p style=3D"margin: 0px; font-family: Arial; ">=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</p=
>
</div>
<div><span class=3D"Apple-style-span" style=3D"border-collapse: separate; f=
ont-family: Calibri; font-size: medium; border-spacing: 0px; "><span class=
=3D"Apple-style-span" style=3D"border-collapse: separate; border-spacing: 0=
px; font-family: Helvetica; font-size: 14px; ">
<div style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line=
-break: after-white-space; ">
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; border=
-spacing: 0px; "><span class=3D"Apple-style-span" style=3D"border-collapse:=
separate; border-spacing: 0px; "><span class=3D"Apple-style-span" style=3D=
"border-collapse: separate; border-spacing: 0px; "><span class=3D"Apple-sty=
le-span" style=3D"border-collapse: separate; border-spacing: 0px; "><span c=
lass=3D"Apple-style-span" style=3D"border-collapse: separate; border-spacin=
g: 0px; "><span class=3D"Apple-style-span" style=3D"border-collapse: separa=
te; border-spacing: 0px; font-size: 12px; ">
<div><br>
</div>
<div>Monique Yeaton</div>
<div>IT Security Communications Consultant</div>
<div>MIT Information Services & Technology (IS&T)</div>
<div>(617) 253-2715</div>
<div>http://ist.mit.edu/security</div>
<div><br class=3D"khtml-block-placeholder">
</div>
<br class=3D"Apple-interchange-newline">
</span></span></span></span></span></span></div>
</span></span></div>
</body>
</html>
--_000_3ACED3B2A8CEFB4598A845F07FD4A05F2F35FDCCOC11EXPO24excha_--
--===============1191010146==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
ist-security-fyi mailing list
ist-security-fyi@mit.edu
To Unsubscribe http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
--===============1191010146==--
