[8170] in Security FYI
[IS&T Security-FYI] SFYI Newsletter, October 28, 2013
daemon@ATHENA.MIT.EDU (Monique Yeaton)
Mon Oct 28 16:01:03 2013
Resent-From: ist-security-fyi@MIT.EDU
From: Monique Yeaton <myeaton@MIT.EDU>
To: ist-security-fyi <ist-security-fyi@MIT.EDU>
Date: Mon, 28 Oct 2013 19:46:24 +0000
Message-ID: <3ACED3B2A8CEFB4598A845F07FD4A05F32447E0F@OC11EXPO24.exchange.mit.edu>
Content-Language: en-US
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============1796028056=="
Errors-To: ist-security-fyi-bounces@MIT.EDU
--===============1796028056==
Content-Language: en-US
Content-Type: multipart/alternative;
boundary="_000_3ACED3B2A8CEFB4598A845F07FD4A05F32447E0FOC11EXPO24excha_"
--_000_3ACED3B2A8CEFB4598A845F07FD4A05F32447E0FOC11EXPO24excha_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
In this issue:
1. Security for your iPhone using iCloud
2. Apple Releases New OS
3. CryptoLocker Ransomware
-----------------------------------------------------
1. Security for your iPhone using iCloud
-----------------------------------------------------
Security on iPhones is getting more sophisticated with each new operating s=
ystem and iPhone release.
Find my iPhone in iOS 7 has a new feature called Activation Lock. This make=
s it more difficult for someone else to use or sell your iPhone, iPad or iP=
od touch if it was stolen or you lost it.
Activation Lock requires your Apple ID and password before anyone can:
* Turn off Find my iPhone on your device
* Erase your device
* Reactivate and use your device
Learn more about Activation Lock<http://support.apple.com/kb/HT5818?viewloc=
ale=3Den_US>.
If you ever misplace your device or think it was stolen, you should put it =
in Lost Mode immediately using Find my iPhone. This locks your screen with =
a four-digit passcode.
Learn more on how to remotely locate, lock or wipe your device via iCloud<h=
ttp://kb.mit.edu/confluence/display/istcontrib/How+to+remotely+locate%2C+lo=
ck%2C+or+wipe+your+iPhone+via+iCloud>.
The new iPhones just came out! You may be thinking of selling your old iPho=
ne and want to make sure it's been completely wiped before you do. Caution:=
remove the data just from the device, not from all iCloud servers.
What to do before selling or giving away your Apple device<http://support.a=
pple.com/kb/HT5661?viewlocale=3Den_US>.
The newest iPhone (iPhone 5S) has a built-in fingerprint identity sensor. T=
he thinking behind the sensor is that entering a passcode on a phone is slo=
w, and you probably check your phone dozens if not more times per day. The =
Touch ID home button unlocks your phone using your fingerprint.
Learn more about Touch ID on iPhone 5S<http://support.apple.com/kb/HT5883>.
------------------------------------
2. Apple Releases New OS
------------------------------------
Earlier this month, Apple released the newest version of their operating sy=
stem for both the iOS platform (7.0.3) and desktop (OS X 10.9, aka Maverick=
s). Many security vulnerabilities<http://support.apple.com/kb/HT6011> are f=
ixed in these releases. Both releases are free.
Information Services & Technology recommends users at MIT wait to upgrade t=
o Mavericks on their desktops because of compatibility concerns with crucia=
l applications in the MIT environment. Limited support is being provided to=
early adopters and users whose computer comes installed with Mavericks.
Support documentation for OS X Mavericks<http://kb.mit.edu/confluence/x/ox4=
YCQ>.
----------------------------------------
3. CryptoLocker Ransomware
----------------------------------------
Ransomware known as CryptoLocker has been spreading to Windows computers. T=
he malware encrypts files on infected machines and the attackers demand $30=
0 to release the data. CryptoLocker generally spreads through botnets and a=
s attachments to phishing emails.
If you haven't installed it yet, download Sophos Anti-Virus<http://ist.mit.=
edu/sophos> from the IS&T Software Download site to protect yourself agains=
t the ransomware.
