[IS&T Security-FYI] SFYI Newsletter, September 8, 2009

Monique Yeaton myeaton at MIT.EDU
Tue Sep 8 15:58:42 EDT 2009 

In this issue:

1. September 2009 Security Patches
2. The Dangerous iFrame
3. Risky Celebrity Searches
4. Phishing Attacks Diminishing?


-----------------------------------------------
1. September 2009 Security Patches
-----------------------------------------------

  ---- Microsoft ----

  Systems affected:

  * Windows 2000
  * Windows XP
  * Windows Server 2003
  * Windows Vista
  * Windows Server 2008

As part of its monthly security bulletin release cycle, Microsoft will  
be releasing 5 critical updates today (Tuesday, September 8th).

Read the advance bulletin in full here:
<http://www.microsoft.com/technet/security/bulletin/ms09-sep.mspx>

  ---- Apple ----

Systems affected:

  * Mac OS X 10.5.8

On September 3rd, Apple released Java for Mac OS X 10.5 Update 5 to  
address various vulnerabilities in Java 1.6.0_13, Java 1.5.0_19 and  
Java 1.4.2_21.

The update can be downloaded from Support Downloads <http://support.apple.com/downloads/ 
 > or Software Update.


---------------------------------
2. The Dangerous iFrame
---------------------------------

While the risks of iFrames (a standard html element that embeds a  
document inside the presentation of another html document, also see: <http://en.wikipedia.org/wiki/HTML_element#Frames 
 >) on web pages is nothing new, ScanSafe recently posted a blog entry  
about finding nearly 55,000 compromised web site pages due to a potent  
"trojan cocktail" consisting of backdoors, password stealers, and a  
downloader. The iFrame on these web sites points to an intermediary  
exploit site, which in turn loads additional exploits and malware from  
up to seven different malware domains. The vulnerability is Windows- 
only and will exploit an unprotected system.

Read the blog entry from ScanSafe here:
<http://blog.scansafe.com/journal/2009/8/21/up-to-55k-compromised-by-potent-backdoordata-theft-cocktail.html 
 >

Per Mike Kassner of TechRepublic.com, this information is fascinating  
in that we can repeat the experiment ScanSafe used to easily find how  
many Web pages are currently infected. Enter “script src=http://a0v.org/x.js 
” in your favorite search engine and check the number of search  
results that come up. (DO NOT CLICK on any of the urls in the list!)

Read TechRepublic's response blog entry here:
<http://blogs.techrepublic.com.com/security/?p=2213&tag=nl.e036>

Are you a web developer using iFrames in your sites? If so, you may  
want to ensure you're taking the right precautions against an exploit.  
If you need additional reasons, some can be found here:
<http://www.thespanner.co.uk/2007/10/24/iframes-security-summary/>


-----------------------------------
3. Risky Celebrity Searches
-----------------------------------

In response to a report released by computer security company McAfee,  
the mainstream media has recently been listing some of the most  
dangerous celebrities to look for on the Internet. This is not actual  
news, as celebrity searches have been a risk for quite some time. Any  
time you conduct a search online for a popular term, you will notice  
the amount of bogus advertising and web sites that will appear.

According to Boston.com: "Some people use the popularity of the Web to  
lure unsuspecting surfers to their sites, where they then unleash  
their viruses, spyware, spam, and other threats." The news site lists  
the top 16 celebrities from the McAfee report here:
<http://www.boston.com/business/technology/gallery/mostdangerouscelebrities/ 
 >


-----------------------------------------
4. Phishing Attacks Diminishing?
-----------------------------------------

A report from IBM indicates that phishing attacks appear to be  
declining. Cyber criminals now appear to be leaning toward malicious  
links and Trojan horse programs designed to steal passwords and other  
sensitive information. The X-Force report says that in 2008, phishing  
attacks accounted for 0.5 percent of all spam; during the first half  
of 2009, that figure fell to 0.1 percent. The report also says that  
the number of malicious links on the web is up 508 percent in the  
first half of 2009.

Read the full story here:
<http://voices.washingtonpost.com/securityfix/2009/08/phishing_attacks_on_the_wane.html 
 >

[News source: SANS NewsBites]

= 
= 
= 
========================================================================

Find current and older issues of Security FYI Newsletter: <http://kb.mit.edu/confluence/x/ehBB 
 >


=========================
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security

---------------------------------------
Important: DO NOT GIVE OUT YOUR PASSWORDS!
Ignore emails asking you to provide yours. IS&T will *NEVER* ask you  
for your password.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20090908/698e9a12/attachment.htm
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 1846 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20090908/698e9a12/attachment.bin

More information about the ist-security-fyi mailing list