[IS&T Security-FYI] SFYI Newsletter, November 21, 2008
Monique Yeaton
myeaton at MIT.EDU
Fri Nov 21 15:03:54 EST 2008
In this issue:
1. Biggest Spammers Shut Down (Temporarily)
2. Emerging Cyber Threats for 2009
3. Patches for New Browsers
------------------------------------------------------------
1. Biggest Spammers Shut Down (Temporarily)
------------------------------------------------------------
The amount of spam being sent worldwide dropped noticeably about a
week ago after McColo, a northern California-based hosting provider
identified as hosting spamming organizations, was cut off by its
Internet providers. It is estimated that McColo hosted the machines
responsible for 75 percent of spam sent worldwide. The relief is
likely to be temporary, as operations that send the unsolicited
commercial email seek out other avenues to help them spread their wares.
McColo's connection to spamming mainly comes from its hosting several
of the biggest botnets: groups of hacked computers (also called
'zombies') that are tied to a single command center. Aside from
hosting bot, spam and malware activity, McColo reportedly also hosted
illegal content, such as child pornography.
The decisions to pull the plugs on the hosting companies were made by
their service providers, not by security researchers or law
enforcement. The effort may not be enough to completely eradicate
spammers and other cyber criminals. In fact, many operations that are
shut down by one service provider often resurface a short time later
at another location on the Internet.
Read full story:
<http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=network_security&articleId=9120542&taxonomyId=142&intsrc=kc_top
>
If you're interested in the activities attributed to McColo, the
Washington Post which first released the story has put together a flow
chart, available here:
<http://voices.washingtonpost.com/securityfix/2008/11/the_badness_that_was_mccolo.html
>
----------------------------------------------
2. Emerging Cyber Threats for 2009
----------------------------------------------
Internet-surfing cell phones were one of five top “emerging cyber
threats” named in a new report by Georgia Tech’s Information Security
Center. The number of people who own iPhones or other smart phones is
growing rapidly, and users are beginning to store and send personal
information from the devices, making them a potentially rich target
for cyber-attackers. "As these devices have richer functionality,
you’re going to be able to install applications, and we’re going to
run into the same kind of problems that laptops and desktops have,"
said Mustaque Ahamad, director of the center, in an interview.
Another top threat cited in the report was malware, software designed
to harm or take over a computer. Malware is usually disguised as
something a user would want to open, like an e-mail attachment or a
link on a Web site. These days cyber-criminals are using Facebook and
other social networks to distribute malware. "The recipient clicks on
the link supposedly sent by his/her friend, and then sees a prompt to
install the latest version of Flash Player in order to watch the video
clip," the report says. "The user clicks to install the update, but
actually installs a piece of malware on the machine." The report
expects a tenfold increase in the detection of malware in 2008
compared to 2007.
The good news: Microsoft operating system security has improved and
auto-update features help both corporate and consumer end users stay
up to date with patches. Many software vendors including Firefox,
Adobe and Apple, are also shipping auto-patch/update capability with
each new software release.
If you're interested in reading the report, I have obtained a copy
(PDF) and posted it online here:
<http://web.mit.edu/myeaton/Public/CyberThreatsReport2009.pdf>
-------------------------------------
3. Patches for New Browsers
-------------------------------------
Both Google Chrome and Apple Safari for Windows have had security
problems. Google patched Chrome last week Tuesday to prevent attackers
from stealing files from PCs running the open-source browser.
<http://www.networkworld.com/news/2008/111408-google-patches-chrome-file-stealing.html?code=nlsecuritynewsal170179
>
On Friday, Apple added anti-phishing protection to Safari, the last
major browser to receive the feature that blocks known identity-
stealing sites. The company also patched 11 security bugs in the
program, the bulk of them specific to the Microsoft Windows version.
<http://www.networkworld.com/news/2008/111408-apple-plays-catch-up-adds-anti-fraud.html?code=nlsecuritynewsal170182
>
Comment from Ed Skoudis of SANS: "It is probably a good idea to not
rely on a browser for your main web surfing until it has aged a bit,
giving the vendor time to work out the most egregious security flaws.
How much time? My gut says about a year is needed before a browser
becomes reasonably (but not perfectly) scrubbed. Until then, have fun
playing with these shiny new toys on an experimental box."
IS&T also suggests that MIT users do not run browser applications on
browsers that are not yet tested by the IS&T Software Release Team,
which checks for compatibility with the other software MIT uses before
it recommends or fully supports them. To learn what software IS&T
recommends and supports see:
<http://web.mit.edu/ist/topics/software/>
=========================
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://web.mit.edu/ist/security
---------------------------------------
Important: DO NOT GIVE OUT YOUR PASSWORDS!
Ignore emails asking you to provide yours. IS&T will *NEVER* ask you
for your password.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20081121/0a5f353e/attachment.htm
More information about the ist-security-fyi
mailing list