[8106] in Security FYI
[IS&T Security-FYI] SFYI Newsletter, September 18, 2013
daemon@ATHENA.MIT.EDU (Monique Yeaton)
Wed Sep 18 10:12:00 2013
Resent-From: ist-security-fyi@MIT.EDU
From: Monique Yeaton <myeaton@MIT.EDU>
To: ist-security-fyi <ist-security-fyi@MIT.EDU>
Date: Wed, 18 Sep 2013 14:04:19 +0000
Message-ID: <3ACED3B2A8CEFB4598A845F07FD4A05F323D9D7C@OC11EXPO24.exchange.mit.edu>
Content-Language: en-US
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============1079071231=="
Errors-To: ist-security-fyi-bounces@MIT.EDU
--===============1079071231==
Content-Language: en-US
Content-Type: multipart/alternative;
boundary="_000_3ACED3B2A8CEFB4598A845F07FD4A05F323D9D7COC11EXPO24excha_"
--_000_3ACED3B2A8CEFB4598A845F07FD4A05F323D9D7COC11EXPO24excha_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
In this issue:
1. Increases Seen in Phishing Attacks
2. Microsoft Reissues Problematic Updates
3. Why Patch a Mac?
--------------------------------------------------
1. Increases Seen in Phishing Attacks
--------------------------------------------------
"Dear Webmail Subscriber," "Confirm Your Web Mail," and "Upgrade Your Accou=
nt!" These subjects lines were in recently received email messages attempti=
ng to get me to click on a bogus link or respond with my username and passw=
ord. Had I done so, an attacker would have easy access to my email account.
Email is one of the most frequently used venues for cyber attacks. It is fe=
rtile ground for cyber criminals and a vulnerability for most organizations=
because of unwitting end users.
At MIT, we see a lot of unwanted email in our inbox. Even with filtering<ht=
tps://ist.mit.edu/spam?category=3D7> and blacklisting tools on our email sy=
stem, some of these dangerous messages still come through. Generally, the f=
raudulent message appears as if it is from email administrators of MIT and,=
like the examples mentioned above, tries to get you to click on a dangerou=
s link or asks you to supply the login credentials to your web mail account=
.
The IS&T Help Desk has seen an increase in incidents related to users falli=
ng for these types of phishing scams. As a result, MIT email accounts becom=
e compromised and then large amounts of spam is sent from those compromised=
accounts by the criminals.
If an MIT account becomes compromised, the first recommendation we give is =
to change and strengthen the Kerberos password<https://kb.mit.edu/confluenc=
e/display/istcontrib/Changing+Passwords> that protects the account.
Learn more in the Knowledge Base: What to do if your email account is compr=
omised<http://kb.mit.edu/confluence/display/istcontrib/My+email+account+got=
+hacked>.
---------------------------------------------------------
2. Microsoft Reissues Problematic Updates
---------------------------------------------------------
Microsoft has reissued several security updates<http://www.computerworld.co=
m/s/article/9242408/Microsoft_updates_display_worrisome_decline_in_quality>=
to address a detection problem. The updates, which were part of a batch re=
leased on Tuesday, September 10, were not able to detect whether or not the=
y had already been installed on users' computers and continued to offer the=
mselves to install.
Customers also reported that some of the updates were not offered through W=
indows Server Update Services or System Center Configuration Manager.
Microsoft has released new versions of the affected updates to fix these pr=
oblems.
Learn more about installing Microsoft Updates on Windows 7<http://windows.m=
icrosoft.com/en-us/windows7/install-windows-updates> or Windows 8<http://wi=
ndows.microsoft.com/en-us/windows-8/windows-update>.
NOTE: Updates for Windows XP Service Pack 3 machines will no longer be avai=
lable after April 8, 2014, and as a result IS&T has begun to phase out supp=
ort for Windows XP. IS&T recommends you upgrade to Windows 7 now to avoid p=
roblems later.
-----------------------------
3. Why Patch a Mac?
-----------------------------
According to ZD Net<http://www.zdnet.com/mac-users-you-have-to-patch-too-70=
00020665/>, this has been a fairly busy security update season for Mac user=
s. In fact, they say, Mac users have a lot more work involved to keep their=
systems safe.
There have been patches for the operating systems, for Safari for Mac, for =
Java and Adobe vulnerabilities, quite a long list compared to previous year=
s.
There really are attacks out there against Macs which exploit vulnerabiliti=
es, so accepting and installing these patches is important.
