[8127] in Security FYI
[IS&T Security-FYI] Security FYI Newsletter, October 21, 2013
daemon@ATHENA.MIT.EDU (Monique Yeaton)
Mon Oct 21 15:56:45 2013
Resent-From: ist-security-fyi@mit.edu
From: Monique Yeaton <myeaton@mit.edu>
To: ist-security-fyi <ist-security-fyi@mit.edu>
Date: Mon, 21 Oct 2013 19:52:31 +0000
Message-ID: <3ACED3B2A8CEFB4598A845F07FD4A05F3243321D@OC11EXPO24.exchange.mit.edu>
Content-Language: en-US
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============0384336046=="
Errors-To: ist-security-fyi-bounces@mit.edu
--===============0384336046==
Content-Language: en-US
Content-Type: multipart/alternative;
boundary="_000_3ACED3B2A8CEFB4598A845F07FD4A05F3243321DOC11EXPO24excha_"
--_000_3ACED3B2A8CEFB4598A845F07FD4A05F3243321DOC11EXPO24excha_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
In this issue:
1. Be Safe This Month and Win!
2. Why Caching is Not Safe
-------------------------------------------
1. Be Safe This Month and Win!
-------------------------------------------
This month, National Cyber Security Awareness Month (NCSAM)<http://kb.mit.e=
du/confluence/x/WR4YCQ>, we are encouraged to take responsibility for prote=
cting our computers and computing infrastructure.
As the technology of software and the Internet changes at a rapid pace, so =
do the forms of attack that exploit this technology. One way that you, as a=
member of MIT, can do your part and keep up with the latest threats, is by=
taking a refresher course on computer or data security.
Securing the Human<http://kb.mit.edu/confluence/x/bB4YCQ> is a 5-part onlin=
e course that is now available through the MIT Learning Center. The topics=
covered include how to prevent a phishing scam, protecting your password, =
and why we should be encrypting sensitive data.
In support of NCSAM, the IT Security Support & Services team will be giving=
prizes to the top 3 students of the Securing the Human course. There's no =
need to register for the contest. Simply take one, a few, or all five parts=
of the Securing the Human course before November 4, 2013. Those who have v=
iewed the courses prior to this announcement will also be included in the d=
rawing.
Each of the 5 course modules is approximately 20 minutes. We will select fr=
om the users who have logged the most minutes by November 4, 2013 at 12 noo=
n. The awards: 1st prize: $75, 2nd prize: $50 and 3rd prize: $25.
Thank you for participating in this prize giveaway and please stay safe out=
there!
Further course information and access to the courses is available here<http=
://kb.mit.edu/confluence/x/bB4YCQ>. An MIT certificate is required to acces=
s the courses.
-------------------------------------
2. Why Caching is Not Safe
-------------------------------------
This article on a Google Chrome<http://www.identityfinder.com/blog/identity=
-finder-discovers-google-chrome-users-are-vulnerable-to-sensitive-data-thef=
t/> security flaw is another reminder that what we do on the Internet might=
stay on the Internet, or at least on our browsers. The flaw being referred=
to is caching. This is a function that makes browsing quicker for you. It =
saves information you enter into websites so that you save time when you ne=
ed it again later. The only problem is that sometimes, as in this case, the=
browser stores the information in plain text.
It is very important to remember to set your browser to clear the cache (wh=
ich can include your browsing history) after you have used it. Otherwise in=
formation that you entered can be easily accessible to the next person who =
uses the computer.
How to clear your browsing history including your cache<http://kb.mit.edu/c=
onfluence/x/RYCR>.
Another smart tip is to turn off the caching feature of your browser and in=
stead use a tool such as LastPass<http://ist.mit.edu/news/password_managers=
>, which stores the personal information and passwords you enter on website=
s in an encrypted vault.