Read more in the news and watch a video of CryptoLocker in action<http://ww=
w.theregister.co.uk/2013/10/18/cryptolocker_ransmware/>.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D
Read all Security FYI Newsletter articles and submit comments online at htt=
p://securityfyi.wordpress.com/.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D
Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
--_000_3ACED3B2A8CEFB4598A845F07FD4A05F32447E0FOC11EXPO24excha_
Content-Type: text/html; charset="us-ascii"
Content-ID: <E8B9C1F601F2BE448C0E9762A01A08CB@exchange.mit.edu>
Content-Transfer-Encoding: quoted-printable
<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
</head>
<body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-lin=
e-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-fami=
ly: Garamond, sans-serif; ">
<div>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; ">In thi=
s issue:</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">1. Security for your iPh=
one using iCloud</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">2. Apple Releases New OS=
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">3. CryptoLocker Ransomwa=
re</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
-----------------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">1. Security for your iPh=
one using iCloud</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
-----------------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Security on iPhones is g=
etting more sophisticated with each new operating system and iPhone release=
.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Find my iPhone in iOS 7 =
has a new feature called Activation Lock. This makes it more difficult for =
someone else to use or sell your iPhone, iPad or iPod touch if it was stole=
n or you lost it. </p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Activation Lock requires=
your Apple ID and password before anyone can:</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<ul>
<li style=3D"margin: 0px; font-family: Helvetica; ">Turn off Find my iPhone=
on your device
</li><li style=3D"margin: 0px; font-family: Helvetica; ">Erase your device =
</li><li style=3D"margin: 0px; font-family: Helvetica; ">Reactivate and use=
your device </li></ul>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; "><a href=3D"http://suppor=
t.apple.com/kb/HT5818?viewlocale=3Den_US">Learn more about Activation Lock<=
/a>.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">If you ever misplace you=
r device or think it was stolen, you should put it in Lost Mode immediately=
using Find my iPhone. This locks your screen with a four-digit passcode.&n=
bsp;</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; "><a href=3D"http://kb.mit=
.edu/confluence/display/istcontrib/How+to+remotely+locate%2C=
3;lock%2C+or+wipe+your+iPhone+via+iCloud">Learn mor=
e on how to remotely locate, lock or wipe your device via iCloud</a>.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">The new iPhones just cam=
e out! You may be thinking of selling your old iPhone and want to make sure=
it's been completely wiped before you do. Caution: remove the data just fr=
om the device, not from all iCloud
servers.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; "><a href=3D"http://suppor=
t.apple.com/kb/HT5661?viewlocale=3Den_US">What to do before selling or givi=
ng away your Apple device</a>.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">The newest iPhone (iPhon=
e 5S) has a built-in fingerprint identity sensor. The thinking behind the s=
ensor is that entering a passcode on a phone is slow, and you probably chec=
k your phone dozens if not more times
per day. The Touch ID home button unlocks your phone using your fingerprin=
t.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; "><a href=3D"http://suppor=
t.apple.com/kb/HT5883">Learn more about Touch ID on iPhone 5S</a>.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">2. Apple Releases New OS=
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Earlier this month, Appl=
e released the newest version of their operating system for both the iOS pl=
atform (7.0.3) and desktop (OS X 10.9, aka Mavericks). Many
<a href=3D"http://support.apple.com/kb/HT6011">security vulnerabilities</a>=
are fixed in these releases. Both releases are free.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Information Services &am=
p; Technology recommends users at MIT wait to upgrade to Mavericks on their=
desktops because of compatibility concerns with crucial applications in th=
e MIT environment. Limited support is
being provided to early adopters and users whose computer comes installed =
with Mavericks.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; "><a href=3D"http://kb.mit=
.edu/confluence/x/ox4YCQ">Support documentation for OS X Mavericks</a>.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
----------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">3. CryptoLocker Ransomwa=
re</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
----------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Ransomware known as Cryp=
toLocker has been spreading to Windows computers. The malware encrypts file=
s on infected machines and the attackers demand $300 to release the data. C=
ryptoLocker generally spreads through
botnets and as attachments to phishing emails.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">If you haven't installed=
it yet, download
<a href=3D"http://ist.mit.edu/sophos">Sophos Anti-Virus</a> from the IS&=
;T Software Download site to protect yourself against the ransomware.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; "><a href=3D"http://www.th=
eregister.co.uk/2013/10/18/cryptolocker_ransmware/">Read more in the news a=
nd watch a video of CryptoLocker in action</a>.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Arial; ">=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</p=
>
<p style=3D"margin: 0px; font-family: Arial; ">Read all Security FYI Newsle=
tter articles and submit comments online at
<a href=3D"http://securityfyi.wordpress.com/">http://securityfyi.wordpress.=
com/</a>.</p>
<p style=3D"margin: 0px; font-family: Arial; ">=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</p=
>
</div>
<div><br>
</div>
<div><span class=3D"Apple-style-span" style=3D"border-collapse: separate; f=
ont-family: Calibri; font-size: medium; border-spacing: 0px; "><span class=
=3D"Apple-style-span" style=3D"border-collapse: separate; border-spacing: 0=
px; font-family: Helvetica; font-size: 14px; ">
<div style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line=
-break: after-white-space; ">
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; border=
-spacing: 0px; "><span class=3D"Apple-style-span" style=3D"border-collapse:=
separate; border-spacing: 0px; "><span class=3D"Apple-style-span" style=3D=
"border-collapse: separate; border-spacing: 0px; "><span class=3D"Apple-sty=
le-span" style=3D"border-collapse: separate; border-spacing: 0px; "><span c=
lass=3D"Apple-style-span" style=3D"border-collapse: separate; border-spacin=
g: 0px; "><span class=3D"Apple-style-span" style=3D"border-collapse: separa=
te; border-spacing: 0px; font-size: 12px; ">
<div><br>
</div>
<div>Monique Yeaton</div>
<div>IT Security Communications Consultant</div>
<div>MIT Information Services & Technology (IS&T)</div>
<div>(617) 253-2715</div>
<div>http://ist.mit.edu/security</div>
<div><br class=3D"khtml-block-placeholder">
</div>
<br class=3D"Apple-interchange-newline">
</span></span></span></span></span></span></div>
</span></span></div>
</body>
</html>
--_000_3ACED3B2A8CEFB4598A845F07FD4A05F32447E0FOC11EXPO24excha_--
--===============1796028056==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
ist-security-fyi mailing list
ist-security-fyi@mit.edu
To Unsubscribe http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
--===============1796028056==--