Read the story online<http://www.zdnet.com/mac-users-you-have-to-patch-too-=
7000020665/>.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D
Read all Security FYI Newsletter articles and submit comments online at htt=
p://securityfyi.wordpress.com/.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D
Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
--_000_3ACED3B2A8CEFB4598A845F07FD4A05F323D9D7COC11EXPO24excha_
Content-Type: text/html; charset="us-ascii"
Content-ID: <B39143CEFA24894E979C667B8EF4B3AE@exchange.mit.edu>
Content-Transfer-Encoding: quoted-printable
<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
</head>
<body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-lin=
e-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-fami=
ly: Garamond, sans-serif; ">
<div>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; ">In thi=
s issue:</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">1. Increases Seen in Phi=
shing Attacks </p>
<p style=3D"margin: 0px; font-family: Helvetica; ">2. Microsoft Reissues Pr=
oblematic Updates</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">3. Why Patch a Mac?</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
--------------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">1. Increases Seen in Phi=
shing Attacks </p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
--------------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">"Dear Webmail Subsc=
riber," "Confirm Your Web Mail," and "Upgrade Your Acco=
unt!" These subjects lines were in recently received email messages at=
tempting to get me to click on a bogus link or respond with my username
and password. Had I done so, an attacker would have easy access to my emai=
l account.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Email is one of the most=
frequently used venues for cyber attacks. It is fertile ground for cyber c=
riminals and a vulnerability for most organizations because of unwitting en=
d users.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">At MIT, we see a lot of =
unwanted email in our inbox. Even with
<a href=3D"https://ist.mit.edu/spam?category=3D7">filtering</a> and blackli=
sting tools on our email system, some of these dangerous messages still com=
e through. Generally, the fraudulent message appears as if it is from email=
administrators of MIT and, like the
examples mentioned above, tries to get you to click on a dangerous link or=
asks you to supply the login credentials to your web mail account.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">The IS&T Help Desk h=
as seen an increase in incidents related to users falling for these types o=
f phishing scams. As a result, MIT email accounts become compromised and th=
en large amounts of spam is sent from
those compromised accounts by the criminals.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">If an MIT account become=
s compromised, the first recommendation we give is to
<a href=3D"https://kb.mit.edu/confluence/display/istcontrib/Changing+Pa=
sswords">change and strengthen the Kerberos password</a> that protects the =
account. </p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Learn more in the Knowle=
dge Base:
<a href=3D"http://kb.mit.edu/confluence/display/istcontrib/My+email+=
;account+got+hacked">
What to do if your email account is compromised</a>.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
---------------------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">2. Microsoft Reissues Pr=
oblematic Updates</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
---------------------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; "><a href=3D"http://www.co=
mputerworld.com/s/article/9242408/Microsoft_updates_display_worrisome_decli=
ne_in_quality">Microsoft has reissued several security updates</a> to addre=
ss a detection problem. The updates,
which were part of a batch released on Tuesday, September 10, were not abl=
e to detect whether or not they had already been installed on users' comput=
ers and continued to offer themselves to install. </p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Customers also reported =
that some of the updates were not offered through Windows Server Update Ser=
vices or System Center Configuration Manager. </p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Microsoft has released n=
ew versions of the affected updates to fix these problems.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Learn more about install=
ing Microsoft Updates on
<a href=3D"http://windows.microsoft.com/en-us/windows7/install-windows-upda=
tes">Windows 7</a> or
<a href=3D"http://windows.microsoft.com/en-us/windows-8/windows-update">Win=
dows 8</a>.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">NOTE: Updates for Window=
s XP Service Pack 3 machines will no longer be available after April 8, 201=
4, and as a result IS&T has begun to phase out support for Windows XP. =
IS&T recommends you upgrade to Windows
7 now to avoid problems later.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
-----</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">3. Why Patch a Mac?</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
-----</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; "><a href=3D"http://www.zd=
net.com/mac-users-you-have-to-patch-too-7000020665/">According to ZD Net</a=
>, this has been a fairly busy security update season for Mac users. In fac=
t, they say, Mac users have a lot more
work involved to keep their systems safe.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">There have been patches =
for the operating systems, for Safari for Mac, for Java and Adobe vulnerabi=
lities, quite a long list compared to previous years.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">There really are attacks=
out there against Macs which exploit vulnerabilities, so accepting and ins=
talling these patches is important. </p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; "><a href=3D"http://www.zd=
net.com/mac-users-you-have-to-patch-too-7000020665/">Read the story online<=
/a>.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Arial; ">=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</p=
>
<p style=3D"margin: 0px; font-family: Arial; ">Read all Security FYI Newsle=
tter articles and submit comments online at
<a href=3D"http://securityfyi.wordpress.com/">http://securityfyi.wordpress.=
com/</a>.</p>
<p style=3D"margin: 0px; font-family: Arial; ">=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</p=
>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
</div>
<div><span class=3D"Apple-style-span" style=3D"border-collapse: separate; f=
ont-family: Calibri; font-size: medium; border-spacing: 0px; "><span class=
=3D"Apple-style-span" style=3D"border-collapse: separate; border-spacing: 0=
px; font-family: Helvetica; font-size: 14px; ">
<div style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line=
-break: after-white-space; ">
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; border=
-spacing: 0px; "><span class=3D"Apple-style-span" style=3D"border-collapse:=
separate; border-spacing: 0px; "><span class=3D"Apple-style-span" style=3D=
"border-collapse: separate; border-spacing: 0px; "><span class=3D"Apple-sty=
le-span" style=3D"border-collapse: separate; border-spacing: 0px; "><span c=
lass=3D"Apple-style-span" style=3D"border-collapse: separate; border-spacin=
g: 0px; "><span class=3D"Apple-style-span" style=3D"border-collapse: separa=
te; border-spacing: 0px; font-size: 12px; ">
<div><br>
</div>
<div>Monique Yeaton</div>
<div>IT Security Communications Consultant</div>
<div>MIT Information Services & Technology (IS&T)</div>
<div>(617) 253-2715</div>
<div>http://ist.mit.edu/security</div>
<div><br class=3D"khtml-block-placeholder">
</div>
<br class=3D"Apple-interchange-newline">
</span></span></span></span></span></span></div>
</span></span></div>
</body>
</html>
--_000_3ACED3B2A8CEFB4598A845F07FD4A05F323D9D7COC11EXPO24excha_--
--===============1079071231==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
ist-security-fyi mailing list
ist-security-fyi@mit.edu
To Unsubscribe http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
--===============1079071231==--