Learn more about password managers from this month's OUCH! article<http://w=
ww.securingthehuman.org/newsletters/ouch/issues/OUCH-201310_en.pdf>.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D
Read all Security FYI Newsletter articles and submit comments online at htt=
p://securityfyi.wordpress.com/.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D
Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
--_000_3ACED3B2A8CEFB4598A845F07FD4A05F3243321DOC11EXPO24excha_
Content-Type: text/html; charset="us-ascii"
Content-ID: <6D55BE325882AC468C063C251B7AE6C4@exchange.mit.edu>
Content-Transfer-Encoding: quoted-printable
<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
</head>
<body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-lin=
e-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-fami=
ly: Garamond, sans-serif; ">
<div>
<p style=3D"margin: 0px; font-family: Helvetica; ">In this issue:</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">1. Be Safe This Month an=
d Win!</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">2. Why Caching is Not Sa=
fe</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
-------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">1. Be Safe This Month an=
d Win!</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
-------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">This month, <a href=3D"h=
ttp://kb.mit.edu/confluence/x/WR4YCQ">
National Cyber Security Awareness Month (NCSAM)</a>, we are encouraged to t=
ake responsibility for protecting our computers and computing infrastructur=
e. </p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">As the technology of sof=
tware and the Internet changes at a rapid pace, so do the forms of attack t=
hat exploit this technology. One way that you, as a member of MIT, can do y=
our part and keep up with the latest
threats, is by taking a refresher course on computer or data security. &nb=
sp;</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; "><a href=3D"http://kb.mit=
.edu/confluence/x/bB4YCQ">Securing the Human</a> is a 5-part online course =
that is now available through the MIT Learning Center. The topics cov=
ered include how to prevent a phishing scam,
protecting your password, and why we should be encrypting sensitive data.<=
/p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">In support of NCSAM, the=
IT Security Support & Services team will be giving prizes to the top 3=
students of the Securing the Human course. There's no need to register for=
the contest. Simply take one, a few,
or all five parts of the Securing the Human course before November 4, 2013=
. Those who have viewed the courses prior to this announcement will also be=
included in the drawing. </p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Each of the 5 course mod=
ules is approximately 20 minutes. We will select from the users who have lo=
gged the most minutes by November 4, 2013 at 12 noon. The awards: 1st prize=
: $75, 2nd prize: $50 and 3rd prize:
$25. </p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Thank you for participat=
ing in this prize giveaway and please stay safe out there!</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; "><a href=3D"http://kb.mit=
.edu/confluence/x/bB4YCQ">Further course information and access to the cour=
ses is available here</a>. An MIT certificate is required to access the cou=
rses.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
-------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">2. Why Caching is Not Sa=
fe</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
-------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; "><a href=3D"http://www.id=
entityfinder.com/blog/identity-finder-discovers-google-chrome-users-are-vul=
nerable-to-sensitive-data-theft/">This article on a Google Chrome</a> secur=
ity flaw is another reminder that what
we do on the Internet might stay on the Internet, or at least on our brows=
ers. The flaw being referred to is caching. This is a function that makes b=
rowsing quicker for you. It saves information you enter into websites so th=
at you save time when you need it
again later. The only problem is that sometimes, as in this case, the brow=
ser stores the information in plain text.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">It is very important to =
remember to set your browser to clear the cache (which can include your bro=
wsing history) after you have used it. Otherwise information that you enter=
ed can be easily accessible to the
next person who uses the computer. </p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; "><a href=3D"http://kb.mit=
.edu/confluence/x/RYCR">How to clear your browsing history including your c=
ache</a>.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Another smart tip is to =
turn off the caching feature of your browser and instead use
<a href=3D"http://ist.mit.edu/news/password_managers">a tool such as LastPa=
ss</a>, which stores the personal information and passwords you enter on we=
bsites in an encrypted vault.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; "><a href=3D"http://www.se=
curingthehuman.org/newsletters/ouch/issues/OUCH-201310_en.pdf">Learn more a=
bout password managers from this month's OUCH! article</a>.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "></p>
<p style=3D"margin: 0px; font-family: Arial; ">=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</p=
>
<p style=3D"margin: 0px; font-family: Arial; ">Read all Security FYI Newsle=
tter articles and submit comments online at
<a href=3D"http://securityfyi.wordpress.com/">http://securityfyi.wordpress.=
com/</a>.</p>
<p style=3D"margin: 0px; font-family: Arial; ">=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</p=
>
<p></p>
</div>
<div><span class=3D"Apple-style-span" style=3D"border-collapse: separate; f=
ont-family: Calibri; font-size: medium; border-spacing: 0px; "><span class=
=3D"Apple-style-span" style=3D"border-collapse: separate; border-spacing: 0=
px; font-family: Helvetica; font-size: 14px; ">
<div style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line=
-break: after-white-space; ">
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; border=
-spacing: 0px; "><span class=3D"Apple-style-span" style=3D"border-collapse:=
separate; border-spacing: 0px; "><span class=3D"Apple-style-span" style=3D=
"border-collapse: separate; border-spacing: 0px; "><span class=3D"Apple-sty=
le-span" style=3D"border-collapse: separate; border-spacing: 0px; "><span c=
lass=3D"Apple-style-span" style=3D"border-collapse: separate; border-spacin=
g: 0px; "><span class=3D"Apple-style-span" style=3D"border-collapse: separa=
te; border-spacing: 0px; font-size: 12px; ">
<div><br>
</div>
<div><br>
</div>
<div>Monique Yeaton</div>
<div>IT Security Communications Consultant</div>
<div>MIT Information Services & Technology (IS&T)</div>
<div>(617) 253-2715</div>
<div>http://ist.mit.edu/security</div>
<div><br class=3D"khtml-block-placeholder">
</div>
<br class=3D"Apple-interchange-newline">
</span></span></span></span></span></span></div>
</span></span></div>
</body>
</html>
--_000_3ACED3B2A8CEFB4598A845F07FD4A05F3243321DOC11EXPO24excha_--
--===============0384336046==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
ist-security-fyi mailing list
ist-security-fyi@mit.edu
To Unsubscribe http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
--===============0384336046==--
